Home » Download » Modules » Activity » Issues

Views argument only displays partial content for logged in user

rjbrown99 - November 12, 2009 - 07:20
Project:Activity
Version:6.x-2.x-dev
Component:Code
Category:bug report
Priority:normal
Assigned:Unassigned
Status:active
Description

Interesting issue with views arguments. I'm on the latest Activity -dev for 11/11 with commit #287944.

Take the default all_activity view, change the page path to activity/%/all, and add an argument. I used "Activity: Activity Actor", Provide Default Argument, User ID from URL, Basic validation.

Now let's say I am logged in as UID 16. The view works 100% fine for all UIDs OTHER than 16 (/activity/14/all, etc). When I use User ID 16, I see the first few activity messages and then just blanks for everything else. In other words, the argument only pulls in a few activity messages when looking at your own stuff.

I also tried an argument of User: UID but the same thing happened. To prove it wasn't a theming issue I did switch back to Garland with the same result.

Please let me know if you need more to reproduce it. Thanks!

» Login or register to post comments

#1

sirkitree - November 12, 2009 - 16:45

Can you provide the query that Views is generating when logged in as uid16, one with the uid of another user as the argument and another one with yourself?

Login or register to post comments

#2

rjbrown99 - November 12, 2009 - 19:11

Yes, here goes. In this case User ID 14 is a 'normal' authenticated user with no special privileges. To capture the query as the normal user I used the devel module and enabled collect query log and display query log. I grabbed both the count and query as they happen one before the other and I thought it might be relevant.

/activity/14/all (user that is the logged in user) - This returns partial results

SELECT COUNT(*) FROM (SELECT activity.aid AS aid FROM activity activity INNER JOIN node node_activity ON activity.nid = node_activity.nid INNER JOIN users users_activity ON activity.uid = users_activity.uid LEFT JOIN node_access node_activity__node_access ON node_activity.nid = node_activity__node_access.nid INNER JOIN activity_targets activity_targets ON activity.aid = activity_targets.aid AND (activity_targets.uid = 0 AND activity_targets.language = 'en') INNER JOIN activity_messages activity_messages ON activity_targets.amid = activity_messages.amid LEFT JOIN activity_targets activity_personal_targets ON activity.aid = activity_personal_targets.aid AND (activity_personal_targets.uid = 14 AND activity_personal_targets.language = 'en') LEFT JOIN activity_messages activity_personal_messages ON activity_personal_targets.amid = activity_personal_messages.amid LEFT JOIN node_access na ON na.nid = activity.nid WHERE ((activity.nid IS NULL OR (na.grant_view >= 1 AND ((na.gid = 0 AND na.realm = 'all') OR (na.gid = 14 AND na.realm = 'content_access_author') OR (na.gid = 2 AND na.realm = 'content_access_rid') OR (na.gid = 5 AND na.realm = 'content_access_rid'))))) AND ( (((node_activity__node_access.gid = 0 AND node_activity__node_access.realm = 'all') OR (node_activity__node_access.gid = 14 AND node_activity__node_access.realm = 'content_access_author') OR (node_activity__node_access.gid = 2 AND node_activity__node_access.realm = 'content_access_rid') OR (node_activity__node_access.gid = 5 AND node_activity__node_access.realm = 'content_access_rid')) AND (node_activity__node_access.grant_view >= 1)) AND (activity.uid = 14) )) count_alias

SELECT activity.aid AS aid,    COALESCE(activity_personal_messages.message, activity_messages.message) AS activity_messages_message,    activity.aid AS activity_aid  FROM activity activity   INNER JOIN node node_activity ON activity.nid = node_activity.nid  INNER JOIN users users_activity ON activity.uid = users_activity.uid  LEFT JOIN node_access node_activity__node_access ON node_activity.nid = node_activity__node_access.nid  INNER JOIN activity_targets activity_targets ON activity.aid = activity_targets.aid AND (activity_targets.uid = 0 AND activity_targets.language = 'en')  INNER JOIN activity_messages activity_messages ON activity_targets.amid = activity_messages.amid  LEFT JOIN activity_targets activity_personal_targets ON activity.aid = activity_personal_targets.aid AND (activity_personal_targets.uid = 14 AND activity_personal_targets.language = 'en')  LEFT JOIN activity_messages activity_personal_messages ON activity_personal_targets.amid = activity_personal_messages.amid    LEFT JOIN node_access na ON na.nid = activity.nid WHERE ((activity.nid IS NULL OR (na.grant_view >= 1 AND ((na.gid = 0 AND na.realm = 'all') OR (na.gid = 14 AND na.realm = 'content_access_author') OR (na.gid = 2 AND na.realm = 'content_access_rid') OR (na.gid = 5 AND na.realm = 'content_access_rid'))))) AND (  (((node_activity__node_access.gid = 0 AND node_activity__node_access.realm = 'all') OR (node_activity__node_access.gid = 14 AND node_activity__node_access.realm = 'content_access_author') OR (node_activity__node_access.gid = 2 AND node_activity__node_access.realm = 'content_access_rid') OR (node_activity__node_access.gid = 5 AND node_activity__node_access.realm = 'content_access_rid')) AND (node_activity__node_access.grant_view >= 1))     AND (activity.uid = 14)    )ORDER BY activity_aid DESC  LIMIT 0, 25

/activity/16/all (user that is not the logged in user) - This works as expected in terms of returning results. Again this was logged in as user ID #14 and viewing the activity of user ID #16.

SELECT COUNT(*) FROM (SELECT activity.aid AS aid  FROM activity activity   INNER JOIN node node_activity ON activity.nid = node_activity.nid  INNER JOIN users users_activity ON activity.uid = users_activity.uid  LEFT JOIN node_access node_activity__node_access ON node_activity.nid = node_activity__node_access.nid  INNER JOIN activity_targets activity_targets ON activity.aid = activity_targets.aid AND (activity_targets.uid = 0 AND activity_targets.language = 'en')  INNER JOIN activity_messages activity_messages ON activity_targets.amid = activity_messages.amid  LEFT JOIN activity_targets activity_personal_targets ON activity.aid = activity_personal_targets.aid AND (activity_personal_targets.uid = 14 AND activity_personal_targets.language = 'en')  LEFT JOIN activity_messages activity_personal_messages ON activity_personal_targets.amid = activity_personal_messages.amid    LEFT JOIN node_access na ON na.nid = activity.nid WHERE ((activity.nid IS NULL OR (na.grant_view >= 1 AND ((na.gid = 0 AND na.realm = 'all') OR (na.gid = 14 AND na.realm = 'content_access_author') OR (na.gid = 2 AND na.realm = 'content_access_rid') OR (na.gid = 5 AND na.realm = 'content_access_rid'))))) AND (  (((node_activity__node_access.gid = 0 AND node_activity__node_access.realm = 'all') OR (node_activity__node_access.gid = 14 AND node_activity__node_access.realm = 'content_access_author') OR (node_activity__node_access.gid = 2 AND node_activity__node_access.realm = 'content_access_rid') OR (node_activity__node_access.gid = 5 AND node_activity__node_access.realm = 'content_access_rid')) AND (node_activity__node_access.grant_view >= 1))     AND (activity.uid = 16)    )) count_alias

SELECT activity.aid AS aid,    COALESCE(activity_personal_messages.message, activity_messages.message) AS activity_messages_message,    activity.aid AS activity_aid  FROM activity activity   INNER JOIN node node_activity ON activity.nid = node_activity.nid  INNER JOIN users users_activity ON activity.uid = users_activity.uid  LEFT JOIN node_access node_activity__node_access ON node_activity.nid = node_activity__node_access.nid  INNER JOIN activity_targets activity_targets ON activity.aid = activity_targets.aid AND (activity_targets.uid = 0 AND activity_targets.language = 'en')  INNER JOIN activity_messages activity_messages ON activity_targets.amid = activity_messages.amid  LEFT JOIN activity_targets activity_personal_targets ON activity.aid = activity_personal_targets.aid AND (activity_personal_targets.uid = 14 AND activity_personal_targets.language = 'en')  LEFT JOIN activity_messages activity_personal_messages ON activity_personal_targets.amid = activity_personal_messages.amid    LEFT JOIN node_access na ON na.nid = activity.nid WHERE ((activity.nid IS NULL OR (na.grant_view >= 1 AND ((na.gid = 0 AND na.realm = 'all') OR (na.gid = 14 AND na.realm = 'content_access_author') OR (na.gid = 2 AND na.realm = 'content_access_rid') OR (na.gid = 5 AND na.realm = 'content_access_rid'))))) AND (  (((node_activity__node_access.gid = 0 AND node_activity__node_access.realm = 'all') OR (node_activity__node_access.gid = 14 AND node_activity__node_access.realm = 'content_access_author') OR (node_activity__node_access.gid = 2 AND node_activity__node_access.realm = 'content_access_rid') OR (node_activity__node_access.gid = 5 AND node_activity__node_access.realm = 'content_access_rid')) AND (node_activity__node_access.grant_view >= 1))     AND (activity.uid = 16)    )ORDER BY activity_aid DESC  LIMIT 0, 25

Now, here is the query when logged in as admin (UID1) and viewing /activity/14/all. This returns correct results.

SELECT COUNT(*) FROM (SELECT activity.aid AS aid FROM activity activity INNER JOIN node node_activity ON activity.nid = node_activity.nid INNER JOIN users users_activity ON activity.uid = users_activity.uid INNER JOIN activity_targets activity_targets ON activity.aid = activity_targets.aid AND (activity_targets.uid = 0 AND activity_targets.language = 'en') INNER JOIN activity_messages activity_messages ON activity_targets.amid = activity_messages.amid LEFT JOIN activity_targets activity_personal_targets ON activity.aid = activity_personal_targets.aid AND (activity_personal_targets.uid = 1 AND activity_personal_targets.language = 'en') LEFT JOIN activity_messages activity_personal_messages ON activity_personal_targets.amid = activity_personal_messages.amid WHERE activity.uid = 14 ) count_alias

SELECT activity.aid AS aid, COALESCE(activity_personal_messages.message, activity_messages.message) AS activity_messages_message, activity.aid AS activity_aid FROM activity activity INNER JOIN node node_activity ON activity.nid = node_activity.nid INNER JOIN users users_activity ON activity.uid = users_activity.uid INNER JOIN activity_targets activity_targets ON activity.aid = activity_targets.aid AND (activity_targets.uid = 0 AND activity_targets.language = 'en') INNER JOIN activity_messages activity_messages ON activity_targets.amid = activity_messages.amid LEFT JOIN activity_targets activity_personal_targets ON activity.aid = activity_personal_targets.aid AND (activity_personal_targets.uid = 1 AND activity_personal_targets.language = 'en') LEFT JOIN activity_messages activity_personal_messages ON activity_personal_targets.amid = activity_personal_messages.amid WHERE activity.uid = 14 ORDER BY activity_aid DESC LIMIT 0, 25

Here is user ID 35 logged in and viewing /activity/14/all. This returns correct results.

SELECT COUNT(*) FROM (SELECT activity.aid AS aid FROM activity activity INNER JOIN node node_activity ON activity.nid = node_activity.nid INNER JOIN users users_activity ON activity.uid = users_activity.uid LEFT JOIN node_access node_activity__node_access ON node_activity.nid = node_activity__node_access.nid INNER JOIN activity_targets activity_targets ON activity.aid = activity_targets.aid AND (activity_targets.uid = 0 AND activity_targets.language = 'en') INNER JOIN activity_messages activity_messages ON activity_targets.amid = activity_messages.amid LEFT JOIN activity_targets activity_personal_targets ON activity.aid = activity_personal_targets.aid AND (activity_personal_targets.uid = 35 AND activity_personal_targets.language = 'en') LEFT JOIN activity_messages activity_personal_messages ON activity_personal_targets.amid = activity_personal_messages.amid LEFT JOIN node_access na ON na.nid = activity.nid WHERE ((activity.nid IS NULL OR (na.grant_view >= 1 AND ((na.gid = 0 AND na.realm = 'all') OR (na.gid = 35 AND na.realm = 'content_access_author') OR (na.gid = 2 AND na.realm = 'content_access_rid'))))) AND ( (((node_activity__node_access.gid = 0 AND node_activity__node_access.realm = 'all') OR (node_activity__node_access.gid = 35 AND node_activity__node_access.realm = 'content_access_author') OR (node_activity__node_access.gid = 2 AND node_activity__node_access.realm = 'content_access_rid')) AND (node_activity__node_access.grant_view >= 1)) AND (activity.uid = 14) )) count_alias

SELECT activity.aid AS aid,    COALESCE(activity_personal_messages.message, activity_messages.message) AS activity_messages_message,    activity.aid AS activity_aid  FROM activity activity   INNER JOIN node node_activity ON activity.nid = node_activity.nid  INNER JOIN users users_activity ON activity.uid = users_activity.uid  LEFT JOIN node_access node_activity__node_access ON node_activity.nid = node_activity__node_access.nid  INNER JOIN activity_targets activity_targets ON activity.aid = activity_targets.aid AND (activity_targets.uid = 0 AND activity_targets.language = 'en')  INNER JOIN activity_messages activity_messages ON activity_targets.amid = activity_messages.amid  LEFT JOIN activity_targets activity_personal_targets ON activity.aid = activity_personal_targets.aid AND (activity_personal_targets.uid = 35 AND activity_personal_targets.language = 'en')  LEFT JOIN activity_messages activity_personal_messages ON activity_personal_targets.amid = activity_personal_messages.amid    LEFT JOIN node_access na ON na.nid = activity.nid WHERE ((activity.nid IS NULL OR (na.grant_view >= 1 AND ((na.gid = 0 AND na.realm = 'all') OR (na.gid = 35 AND na.realm = 'content_access_author') OR (na.gid = 2 AND na.realm = 'content_access_rid'))))) AND (  (((node_activity__node_access.gid = 0 AND node_activity__node_access.realm = 'all') OR (node_activity__node_access.gid = 35 AND node_activity__node_access.realm = 'content_access_author') OR (node_activity__node_access.gid = 2 AND node_activity__node_access.realm = 'content_access_rid')) AND (node_activity__node_access.grant_view >= 1))     AND (activity.uid = 14)    )ORDER BY activity_aid DESC  LIMIT 0, 25

Login or register to post comments

#3

rjbrown99 - November 12, 2009 - 19:25

I took a glance specifically at the first one (UID 14 not working) and the last one (UID 35 looking at UID14) and noticed one difference.

Here's the logged in UID #14 looking at their own stuff and not working.

OR (na.gid = 2 AND na.realm = 'content_access_rid') OR (na.gid = 5 AND na.realm = 'content_access_rid'))))) AND (  (((node_activity__node_access.gid = 0 AND node_activity__node_access.realm = 'all') OR (node_activity__node_access.gid = 14 AND node_activity__node_access.realm = 'content_access_author') OR (node_activity__node_access.gid = 2 AND node_activity__node_access.realm = 'content_access_rid') OR (node_activity__node_access.gid = 5 AND node_activity__node_access.realm = 'content_access_rid'))

Here's UID 35 looking at UID 14 and working.

OR (na.gid = 2 AND na.realm = 'content_access_rid'))))) AND (  (((node_activity__node_access.gid = 0 AND node_activity__node_access.realm = 'all') OR (node_activity__node_access.gid = 35 AND node_activity__node_access.realm = 'content_access_author') OR (node_activity__node_access.gid = 2 AND node_activity__node_access.realm = 'content_access_rid'))

Login or register to post comments

#4

Scott Reynolds - November 12, 2009 - 23:46
Status:active» by design

Ahh ok so is any of the users seeing content that they don't have access too. See activity will not show activity around nodes that the current user doesn't have access too. This is a feature. All the activity that isn't showing up for the given user is because, if they were to visit that node, they would get an access denied message.

Login or register to post comments

#5

rjbrown99 - November 13, 2009 - 00:30

Not in my case. The problem is that the user can't see their own activity messages but they can see everyone else just fine. When looking at someone else's activity view, they can see 100% of the content. When looking at your own activity messages (where the logged in user is looking at /activity/MYUID/all), you only see partial content returned. When other users look at your activity messages, they can see them just fine. The user has access to their own messages and no other controls should prevent that from being viewed. You should be able to reproduce this with the default view if you modify it to add an argument per my initial post.

Login or register to post comments

#6

rjbrown99 - November 14, 2009 - 08:41
Status:by design» active

I switched this back to active. I think perhaps my description was not coming across cleanly. I do think there is a bug here.

It is not that users are seeing content they do not have access to. It is that a user only sees partial results when their own UID is the argument to the view. The user would inherently have access to all of their own stuff and nodes as they were the ones to create the content in the first place.

What it looks like is the user sees the first few results of their own activity messages, and then there is no more. But the pager is appearing, and you can click to each page but there are no messages. The query is returning partial results.

Try reproducing - just enable the default all_activity view, change the page to /activity/%/all, add an argument of Activity: Activity Actor of provide default argument, user ID from URL. Now with your own logged in user, visit /activity/MYOWNUID/all and you see partial results.

Login or register to post comments

#7

rjbrown99 - November 15, 2009 - 01:31

I had an 'ah-ha' moment and I think I figured this out. It still may be a bug but different from what I would have thought.

All of my activity publisher templates were blank in the "author message" field. So I am creating a "public" message but nothing to show to the author. My new theory is that what is happening is that the view is running as intended and returning results, but since there was nothing stored in those fields it is coming back with blank results since it pulls in what should be shown to the author. It still looks to the view output like all of the items are there and the pager shows up, but there's no content. To the other users it shows the public message which is why it shows up.

Perhaps that makes more sense. Thoughts? In the event that a view finds empty fields, perhaps it should not return results or use the public message instead?

Login or register to post comments

#8

rjbrown99 - November 15, 2009 - 01:53

Perhaps one solution is to make every activity publisher template field required before it will save? Even if they are all the same that would capture a message and make sure views outputs something. Another idea would be to modify the views output where it shows the public message in the event the result is empty, but I'm not sure if that's possible.

Login or register to post comments

#9

Scott Reynolds - November 16, 2009 - 21:00

Hm I tested this out before. It should allow you to enter empty messages for all but the public message.

In activity_record()

<?php
if (!empty($message)) {
  $messages[$language_id][intval($types[$target_key]->uid)] = $message;
}
?>

..Strange, maybe it deals with the language stuff.

Login or register to post comments

#10

spp - November 27, 2009 - 20:23

I have a similar issue with a view, but which has nothing to do with arguments, that I can't seem to understand. I have a view which is a list of nodes of a specific CCK type (Instructor). If I am not logged in at all or if I am logged in as an authenticated user, the view works fine and I can see all of the instructors at our school. However, if I am logged in as the administrator account, I only see the first twenty one instructors. I can't imagine what kind of permission issue it could be if everyone except the administrator can see things. If only the admin could see it, I would understand, but not the other way around.

Login or register to post comments
 
 

Drupal is a registered trademark of Dries Buytaert.