OG access control interferes with search indexing - little more detective work

When I switch of OG access control all new nodes get indexed, whe I switch it back new added nodes are not indexed any more, but instead I got error in log from taxonomy module.

Modules installed(enabled) in my case:
- attachment
- block
- book
- bookmarks
- comment
- contact
- filemanager
- filter
- help
- image
- menu
- node
- og
- og_basic
- page
- path
- profile
- search
- smtp
- story
- system
- taxonomy
- tinymce
- tracker
- user
- watchdog
- workspace

Putting number of debuging prints etc etc. - found that node data is not being loded by node_load (called from node_update_index, called from serach_cron). Select statement generated form noda date load looks something like this:

SELECT n.nid, n.vid, n.type, n.status, n.created, n.changed, n.comment, n.promote, 
       n.moderate, n.sticky, r.timestamp AS revision_timestamp, r.title, r.body, 
       r.teaser, r.log, r.format, u.uid, u.name, u.picture, u.data 
  FROM node n INNER JOIN users u ON u.uid = n.uid 
              INNER JOIN node_revisions r ON r.vid = n.vid 
 WHERE n.nid=%d

this statement works just fine, however after db_query_rewrite SQL statement looks like this:

SELECT DISTINCT(n.nid), n.vid, n.type, n.status, n.created, n.changed, n.comment, n.promote,
       n.moderate, n.sticky, r.timestamp AS revision_timestamp, r.title, r.body, 
       r.teaser, r.log, r.format, u.uid, u.name, u.picture, u.data 
  FROM node n INNER JOIN users u ON u.uid = n.uid 
              INNER JOIN node_revisions r ON r.vid = n.vid 
              INNER JOIN node_access na ON na.nid = n.nid 
 WHERE (na.grant_view >= 1 
   AND ((na.gid = 0 AND na.realm = 'all') OR 
        (na.gid = 0 AND na.realm = 'og_public') OR 
        (na.gid = 0 AND na.realm = 'og_all'))) 
   AND n.nid = %d;

and this statement returns empty set - just for the record for this particular node which I traced:

+-----+-----+---------------+------------+--------------+--------------+
| nid | gid | realm         | grant_view | grant_update | grant_delete |
+-----+-----+---------------+------------+--------------+--------------+
|  60 |   1 | og_subscriber |          1 |            1 |            1 |
+-----+-----+---------------+------------+--------------+--------------+

So I hope someone familiar with Organic group access control may give some input here.

Sincerely
Maris

Probably the most reasonable approach would be to disable rewriting during CRON run - directly in node.module (or at least add additional parameter &rewrite=true to node_load (and change call appropriately). As In understand similarar not idexeing behaviour have cropped out also for people not usig OG, but other access control schemas, reason mey be same.

Yes there is patch created at http://drupal.org/node/64857

Hi,

This uploaded module actually was from 4.7.0 distribution, I have patch for 4.7.1 (attached)

It worked for me, so it is difficult to say what may be reason, if it is not working for You.

Sincerely
Maris

Hi,

Hi, those nodes are not marked as public, however I think You are wrong becouse those nodes still have to be included in search index, otherwise even authprised users are not able to find them - e.g. decision about weather to show node in search result is shown should be determined when search is executed, not when index is made.

Maris