content.module's content_access returns FALSE when it comes across the first hook_field_access === FALSE.
this prevents other modules from permitting access.
instead you must enable everyone to have access, then create modules to prevent access - which is opposite to drupals 'deny unless permitted approach'.
for example access is always denied unless a hook_node_access_records === TRUE.
2257 - 2262 of content.module should probably be changed to:-
foreach ($access as $value) {
if ($value === TRUE) {
return TRUE;
}
}
return FALSE;
this change allows modules to permit access to cck fields using hook_field_access.
Comments
Comment #1
markus_petrux commentedThis is by design. Note that there may be no module implementing hook_field_access(). That's why content_access() assumes access is granted, and this is unless any module implementing hook_field_access() returns FALSE explicitly.