Posted by lasconic on December 19, 2009 at 12:40am
9 followers
| Project: | Services |
| Version: | 7.x-3.x-dev |
| Component: | Code |
| Category: | bug report |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | closed (fixed) |
| Issue tags: | needs backport to D6 |
Issue Summary
I'm using services + services_auth + rest server + node_resource service.
After using the patch #662612: Unable to create a node with node_resource module, I can create a node, but the node is always associated with user 0 (anonymous).
I added the two following lines in _node_resource_create and it works. (this might be needed in node_services as well)
<?php
function _node_resource_create($node) {
$node = (object)$node;
//assign username to the node from $user created at auth step.
global $user;
$node->name = $user->name;
if (!isset($node->type)) {
return services_error('Missing node type', 406);
}
?>
Comments
#1
If you are passing a node into the node resource, it should already be assigned to a user. When saved by services, if that user does not exist, then the node will be saved as anonymous. I personally think that this is as it should be. If I have a node on the client authored by 'heyrocker', and i log into services as admin save that node, why would I want it to suddenly be authored by 'admin'? I want it to retain its authorship. If you want the node to be saved as authored by the logged in user, I suggest adding a some code in the 'presave' $op of nodeapi.
On top of that I'm not sure what the affects of setting $node->name are. You should really be setting $node->uid.
#2
Thanks for your quick answer. Maybe I was not clear in my bug description, let me try to explain further.
I totally agree with your statement for node_service and node.save. It's as it should be. So delete my sentence about the fact it might apply to node_services. Even for node.update in node_resource, your description is ok. But...
For node_resource_service and node.create, the node does not exist, but it's created from scratch. It does not have an author and somehow the author needs to set. By the way, the two lines I added don't interfer with the node.save process but affect only node_resource.
I used $node->name instead of $node->uid, because drupal_execute is called just after and it expects name to be filled according to the examples in the doc.
Hope it was more clear.
#3
Another start point for this discussion would be to try to reproduce the issue. @lasconic Can you share the arguments that you pass on to your services setup?
#4
I do a POST with very few things : title & body to create nodes, not update them.
To reproduce, install services, node_resource, services_oauth and oauth_commons.
I setup OAuth for node.create at Full access + token & key.
Then with my client I go through the OAuth authentication and when done, I send the following request to Drupal.
POST /services/rest/node.json with content type multipart/form-data and two parameters title and body.
Of course the Authorization header is set accordingly
Actual result: a node is created associated with uid=0 (anonymous).
Expected result: the node uid should be the one of the logged user, just like when creating a node via form.
In all case, thank you heyrocker for your nodeapi/presave suggestion, it can be a clean way to solve it for the moment.
#5
What if I add a line that says "if the node->uid is set then use that, otherwise use the logged in user"? That seems like a good compromise.
#6
Looks fine to me. Even better than my first proposition.
My only small concern is about the use of uid instead of name, but it should be ok.
#7
Would #5 cover creating a node as well? I have a flash app that is in a custom drupal content type, talking to drupal via services. It needs to create a custom node type with the logged in uid. No problem getting the id (flashvar) but I can't login the user without asking for pwd, and logged in as admin the new node comes up anonymous anyway (but it is a custom node type and a custom service that simplifies node_service).
#8
Yes actually #5 would only be for creating a node. Services should not change a node's authorship after creation unless specifically told to.
#9
Patch attached although I have not tested it. Let me know how it works.
#10
This is fine and I committed it.
#11
Automatically closed -- issue fixed for 2 weeks with no activity.
#12
My services suite is as followed:
OAuth Authentication 6.x-1.0-beta6
Services 6.x-2.0
REST Server 6.x-2.0-beta3
OAuth Common 6.x-1.0-beta5
Input stream helper 6.x-1.0
Chaos tools 6.x-1.0-alpha3
Autoload 6.x-1.3
I have the same problem as reported in the original issue and created a new patch taking the remarks into account of heyrocker in #1.
Original problem: a node created via services/rest/node.json is assigned to user 0, rather than the user sending the request.
The patch checks whether the node is assigned to a user, even if it's an anonymous user. If no user is assigned, it's assigning the logged in user.
#13
set to 'needs review' for simple test
#14
The last submitted patch, node_resource-missing-user.patch, failed testing.
#15
Re-rolled patch for 2.x-dev
#16
Setting to review for patch testing
#17
Committed and fixed
#18
Automatically closed -- issue fixed for 2 weeks with no activity.
#19
I had the same problem with 7.x-3.x. The attached reroll of the #15 patch fixed this for me.
#20
This is only in 2.x so it needs backporting to d6 3.x branch.
#21
Committed to both branches thanks.
#22
Automatically closed -- issue fixed for 2 weeks with no activity.