To recreate:
1. Create 2 roles: admin, user
2. Create user type "test"
3. add text field (but reproduces with other data types) to "test" named "field1"
4. set permissions as follows
- create test, edit own test : admin, user
- edit any test, delete any test, delete own test: admin
- view any field1, view own field1, edit own field1: admin, user
- edit any field1: admin
5. User should be able to view field1 but not edit it although user can edit node title and body. Admin should be able to view and edit all fields.
6. Create view "testview" at page "testview"
7. on testview set style to "Table" (reproduces for all styles, so long as row type is set to fields)
8. on testview add node: title and content: field1 to fields
9. on testview add node: type = test filter
10. when logged in as admin, create test node and populate fields
11. view testview, all appears as it should
12. logout, and login as user
13. view testview, field1 value does not appear
14. edit testview so that style is unformatted and row style is node
15. logged in as user view testview again, field1 value now appears

CommentFileSizeAuthor
#1 Screen shot 2010-08-19 at 11.09.29 PM.png17.87 KBzipymonkey

Comments

zipymonkey’s picture

zipymonkey commented
Version: 6.x-2.x-dev » 6.x-1.0-beta1
Issue tags: +view own
StatusFileSize
new Screen shot 2010-08-19 at 11.09.29 PM.png17.87 KB

I was able to duplicate the same issue in version 6.x-1.0-beta1 and 6.x-2.x-dev.

The fields will also appear if the 'Edit Any' permission is set for the field(s) in question. The attached image illustrates what is going on. The fields are not being hidden (since the column is appearing) but no values are being displayed.

zipymonkey’s picture

zipymonkey commented

I was able to get this to work... though I've only done some basic testing. I added the following line into the own_field_access.module file (at line 30).

case 'view':
+ return user_access($op .' own '. $field['field_name'], $account);
case 'edit':

I'll do some more testing to see if there are any issues with this...

zipymonkey’s picture

zipymonkey commented
Version: 6.x-1.0-beta1 » 6.x-2.x-dev

Yeah, that didn't work. This just removed the check that the node-author is the same as the current user.

Field Permissions does not seem to have this problem so I'm going to have to use that module. Also looking at this comment it appears that the field permissions are checked twice by Views. Once at access check and another time by the content_format function. Might be useful.

http://drupal.org/node/501404#comment-2122962