Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
_taxonomy_access_get_nodes_for_role()
returns only nodes in terms specifically controlled in {term_access}. If a vocabulary default is set, nodes with other terms from that vocabulary are not properly updated.
Comment | File | Size | Author |
---|---|---|---|
#6 | tac_739874-6.patch | 4.84 KB | xjm |
#3 | tac_739874-3.patch | 5.31 KB | xjm |
Comments
Comment #1
xjmAttached patch adds nodes associated with entries in
{term_access_defaults}
to the list of nodes to update.Comment #2
xjmIt occurs to me that, if the role's global default is different from the authenticated user default, then a full node access rebuild should happen (since the role's permissions on every single node will change). So, we should check for this on role deletion.
Comment #3
xjmAttached patch includes the changes to
_taxonomy_access_get_nodes_for_role()
from #1, plus a check infunction taxonomy_access_admin_delete_role()
to see whether the global default for the role was the same as the authenticated user's. If it was, only nodes in controlled terms and vocabs are updated; if it wasn't; node access is flagged for rebuild.Comment #4
xjmComment #5
xjmI'm going to modify this slightly to remove grant_create and grant_list from the query comparing the role global default to the authenticated user's. There's no need to trigger
node_access_needs_rebuild()
unless one of the actual node access permissions is different.Comment #6
xjmAttached patch includes the change described in #5.
Comment #7
xjmTested the patch; it still works properly.
Comment #8
xjm#6 committed to 6.x-1.x-dev:
http://drupal.org/cvs?commit=341034