Do not display revision messages to anonymous user

Thank you for this, freakalis. A way more simple approach had been included in my patch (http://drupal.org/node/683336#comment-2789834) where these messages were only shown for the super admin user. Since this has been only a quick and dirty hack your patch does it the right way by creating a new permission.

Originally, I was just trying to hide it because it gets annoying when displaying a view with several node having a pending revision (then there is a message for EACH node with revisions pending). Maybe you even have a simple idea how to hide messages in views while you are on it? ;)

Nonetheless, I'm pretty sure this will find its way into the next release.

Regards,
Paul

Well while iam not totaly fine with the appraoch sin.star took with hiding them for all user except the admin, iam fine with the permission approach.
E.g. for my use case it is very important to know, that there are pending revisions.
I guess you should be fine with that also, or sin.star, as we can cover your usecase also?

I do not include all messages with the permissions,

t('The revision of this node has been created on @date by !author.')

should be shown in any way (when you look on some not live revision).

The issue with views has been fixed by me already (not released)

if(arg(0) == 'node' && is_numeric(arg(1))) {

}

the code looks that way now

     if (($node->vid != $live_vid) && user_access('view content moderation message created by')) {
        // Get username for the revision rather than the original node.
        $revision_author = user_load($node->revision_uid);
        drupal_set_message(
          t('The revision of this node has been created on @date by !author.',
            array(
             '@date'=> format_date($node->revision_timestamp, 'small'),
             '!author'=> theme('username', $revision_author)
            )
          )
        );
      }
      else if(user_access('view content moderation message pending')){
        $count = db_result(db_query('select count(vid) from {node_revisions} where vid>%d and nid=%d',$node->vid,$node->nid));
        if(arg(0) == 'node' && is_numeric(arg(1))) {
	        if($count == 1)
        	  drupal_set_message(t('This document has 1 pending revision',array('@count' => $count)));
	        else if($count > 1) {
        	  drupal_set_message(t('This document has @count pending revisions',array('@count' => $count)));
	        }
        }
      }

So we have 2 permissions now
- 'view content moderation message pending'
- 'view content moderation message created by'

So you both are free to hide every message you dont like :)

Thanks for the contribution!

if(arg(0) == 'node' && is_numeric(arg(1))) {

Where did you put this if statement for views exclusion? Around the whole following block in your post, I assume?
I've changed/added the code on github.

current code in http://github.com/EugenMayer/content_moderation/tree/rewrite

Using the latest release 6.x-1.4 (May 1 2010) I am still seeing these messages appearing to anonymous users.

Example: http://visioncore.cpunderconstruction.com/partners

I double checked and ensured that anonymous users had none of the content moderation module permissions.

This is a hack but adding the following to your stylesheet will calm your clients down at least.

body.not-logged-in .warning{display:none;}

I will look into that, no its rather a bug.

This looks to be fairly simple to fix... looking at hook_nodeapi () in case 'view' there is no permissions check for 2 of the 3 drupal_set_message(). The only one with permissions integration is the author info message.

I'm leaving for the day so I don't have time to touch on this.. anyone feel up to writing 2 if statements? :)

BUT i think the larger issue at hand is that anonymous users can see content that is not set to live!

that anons should not see "not live" version should be also an option, this is not the case for all use cases ( it is for mine e.g. )
We should try to make this all configureable so this module fits into several cases.

Since we are getting off-topic with this, I give you #861380

See this patch for an all-in one fix http://drupal.org/node/861380#comment-3235962

Eventhough it was not a bug, i fixed it introducing a new permision. Devkinetic was totaly reight, only 2 of 3 had permission checks. We have no 3 permisisons:

'view content moderation message created by' -> thats the author message
'view content moderation message pending' -> thats the message that a live version has also pending revisions
'view content moderation message no live yet' -> thats actually the missing one, hiding the "no approved version" message

Iam not applying the patch of 861380 due to the named reasons. Hopefuly we will find a better solution there, so we can add this interesting functionality also