By webclaus on

Finally the node-level permissions made it into core. Thank you, thank you, thank you :)

My scenario is simple: I need to hide some forums from certain users.

JonBob already made the solution for me with the example module he made for taxonomy - simply select the forum taxonomy as the permission taxonomy as well and everything is fine.

However, I can't figure out how to hide the taxonomy terms themselves - that is, prevent the forums to get listed on the forum page and in the drop downs when people add new forum topics.

For the latter part I thought about modifying the form via the nodeapi() hook but neither form pre or form post let me do that. Or, to be precise, at form pre the taxonomy drop down hasn't been attached to the node, on form post it's attached allright but also added to the form, so even though i modify the node object it's too late.

I'd assume this would be something people could be looking for in other modules that use taxonomy like image.module etc.

Any suggestions?

Comments

j2halibu’s picture

j2halibu commented

Thought I'd post another bit of trouble I'm having with the nodeperm_role module, as created by Jonbob.

I've created several pages with different sets of permissions for user roles (anon, authenticated, combination thereof). Some pages have been promoted to front page, some have not.

With the pages that have been promoted to the front page the nodeperm_role module "appears" to work. However, when the page is clicked upon to have access directly to the node (http://drupalsite/node/1) all roles (anon, authenticated), other than the initial administrator, are denied access with the message:

"Access denied

You are not authorized to access this page.

The same result comes with any other linking mechanism or the path directly typed in.

The only way I've found around this is to grant node administration to authenticated users, in which case the "Access denied" message goes away and content is shown. Granting node admin creates a whole set of other problems, unfortunately.

I assume I'm missing something quite simple in the setup (I've already granted access to content in the permissions settings - not quite that simple).

At no other time, other then when the nodeperm_role is in use, do I have troubles with accessing content.

This functionality is desparately needed for the site I'm working on. Hopefully someone out there knows what might be going on.


Cheers.

jonbob’s picture

jonbob commented

Your described method sounds correct, and I cannot immediately reproduce the problem. A couple possibilities come to mind:

1) There is some version inconsistency; I am attempting to reproduce this with today's CVS HEAD checkout and the latest version of nodeperm_role in my sandbox (v 1.2 2004/07/28). Is this what you're using?
2) You are using a custom or contributed node module that needs an update to work correctly with CVS HEAD. Does this behavior occur with built-in types like "story"?
3) There's some more insidious bug lurking here.

Respond to the questions in 1 and 2 and if necessary I'll look for 3. :-)

j2halibu’s picture

j2halibu commented

Thanks for replying so quickly Jonbob! :)

As far as the scenarios go...

1) I re-installed the CVS today from here: http://drupal.org/project/releases/cvs - is this the most current version?

I have also updated the modules today from: http://cvs.drupal.org/viewcvs/drupal/modules/ - if I should be updating the cvs from the repository I'm unsure as to how to download the appropriate files without doing them one at a time.

I also re-installed the nodeperm_role and upated the database with the .mysql file.

(A question about the node_access table... When I had the initial problems I tried changing the entry in the realm column for all to different permissions, including deleting it. It behaves the same in all states, other than the initial, of course, as it grants permission to all for everything. I was a little unclear as to whether all should be included in the column and what settings would be appropriate.)

2)I have tried the nodeperm_role with and without custom modules. I have also tried story and all behaviour is identical (Access denied...)

I can't think of anything else to tell you... I have drupal installed in a subdirectory if that makes any difference (mysite/drupal). Will it make a difference if the path module is turned on or off (i've tried both ways anyway)?

...sigh


P.S. Jonbob, if you email me directly I'll setup a basic install with an administrator account you can use just to browse the settings.

jonbob’s picture

jonbob commented

Instructions for using the CVS repositories can be found at http://drupal.org/book/view/319. I'll contact you offline for more trobleshooting.

j2halibu’s picture

j2halibu commented

Thanks to Jonbob for patching the bug... check his sandbox for the fix

jonbob’s picture

jonbob commented

On the contrary, the fix has been committed to core. Thanks for helping track this down, James.

moshe weitzman’s picture

moshe weitzman commented


However, I can't figure out how to hide the taxonomy terms themselves - that is, prevent the forums to get listed on the forum page and in the drop downs when people add new forum topics.

Private forums are going to be a common request so we might as well get this right. Yet I can't think of a clean way to handle this.

andremolnar’s picture

andremolnar commented

I've just been following this discussion and noticed that this has been added to the core. I have downloaded the latest CVS, but I can't seem to find any way to set up node-leve permissions.

Can you walk me through how you set up permissions / access control on a single node? Or perhaps point me to the documentation that I can't seem to find.

If you can give me the broad strokes I would be more than happy to document it (assuming documentation doesn't exist) and I'll submit it to the user-guide (given permission).

andre

j2halibu’s picture

j2halibu commented

I believe you'll still have to go to Jonbob's Jonbob's Sandbox and install the module.

andremolnar’s picture

andremolnar commented

Yes - it is still only in Jonbob's sandbox. Thank you.

I actually found another post that pointed me in that direction. I have installed it and done a test run - but have come across some php errors (none that I'm ready to report because I know I have a db error from my last update - if the problem persists after fixing my db I will report in detail).

Node level permissions have got to be one of the greatest improvements in Drupal. I can't wait to see them fully implemented and documented in the core. I suppose it might not be until 4.6 seeing as there is the code freeze - but I did notice that some of the required changes to the db tables are already in the CVS.

Thank you for the response.

andre

andremolnar’s picture

andremolnar commented

I've just gone ahead and done a clean fresh CVS install and added the modules from jonbob's sandbox.

I mentioned that I had errors the last time I tried this - but now that I have done the clean install (and they still persist) I'm ready to report what they are.

I can add new users - but once I attempt to edit their profiles (whether or not I select taxonomy items they have permission to access) I get the following error.

warning: Invalid argument supplied for foreach() in /drupal/modules/nodeperm_taxonomy.module on line 59.

line 59 is found in the nodeperm_taxonomy_user function:

foreach ($edit['nodeperm_taxonomy_edit'] as $tid)
        {
          $tids[$tid] = 1;
        }

any thoughts?

For future reference - Should something like this be posted as a bug report? (though I've noticed there is no 'project' for the node-level permissions)


andre

jonbob’s picture

jonbob commented

Code found in peoples' sandboxes is in general experimental, so does not merit bug reports (unless the bug reflects an underlying problem in Drupal). The node permission modules in my sandbox are really proof-of-concept at this point, to show what can be coded. I plan on creating some actual projects for them as 4.5 nears release, but haven't had time to do that yet.

I think the error in question can be resolved by wrapping that foreach in an if(is_array(...)) to ensure that the array has been populated.

AlanChandler’s picture

AlanChandler commented

I cam across this thread, searching for a way out of my problem, in which I want to give anonymous users a limited view of my site. But even specifying a special access denied page didn't help, because it couldn't be accessed (and therefore still gave access denied :-( )

Anyway - I have been reading through the code to try and understand exactly what database tables are needed, and came across the fact that inside nodeperm_user.module there was this database query.

        db_query('INSERT INTO {node_permissions} (nid, gid, realm, grant_view, grant_update, grant_delete) VALUES (%d, %d, \'user\', %d, %d, %d)', $node->nid, $uid, $grant['view'], $grant['edit'], $grant['edit']);

Should that be insert into table node_access ?

moshe weitzman’s picture

moshe weitzman commented

However, I can't figure out how to hide the taxonomy terms themselves - that is, prevent the forums to get listed on the forum page and in the drop downs when people add new forum topics.

Because forums are organized cia the taxonomy system, this is difficult to fix. This bug will likely be present in 4.5 Sad, but true. Some might not call it a bug, but I do.

grantbow@civicspacelabs.org’s picture

grantbow@civicspacelabs.org commented

I hope the hiding of taxonomy terms isn't forgotten about.