Hi, I've found a particular bug on the rules integration. When you create a rule with "grant/revoke OP to rule", the content_access table is wrongly updated: instead of using:

"view", "view_own", "edit", "edit_own", "delete" and "delete_own"

the table is filled with the following strings:

"View any content", "View own content", "Edit any content", "Edit own content", "Delete any content" and "Delete own content"

The $params variable passed to the functions content_access_action_grant_node_permissions() and content_access_action_revoke_node_permissions() contains the wrong values.

It looks like the params contains the Label instead of the correct values.


Example of correct record:

a:6:{s:4:"view";a:4:{i:0;i:2;i:1;i:4;i:2;i:5;i:3;i:3;}s:8:"view_own";a:2:{i:0;i:4;i:1;i:3;}s:6:"update";a:2:{i:0;i:4;i:1;i:3;}s:10:"update_own";a:2:{i:0;i:4;i:1;i:3;}s:6:"delete";a:1:{i:0;i:3;}s:10:"delete_own";a:1:{i:0;i:3;}}

Example of wrong record:

a:6:{s:16:"View any content";a:3:{i:0;i:2;i:1;i:4;i:2;i:5;}s:16:"View own content";a:0:{}s:16:"Edit any content";a:2:{i:0;i:4;i:1;i:5;}s:16:"Edit own content";a:0:{}s:18:"Delete any content";a:1:{i:0;i:2;}s:18:"Delete own content";a:4:{i:0;i:1;i:1;i:2;i:2;i:4;i:3;i:5;}}


CommentFileSizeAuthor
#5 content_access_rules.patch2.24 KBAnonymous (not verified)
Support from Acquia helps fund testing for Drupal Acquia logo

Comments

FiNeX’s picture

I've done some tests. If I replace "View any content" with "view" in the $ca_settings variable before calling the content_access_save_per_node_settings() all will works fine:

    content_access_save_per_node_settings($params['node'], $ca_settings);

I suspect that the function which create the settings of the rule doesn't use the correct parameters.

dcmouyard’s picture

I've noticed this same error.

dcmouyard’s picture

After looking into this some more, simply changing the label doesn't fix the issue for me. It looks like the permissions aren't set properly in the content_access table.

Using the rule action "Grant content permissions by role" I allow the author to edit their own node. The following gets written to content_access for that node:

a:6:{s:16:"View any content";a:3:{i:0;i:4;i:1;i:5;i:2;i:3;}s:16:"View own content";a:4:{i:0;i:2;i:1;i:4;i:2;i:5;i:3;i:3;}s:16:"Edit any content";a:3:{i:0;i:4;i:1;i:5;i:2;i:3;}s:16:"Edit own content";a:4:{i:0;i:2;i:1;i:4;i:2;i:5;i:3;i:3;}s:18:"Delete any content";a:3:{i:0;i:4;i:1;i:5;i:2;i:3;}s:18:"Delete own content";a:3:{i:0;i:4;i:1;i:5;i:2;i:3;}}

The original author, however, did not get the ability to edit their own node. When I set the permissions using the Access Control tab on the node, the following gets inserted into the content_access table for the same node as above, which does allow the original author to edit that node.

a:6:{s:4:"view";a:3:{i:0;i:4;i:1;i:5;i:2;i:3;}s:8:"view_own";a:4:{i:0;i:2;i:1;i:4;i:2;i:5;i:3;i:3;}s:6:"update";a:1:{i:0;i:3;}s:10:"update_own";a:2:{i:0;i:2;i:1;i:3;}s:6:"delete";a:1:{i:0;i:3;}s:10:"delete_own";a:1:{i:0;i:3;}}

FiNeX’s picture

Indeed, you've to change the value stored on the DB...

Anonymous’s picture

FileSize
2.24 KB

It seems the rules integration wasn't updated for the change to _content_access_get_operations(), which now provides both the database operation and the text label.

I've attached a patch (it's quick and not thoroughly tested) that should fix the problems. A couple strings may accidentally get run through t() twice (once in _content_access_get_operations() and once as $label), but it seems to work okay nonetheless.

dcmouyard’s picture

Status: Active » Needs review

I'll check to see if this patch works.

dcmouyard’s picture

The patch in #5 fixes my problem.

dcmouyard’s picture

Status: Needs review » Reviewed & tested by the community
good_man’s picture

Status: Reviewed & tested by the community » Patch (to be ported)

Thanks for reporting & testing, I'll review it and commit.

good_man’s picture

Status: Patch (to be ported) » Fixed

Committed to the current dev version, thanks.

good_man’s picture

btw, never use t() with variable directly, instead use substitution more here.

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.