Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Views such as "Latest blog post comments" don't fully enforce the node access system and display the titles of comments and paths of nodes to which the user does not have access, such as nodes in a private group.
These views check that nodes are published and that the user has the "access comments" permission, but not more general node access (such as OG node access control).
Comment | File | Size | Author |
---|---|---|---|
commons-comments-node-access.patch | 56.07 KB | ezra-g |
Comments
Comment #1
laurentc CreditAttribution: laurentc commentedReviewed and tested.
Thanks for the patch
Comment #2
ezra-g CreditAttribution: ezra-g commentedThanks for the review. This is committed: http://drupalcode.org/project/commons.git/commit/32b4c4f