The View Access plugin "Og Permission" doesn't seem to limit access at all. From my debugging it seems to be missing the function get_access_callback. Instead it uses the one that was inherited by the class views_plugin_access which always returns TRUE. I'm not 100% sure how the og_context_plugin_access_og_perm extends::access falls into this picture (probably need to talk to merlinofchaos about that, But it seems to be called by the display plugin after the menu access check. Probably for those views that don't use the menu like blocks and what not...

Anyway... This is the exact same issue in #1606990: Wsod using OG access permission in Views page display but or 7.x-1.x-dev

Files: 
CommentFileSizeAuthor
#7 og-fix_og_context_og_permission_views_access_plugin-1784570-7.patch6.05 KBBassistJimmyJam
PASSED: [[SimpleTest]]: [MySQL] 996 pass(es).
[ View ]
#5 og-fix_og_context_og_permission_views_access_plugin-1784570-5.patch6 KBBassistJimmyJam
PASSED: [[SimpleTest]]: [MySQL] 998 pass(es).
[ View ]
#3 og-fix_og_context_og_permission_views_access_plugin-1784570-3.patch5.33 KBBassistJimmyJam
PASSED: [[SimpleTest]]: [MySQL] 1,002 pass(es).
[ View ]
#1 og-fix_og_context_og_permission_views_access_plugin-1784570-1.patch3.61 KBgeneralredneck
PASSED: [[SimpleTest]]: [MySQL] 1,000 pass(es).
[ View ]

Comments

Status:Active» Needs review
StatusFileSize
new3.61 KB
PASSED: [[SimpleTest]]: [MySQL] 1,000 pass(es).
[ View ]

I've created a patch that will fix this problem. It's a very close replication to comment 10 in #1606990: Wsod using OG access permission in Views page display. I plan to extend the patch a little to accept either gid or eid, but at the moment, it just takes eid. Additionally, I would like to replace the entity Argument with tokens... just haven't figured that one out yet.

StatusFileSize
new5.33 KB
PASSED: [[SimpleTest]]: [MySQL] 1,002 pass(es).
[ View ]

Re-rolled a new patch that addresses a few issues, not including the ones in my previous comment:

  1. Fixed _og_context_views_page_access() docblock to include parameter types.
  2. Added missing @return to _og_context_views_page_access() docblock.
  3. Removed defaults for required parameters in _og_context_views_page_access().
  4. Added option for how to handle multiple groups found from the specified argument. Options include verify access to all groups and verify access to only the first group.

+++ b/og_context/og_context.moduleundefined
@@ -568,3 +568,50 @@ function _group_context_handler_entity($entity_type = 'node', $entity = NULL, $p
+ *   - first: Verify that the user has the specified permission in only the ¶

Trailing whitespace.

StatusFileSize
new6 KB
PASSED: [[SimpleTest]]: [MySQL] 998 pass(es).
[ View ]

A few additional changes:

  1. Fixed trailing whitespace from #4.
  2. Added missing commas on the last index of multi-line arrays.
  3. Added support for group entities when selecting the expected entity type of the argument.

Thanks for solving this issue for me! One quick note on the patch is that the example says:

"Entity ID (Entity forming the group you want) position accessed with the arg() function. e.g If your dynamic path is "node/%/overview" to choose "2" like "arg(2)"

but in reality that should be arg(1) which caused some debugging headaches.

StatusFileSize
new6.05 KB
PASSED: [[SimpleTest]]: [MySQL] 996 pass(es).
[ View ]

Thanks for pointing that out. I have fixed the example and made the description of the setting a little clearer to help avoid confusion.

Status:Needs review» Reviewed & tested by the community

Thanks, is working perfect for me

Status:Reviewed & tested by the community» Needs work

Sadly no longer works with the most recent dev. It appears that the handler has been split into two files since then, with the first part of the patch already implemented.

An update would be amazing. Thanks in advance.