Enabling og_access causes an exception when rebuilding node access permissions

See #2018039: Group Content Access field is not displayed and thus cannot be used for an explanation of why this field isn't visible and also note #2012730: Document new privacy & trusted contacts fields added in Commons 3.3 for developers .

Thanks for this bug report.

also tried to revert the Field Instances (even though they are identical to a clean install of commons: node-group-field_group_logo node-group-body node-group-group_group og_membership-og_membership_type_default-og_membership_request), but it won't revert.

Tagging for the 3.3 radar so we can attempt to reproduce.

I think I am seeing same bug as #1. After I enable OG Access Control I can no longer save a group. I get error "EntityMetadataWrapperException: Unknown data property group_access"

Here are steps I followed:

1. Yesterday create fresh site (drush make build-commons-dev.make) with no auto content except for the first group.
2. Enable OG Access Control
3. Rebuild permissions
4. Try to edit-save (or create) a group...

When OG Access Control is not enabled, it seems that I can save a group.

@behoppe333, can you describe step 5? You said you tried to save a group but didn't specify what happens when you do that, so you haven't described the problem :). Thanks!

Actually, I just re-read #4 and I understand - The problem is *before* step 1. Understood - Thanks.

Just in case this helps...

• my step 5 is "click 'save' and then get fatal error--same error message as described by comment #1 above"
• I am doing all group edits, creates, saves via user-1 admin account

Renaming this to be more clear, and marking critical as it blocks other issues regarding private groups and testing email delivery. It appears that og_access causes an error with our group creation submit form.

Steps to reproduce:
*Enable og_access
*Create group

Should error on a new install or in any other instance with the error:

EntityMetadataWrapperException: Unknown data property group_access. in EntityStructureWrapper->getPropertyInfo() (line 339 of /mnt/www/html/commonsintdev/docroot/profiles/commons/modules/contrib/entity/includes/entity.wrapper.inc).

I'm not able to reproduce, even with the steps in #11.

So that we can continue troubleshooting, please describe how to reproduce with a fresh install of Commons packaged with build-commons-dev.make.

I am unable to create a group with content hidden from non-members -- so I hope this helps you reproduce the bug I keep hitting.

Here's what I just did--with some site-install and drush specifics just in case I am getting that part wrong

1. Create new folder X for all contents of commons-7.x-3.x-dev-core.tar.gz
2. Create new MySQL database
3. Run "drush make profiles/commons/build-commons-dev.make" in folder X (watch as tons of files download etc)
4. Point browser to site install.php. Follow along. Do not generate new content.
5. Install backup and migrate module; enable that and backup my database
6. (Somewhere around here I think Trusted Contacts asked me to update users, which I did)
7. Enable OG Access Control
8. Rebuild permissions
9. Edit the sole group in the site. Click "Hide contributed content from non-members"; click "Save"
10. See "EntityMetadataWrapperException: Unknown data property group_access. in EntityStructureWrapper->getPropertyInfo() (line 339 of X/profiles/commons/modules/contrib/entity/includes/entity.wrapper.inc).

"

Create new folder X for all contents of commons-7.x-3.x-dev-core.tar.gz

I believe this is your problem. Per the Commons dev snapshot release notes:

Nightly development snapshot of Commons 7.x-3.x. Please note that to get an up-to-date snapshot, you need to package Commons locally with the command:

drush make build-commons-dev.make

until #1983606: Move some of the Commons_* modules into the Commons distro repo is resolved.

Here's where I need help. If I don't do steps #1 and #2 per my post, then I don't know where is the build-commons-dev.make that I use in step #3 of my post -- where I say "drush make profiles/commons/build-commons-dev.make". Where is the makefile I should use?

PS: When I enter "drush make build-commons-dev.make" in my site's root folder, I get error:

file_get_contents(build_commons_dev.make): failed to open stream: No such file or directory make.utilities.inc:456
Invalid or empty make file: build-commons-dev.make

Thanks to help from ezra-g and devincarlson I improved my "create fresh dev install" ability. I still observe the same bug in the end. I cannot create a group with contributed content hidden from non-members.

Here are my new and improved steps to reproduce:

1. cd ~behoppe333
2. git clone --branch 7.x-3.x http://git.drupal.org/project/commons.git ./commons-profile
3. drush make ./commons-profile/build-commons-dev.make --prepare-install ./public_html/X
4. Create new MySQL database (using webserver control panel)
5. Point browser to X/install.php. Follow along. Do not generate example content.
6. Install backup and migrate module; enable that and backup my database
7. Somewhere around here Trusted Contacts says to update users. Do that.
8. Enable OG Access Control
9. Rebuild permissions
10. Edit the sole group in the site. Click "Hide contributed content from non-members"; click "Save"
11. See "EntityMetadataWrapperException: Unknown data property group_access. in EntityStructureWrapper->getPropertyInfo() (line 339 of X/profiles/commons/modules/contrib/entity/includes/entity.wrapper.inc).

Marking as active per the reproduction steps in #17.

I'm able to reproduce this by following the steps in #17.

The issue is caused by the group_access field not being added to the Groups content type when og_access is enabled. Manually reverting the commons_groups feature after installing og_access fixes the issue.

commons_groups implements hook_modules_enabled() to revert its own field_base and field_instance whenever og_access is enabled and, through my testing, these reverts are triggered and run without issue (confirmed by watchdog entries) but both field_base and field_instance do not change and are marked as overridden.

I'm continuing to look into this but any suggestions are welcome. :)

Thanks, Devin. I confirm your workaround does the trick for me: I disabled commons-groups and re-enabled, and now I am able to save a group with contributed content hidden from non-members. This makes me very happy :-)

It appears that this access control works on new content as it is created, and does not affect pre-existing content in the group. I think a group administrator would expect all content in their group -- past and future -- to obey their most recent edit to their group's access settings. Should I add that as a feature request or is that subsumed in this issue?

I was able to resolve this issue on a reasonably fresh install of Commons by calling module_list() with the $refresh parameter set to TRUE before reverting the Commons Groups field* components in commons_groups_modules_enabled().

It's a fairly agressive solution but worth reviewing.

I tested #22 on a couple of fresh Commons installations and found that the commons_groups feature was still missing the group_access field instance after installing og_access.

@ezra-g, let me know if you're experiencing different results with new Commons installations.

An alternative to defining these field instances dynamically would be to always define them, but form_alter them out [edit] *when og_access.module is disabled*.

Cannot reproduce via the steps in #17 on a fresh build. Here is a report of the module versions I have:

Run drush pm-update and compare with what you have. I think this has been fixed already.

Address Field (addressfield)                                7.x-1.0-beta4          7.x-1.0-beta4     Up to date                                         
 Address Field Tokens (addressfield_tokens)                  7.x-1.3                7.x-1.3           Up to date                                         
 Advanced Queues (advancedqueue)                             7.x-1.0-alpha2         7.x-1.0-alpha2    Up to date                                         
 Drupal                                                      7.22                   7.22              Up to date                                         
 Breakpoints (breakpoints)                                   7.x-1.1                7.x-1.1           Up to date                                         
 CKEditor (ckeditor)                                         7.x-1.13               7.x-1.13          Up to date                                         
 Commons Activity Streams (commons_activity_streams)         7.x-3.2+4-dev          7.x-3.2           Up to date                                         
 Commons Body Field (commons_body)                           7.x-3.0+2-dev          7.x-3.0           Up to date                                         
 Commons Tabbed Browsing Widget (commons_bw)                 7.x-3.0+10-dev         7.x-3.0           Up to date                                         
 Commons Content moderation (commons_content_moderation)     7.x-3.1+1-dev          7.x-3.1           Up to date                                         
 Commons Events (commons_events)                             7.x-3.1+18-dev         7.x-3.2           Up to date                                         
 Commons Featured Content (commons_featured)                 7.x-3.0+1-dev          7.x-3.0           Up to date                                         
 Commons Follow (commons_follow)                             7.x-3.0+7-dev          7.x-3.0           Up to date                                         
 Commons Groups (commons_groups)                             7.x-3.0+35-dev         7.x-3.1           Up to date                                         
 Commons Like (commons_like)                                 7.x-3.0+2-dev          7.x-3.0           Up to date                                         
 Commons Location (commons_location)                         7.x-3.0+0-dev          7.x-3.0           Up to date                                         
 Commons Miscellaneous Configuration (commons_misc)          7.x-3.1+1-dev          7.x-3.1           Up to date                                         
 Commons Notify (commons_notify)                             7.x-3.0+4-dev          7.x-3.0           Up to date                                         
 Commons Pages (commons_pages)                               7.x-3.0+0-dev          7.x-3.0           Up to date                                         
 Commons Polls (commons_polls)                               7.x-3.2+5-dev          7.x-3.2           Up to date                                         
 Commons Posts (commons_posts)                               7.x-3.2+9-dev          7.x-3.2           Up to date                                         
 Commons Profile Base (commons_profile_base)                 7.x-3.0+0-dev          7.x-3.0           Up to date                                         
 Commons Profile (Social fields) (commons_profile_social)    7.x-3.2+0-dev          7.x-3.2           Up to date                                         
 Commons Q&A (commons_q_a)                                   7.x-3.2+11-dev         7.x-3.2           Up to date                                         
 Commons Radioactivity (commons_radioactivity)               7.x-3.0+5-dev          7.x-3.0           Up to date                                         
 Commons Search (commons_search)                             7.x-3.1+6-dev          7.x-3.1           Up to date                                         
 Commons Site Homepage (commons_site_homepage)               7.x-3.0+4-dev          7.x-3.0           Up to date                                         
 Commons Social Sharing (commons_social_sharing)             7.x-3.0+0-dev          7.x-3.0           Up to date                                         
 Commons Topics (commons_topics)                             7.x-3.0+2-dev          7.x-3.0           Up to date                                         
 Commons Trusted Contacts (commons_trusted_contacts)                                7.x-3.x-dev       Installed version not supported                    
 Commons User Profile Pages (commons_user_profile_pages)     7.x-3.0+1-dev          7.x-3.0           Up to date                                         
 Commons Utility links block (commons_utility_links)         7.x-3.1+4-dev          7.x-3.1           Up to date                                         
 Commons Wikis (commons_wikis)                               7.x-3.2+12-dev         7.x-3.2           Up to date                                         
 Commons WYSIWYG (commons_wysiwyg)                           7.x-3.1+0-dev          7.x-3.1           Up to date                                         
 Chaos tools (ctools)                                        7.x-1.3                7.x-1.3           Up to date                                         
 Custom Search (custom_search)                               7.x-1.12+1-dev         7.x-1.12          Up to date                                         
 Date (date)                                                 7.x-2.6                7.x-2.6           Up to date                                         
 Date Facets (date_facets)                                   7.x-1.0-beta1          7.x-1.0-beta1     Up to date                                         
 Diff (diff)                                                 7.x-3.2                7.x-3.2           Up to date                                         
 Edit profile (edit_profile)                                 7.x-1.0-beta2          7.x-1.0-beta2     Up to date                                         
 Email Registration (email_registration)                     7.x-1.1                7.x-1.1           Up to date                                         
 Entity API (entity)                                         7.x-1.1                7.x-1.1           Up to date                                         
 Entity cache (entitycache)                                  7.x-1.1                7.x-1.1           Up to date                                         
 Entity Reference (entityreference)                          7.x-1.0+5-dev          7.x-1.0           Up to date                                         
 Entity reference prepopulate (entityreference_prepopulate)  7.x-1.3                7.x-1.3           Up to date                                         
 Facet API (facetapi)                                        7.x-1.3                7.x-1.3           Up to date                                         
 Features (features)                                         7.x-2.0-rc1            7.x-2.0-rc1       Up to date                                         
 Flag (flag)                                                 7.x-2.1                7.x-2.1           Up to date                                         
 Flag abuse (flag_abuse)                                     7.x-2.0-alpha1         7.x-2.0-alpha1    Up to date                                         
 Http Client (http_client)                                   7.x-2.4                7.x-2.4           Up to date                                         
 Libraries (libraries)                                       7.x-2.1                7.x-2.1           Up to date                                         
 Link (link)                                                 7.x-1.1                7.x-1.1           Up to date                                         
 Menu attributes (menu_attributes)                           7.x-1.0-rc2            7.x-1.0-rc2       Up to date                                         
 Message (message)                                           7.x-1.7+2-dev          7.x-1.8           Up to date                                         
 Message notify (message_notify)                             7.x-2.5+0-dev          7.x-2.5           Up to date                                         
 Message subscribe (message_subscribe)                       7.x-1.0-alpha5         7.x-1.0-alpha5    Up to date                                         
 Metatag (metatag)                                           7.x-1.0-beta7          7.x-1.0-beta7     Up to date                                         
 Module filter (module_filter)                               7.x-1.7                7.x-1.7           Up to date                                         
 Mobile Friendly Navigation Toolbar (navbar)                 7.x-1.0-alpha10+6-dev  7.x-1.0-alpha10   Up to date                                         
 Organic groups (og)                                         7.x-2.2+29-dev         7.x-2.2           Up to date                                         
 Panelizer (panelizer)                                       7.x-3.1                7.x-3.1           Up to date                                         
 Panels (panels)                                             7.x-3.3                7.x-3.3           Up to date                                         
 Paranoia (paranoia)                                         7.x-1.1                7.x-1.2           Update available                                   
 Pathauto (pathauto)                                         7.x-1.2                7.x-1.2           Up to date                                         
 Placeholder (placeholder)                                   7.x-1.0-rc1+3-dev      7.x-1.0           Up to date                                         
 Private messages (privatemsg)                               7.x-1.3+18-dev         7.x-1.3           Up to date                                         
 Quicktabs (quicktabs)                                       7.x-3.4+3-dev          7.x-3.4           Up to date                                         
 Redirect 403 to User Login (r4032login)                     7.x-1.5                7.x-1.5           Up to date                                         
 Radioactivity (radioactivity)                               7.x-2.8+1-dev          7.x-2.8           Up to date                                         
 Rate (rate)                                                 7.x-1.6                7.x-1.6           Up to date                                         
 Real name (realname)                                        7.x-1.1                7.x-1.1           Up to date                                         
 Redirect (redirect)                                         7.x-1.0-rc1            7.x-1.0-rc1       Up to date                                         
 Registration (registration)                                 7.x-1.0+3-dev          7.x-1.1           Up to date                                         
 Rules (rules)                                               7.x-2.3                7.x-2.3           Up to date                                         
 Schema.org (schemaorg)                                      7.x-1.0-beta3          7.x-1.0-beta3     Up to date                                         
 Faceted Navigation for Search (search_facetapi)             7.x-1.0-beta2          7.x-1.0-beta2     Up to date                                         
 ShareThis (sharethis)                                       7.x-2.5                7.x-2.5           Up to date                                         
 Strongarm (strongarm)                                       7.x-2.0+2-dev          7.x-2.0           Up to date                                         
 Timeago (timeago)                                           7.x-2.1+6-dev          7.x-2.1           Up to date                                         
 Title (title)                                               7.x-1.0-alpha7         7.x-1.0-alpha7    Up to date                                         
 Token (token)                                               7.x-1.5                7.x-1.5           Up to date                                         
 Views (views)                                               7.x-3.7                7.x-3.7           Up to date                                         
 Views Bulk Operations (views_bulk_operations)               7.x-3.1                7.x-3.1           Up to date                                         
 Views Field View (views_field_view)                         7.x-1.1                7.x-1.1           Up to date                                         
 Views Litepager (views_litepager)                           7.x-3.0                7.x-3.0           Up to date                                         
 Views Load More (views_load_more)                           7.x-1.1                7.x-1.1           Up to date                                         
 Voting API (votingapi)                                      7.x-2.11               7.x-2.11          Up to date                                         
 AT Core (adaptivetheme)                                     7.x-3.1+68-dev         7.x-3.1           Up to date                                         
 Commons Origins (commons_origins)                           7.x-3.2+66-dev         7.x-3.2           Up to date                                         
 Commons (commons)                                           7.x-3.2+56-dev         7.x-3.2           Up to date  

Since 4 people were able to reproduce the problem with relatively recent builds/installs of Commons and we haven't identified a specific change that would have fixed this issue, I'd like to take another look at reproducing again before we mark this as fixed.

@ezra-g: I agree with you, and FWIW I have observed for a couple weeks that this bug has "gone away". I am glad I am not the only person who doesn't understand what change caused it to go away.

I recall the bug stopped occurring for me around the time ezra-g posted patch in #22. I never applied that patch however. I just re-build from scratch every week or so.

My ability to help with testing will increase if anyone can give me advice on my setup per https://drupal.org/node/2039063 :-D

I was able to reproduce this from a fresh build made a few minutes ago. I recorded a screencast which is now exporting.

@japerry, can you share the process you used to package Commons in #25?

Here's the video from #28: http://www.youtube.com/watch?v=wod8YZh4pXE. I plan to unpublish it after this issue is fixed.

It seems clear that the field instances are not defined in some cases, such as a fresh install that then enables OG_Access.modue. I think the proposal in #24 is the most reliable path forward, though I'd still like to understand the discrepancy in japerry's testing/setup process from #25.

Here's a patch similar to the approach proposed in #24: Defining the OG_Access fields in all cases.

This needs additional functional testing in these areas, with and without OG_Access enabled:

- Display of the fields
- Entry of the fields
- Behavior of the fields (eg, ability to properly restrict node access

Note that this is only really intended for testing on a fresh installation, though applying the patch and reverting the Commons Groups feature may also resolve the issue.

Works for me as well on a new install! We may need to revisit how we approach these dynamic fields, but I think for 3.3 this isn't bad.

Also I re-verified that using Drush avoids this issue, as opposed to using the Modules UI. I can only replicate when I use the modules UI from the browser (in both a fresh install or if I use my build_distro.sh script)

Meant to set it to 'needs' work per conversation with Ezra about some errors with fields showing up (but I can't remember exactly the error)

I'm only seeing Q/A showing up as overridden currently, everything else is set default.

I am pretty sure your patch did not cover creating the group with "Anyone can join and contribute". In case it did, that is still not working.

In general it's helpful rather than saying that something is "not working" if you can specify the behavior you observe and how that differs from your expected behavior. In this case, I infer that you are referring to the behavior that would be fixed by #2019137: Saving a group as "Anyone can join" is saved as "Joining requires admin approval".

Re japerry's comment in #35, the unexpected appearance of a field only happened when the patch was reverted, so I think we can disregard that.

I think this is mostly RTBC, but hold off committing on one final verification: @japerry: Did you test node access control restrictions with OG access enabled? Thanks!

I haven't come across any issues while testing #31 on a fresh install. With the patch, group posting works correctly and the group privacy settings (OG Access) control group membership and group content access properly (tested using multiple users and attempting to join various groups and view/edit different public/private group content).

#31 is committed: http://drupalcode.org/project/commons_groups.git/commit/c2e99ef.

@RobKoberg, please let us know if you're able to reproduce those errors on a fresh install.

I copied over the latest commons profile to my (heavily customized) project, cleared cache, ran updates, drush cc all again, and I still get the PDOException. I deleted all content, tried to add a group and get the PDOException.(this sucks)

Sorry to hear that you're frustrated here.

Can you confirm whether you reverted all features to their default state?

If so, can you elaborate on the nature of your customizations?

I just made an instance from scratch a couple minutes ago using drush make build-commons.make. I allowed example content to be created during the install.

I enabled OG Access. Then the site asked me to rebuild permissions. That failed with the error

"An AJAX HTTP error occurred. HTTP Result Code: 500 Debugging information follows. Path: /mysite/batch?render=overlay&id=8&op=do StatusText: Service unavailable (with message) ResponseText: OgException: Cannot set visibility of node ID 3 as the group node of type "user" does not have the "Group visibility" field attached to it. in _og_access_verify_access_field_existence() (line 250 of mysite/profiles/commons/modules/contrib/og/og_access/og_access.module)."

I am not sure if I should make a new issue for this

FYI: The error message above (#44) only occurs if I allow install to create example content. If I decline the example content, then after install completes I can enable OG Access and rebuild permissions without a hitch. (And create a new group etc.)

I just made an instance from scratch a couple minutes ago using drush make build-commons.make. I allowed example content to be created during the install.

Does this problem happen with 7.x-3.3 rc1? If so, can you share steps to reproduce?

I cannot reproduce with package from August 7. I can only reproduce with "drush make build-commons.make" from August 9 (this morning)

Steps are

1. Install and accept the example content
2. Via UI: Admin > Modules, enable OG Access
3. Rebuild permissions
4. Kaboom (error message as reported)

BTW the tgz and zip files from Aug 7 are offline right now. I am using copies i saved from Aug 7

Bug exists in 7.x-3.3-rc2+0-dev and can be reproduced using steps of #47

I'm able to reproduce. The specific error I'm seeing is:

An AJAX HTTP error occurred. HTTP Result Code: 500 Debugging information follows. Path: /acquia/commons-builds/latest-12/batch?id=8&op=do StatusText: Service unavailable (with message) ResponseText: OgException: Cannot set visibility of node ID 3 as the group node of type "user" does not have the "Group visibility" field attached to it. in _og_access_verify_access_field_existence() (line 250 of /Users/ezra/Developer/htdocs/acquia/commons-builds/latest-12/profiles/commons/modules/contrib/og/og_access/og_access.module).

There were 2 underlying issues here:

1) I identified and filed a patch to OG for #2063385: _og_access_verify_access_field_existence() assumes node group type, throws an exception rebuilding node access.
2) Commons Trusted Contacts didn't define a group_access field for user groups, which contributed to the exception here. This field is now defined. Note that to test the fix here you'll either have to either do a fresh build or:
- Patch OG per #1 in this comment.
- Revert the trusted contacts feature.
- Save all user accounts on the site (or run the trusted contacts batch user update process again).

I've gone ahead and committed the above since the problem seems clearly defined and I'm fairly confident in the fix, and we'd like to get this into the next nightly development build of Commons to help make it easier for folks to test the upgrade path.

Thanks, @behoppe333 for the updated bug report!

http://drupalcode.org/project/commons_trusted_contacts.git/commit/9eea2ca
http://drupalcode.org/project/commons.git/commit/67242a0

I'm now seeing a required "Group visibility" field when creating new users or editing existing user accounts.

I'm actually not able to reproduce this on a fresh install. Perhaps it only applies to upgrading sites.

I also see neither of these issues on a fresh install or an upgrade.

Please refer to #2065381: EntityMetadataWrapperException errors due to features not being reverted for reasons why its important to revert all features after enabling a feature in commons. We don't automatically revert all features because we don't want to destroy user customizations.

If after reverting all features you still get this error, please report back.

I'm also unable to reproduce #52. Marking as fixed

Steps to reproduce bug reported in #52

1. Install RC4 from scratch, including example content
2. Go to admin > people and add user
3. Observe "group visibility" fields at bottom of form

Thanks for the report - I was able to reproduce and filed a new issue at #2069119: "Group visibility" field visible when admin adds users through the UI, since the visibility of this field is unrelated to the title and original purpose of the present issue.