if you have node acces aktive and the roles have View access in the admin/config/people/nodeaccess
then it will over write the unpublisched setings
thats mean thats the eg. anonymaus user can read the unpublisched nodes iff theu know the direct link to this node

Comments

vlad.pavlovic’s picture

vlad.pavlovic CreditAttribution: vlad.pavlovic commented
Status: Active » Closed (works as designed)

What is the role setting for 'bypass node access'? If it is enabled for that role, Nodeaccess will grant access. Otherwise, Nodeaccess doe not grant the role access, instead it sends a NODE_ACCESS_IGNORE flag, meaning that it lets grants take care of the access to the node. Nodeaccess will only grant access under these two conditions:

1) The user is authenticated AND is the author of the node AND either has ('view own published content' enabled OR 'bypass node access' is enabled).
2) The role of the user has 'bypass node access' enabled.

If neither of the two scenarios are reached, NODE_ACCESS_IGNORE is sent and grants take care of the access to the node.

Kisugi Ai’s picture

Kisugi Ai CreditAttribution: Kisugi Ai commented

the annonymous can only view publisched.

but if jou have nodeacces installed and
have as default setings grandview checked in nodeaccess
the annonymous can view the unpublisched node.

so have I to understand that you ignore the master settings of Drupal
if i have set the role in nodeaccess to grant view?

vlad.pavlovic’s picture

vlad.pavlovic CreditAttribution: vlad.pavlovic commented

No, Nodeaccess doesn't ignore anything. NODE_ACCESS_IGNORE is the value returned from the call to hook_node_access and tells Drupal to ignore Nodeaccess for that particular node and to figure out access itself (either using other content access modules or Drupal core).