I can't allow a user content profile node access restricted to the author for viewing the node. If I allow user's role for node content_access, all users of that role can access, which is not what I want. If I disallow the content_access to the user's role, not even the author can view the node.

In the permission, there is no 'view node permission'. I understand there is a content access module, but it seems the problem is a bug.

In node_access() starting from line 2033 of file node/node.module, a test reads node_access table then just returns after retrieving the result of SQL, rather than falling through to the next test in line 2053, which then allows author access to view the node.

Comments

martinrs’s picture

martinrs CreditAttribution: martinrs commented

Ok, I confirmed that if I change the order of if-test author block with if node_access table test block (lines 2033-2056 of modules/node/node.module in Drupal core), the author always have access to view his/her own node.

Status: Active » Closed (outdated)

Automatically closed because Drupal 6 is no longer supported. If the issue verifiably applies to later versions, please reopen with details and update the version.