Add analyze routine to check if access content is missing

Well, why not require 'access content' by default for all types? Folks can remove it if they want.

I am completely and 100% against adding default settings to a View that you have to remove if you aren't using it for the obvious listing of nodes.

You only have to remove it if you actually have a class of users who don't have 'access content' and those same users are allowed to see what you are listing. I contend that this is a severe edge case. The benefit of preventing a common security hole outweigh the edge case inconvenience, IMO. Its a choice of least evil.

This was one of the things that hit me by surprise when I started using Drupal.

I think it would be more intuitive if the Views default restricted access to authenticated users.

This would at least close the "security hole" for unsuspecting newcomers and developers can then change this as they like.

Izzy

merlinofchaos,

Looks like you're outweigh here... 8-)

I would tend to say that no protection would make sense since 99% of my views don't require it. But it is also a security issue because beginners won't know and as an admin we tend to forget to test such things as an anonymous user... (especially beginners.)

That would be my vote: I'd be an annoyance in most cases, but probably a good idea. Although, if it uses the 'access content' permission, then it would not be so bad since most people have that turned on for everyone. Thus, it would work as before.

Thank you.
Alexis

Looks like you're outweigh here... 8-)

I'm sorry. Should I put your name as the Views maintainer, then? This is opensource. It is collaboration, but at no time is this democracy.

BTW, what I *would* accept is an analyze routine that might check to see if 1) it's a node view 2) 'access content' is not available to both anonymous and authenticated users, 3) the view has no access control set.

This is precisely how I dealt with the 'no default filter for published nodes' issue, for exactly the same reasons.

Yes, in open source it is necessary to convince the maintainer(s) of the merits for any changes.

I'm certainly not comfortable with tying the views access to the content access permissions
but if the suggestion is to use those settings as a default it might be okay for beginners
and still retain configuration at the views level.

If setting default access to authenticated users is not favoured, I wonder if an access status/warning could be included on the "/admin/build/views" page?

For beginners it might need to be highlighted at all times when access is not restricted or it could be highlighted when access is different from the access content permissions.

Just a thought, cheers,

Izzy

merlinofchaos,

I'm also supporting many modules here and offer many patches to the maintainers who support modules I use (oddly enough, including views.)

Now a better approach, I think, is to offer the user to do it for $X. If they have the money, you win, if they don't, who cares?

As I said, since I'm not a beginner anymore, I don't care much.

One more thing: the views properly respect the node grants (at least, from what I've seen with the to_do module that I took over.) So users who hide pages "properly" using grants won't have any problems.

Thank you for all your efforts.
Alexis

Personally i would support this patch but not adding such a filter by default. This would need quite some specific stuff. Views is written abstract

Committed to all branches.