Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
The attached patch implements a new argument validation plugin to check if a domain ID is valid. The validator may optionally be set to also verify the current user's domain memberships or node grants.
The validation logic is somewhat derived from domain_views_access()
, but I'm not sure I really understood what was going on with strict option for checking node grants.
Comment | File | Size | Author |
---|---|---|---|
domain_views-plugin_argument_validate_domain.patch | 3.46 KB | Les Lim |
Comments
Comment #1
agentrickardI don't understand how this is working. A validator should ensure that the value is valid, not worry about access.
For instance, this logic just seems wrong to me:
If the passed argument is "FOO", and FOO is not a domain, then why return TRUE?
I think you just need the
validate_argument
method, and it should load the passed argument to check if a valid domain is returned.Comment #2
Les LimThe check directly above that should have already returned FALSE in that case:
I'd argue access validation is still validation. There's precedent for that in the Views module itself; if you look at the "Content" argument validator, there's a configuration section for "Validate user has access to the content".
Comment #3
agentrickardFair enough.