Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Hello,
I noticed that cron is executed as admin, so if anonymous does not have access to the action it will be blocked.
Perhaps a warning would be welcome when enqueuing the action, or even better, when enabling it for enqueing. :)
Comments
Comment #1
bojanz CreditAttribution: bojanz commentedDoes this happen when attempting to run a core action, or a rules component?
Access is checked for the same user who enqueued the operation, so that should work (at least for core actions).
EDIT: Okay, I see the problem.The script action does its own access checking where the behavior described above is not present and the current user is used instead.
Comment #2
bojanz CreditAttribution: bojanz commentedCommitted a fix.
Comment #3
bojanz CreditAttribution: bojanz commentedThis is the commit: http://drupalcode.org/project/views_bulk_operations.git/commitdiff/cd9d063
infojunkie might be interested in this, as far as I can see, 6.x-1.x should have the same problem.
Comment #4
infojunkieIs the
permission
attribute supported in D6? I should check.Comment #5
infojunkieSorry, I don't understand how this patch works. Who handles thepermission
attribute in the action info?Hehehe it's my own style plugin code :-)
Comment #6
infojunkieCommitted to D6.