<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
<title></title>
</head>
<body bgcolor="#ffffff" text="#000000">
I am proposing a new project: OG User Roles. I have written to this
list before and what I discovered was that I really needed to formulate
a proposal for some sort of user_access hook that would include
permissions granted from other modules to the final list of permissions
for a user during a particular process.<br>
<br>
That, essentially, is the modification to user_access that I have
created so that my module would work. Briefly, my OG User Roles module
is designed to assign role(s) to a user restricted to the OG group he
is in. Details on it are here: <a class="moz-txt-link-freetext" href="http://drupal.org/node/87679">http://drupal.org/node/87679</a>.<br>
<br>
What I have found is that my modified user_access (and therefore my
proposed hook) works for node listing/view/updating/deleting, but NOT
creating. I am able to create nodes with the modified user_access
only if I call the node_add() function directly. Not a real good
solution.<br>
<br>
So, I'm back here to ask:<br>
<br>
What else, besides<b> user_access</b>, does the default <b>node/add</b>
mechanism call for permissions checks?<br>
<br>
Here's the scenario: I've given a user in a group a role which allows
him to create a document. When his group menu comes up, he sees a
"create" link to the document he's been given access to create (that
means my modified <b>user_access</b> is working). However, when he
clicks on the "create document" link, he gets "Access Denied" message.<br>
<br>
I wrote some debug code that writes out to a file the variable values
from my modified user_access function when the user clicks on the
"create document" link. What I noted is that the corect permissions
and group context are always returned. What happens when it fails,
i.e., user receives "Access Denied", is that the function loses the arg
(arg(0), arg(1), arg(2)) values. They just disappear. This never
happens on successful submissions. <br>
<br>
As you can probably see, I can't very well propose a hook if my
simulated hook is not working correctly. Can someone give me some clue
as to where I need to look in the <b>node/add</b> process to figure
out why I'm losing the arg values and getting the denied error when
user_access is bringing back the correct permissions? <br>
<br>
Thanks so much.<br>
<br>
-ron<br>
<br>
p.s. This could also be part of the solution for the proposed
temporary access "peek" module.<br>
<pre class="moz-signature" cols="72">--
Ron Parker
Software Creations <a class="moz-txt-link-freetext" href="http://www.scbbs.com">http://www.scbbs.com</a>
Self-Administration Web Site <a class="moz-txt-link-freetext" href="http://saw.scbbs.com">http://saw.scbbs.com</a>
SDSS Subscription Mgmt Service <a class="moz-txt-link-freetext" href="http://sdss.scbbs.com">http://sdss.scbbs.com</a>
Central Ave Dance Ensemble <a class="moz-txt-link-freetext" href="http://www.centralavedance.com">http://www.centralavedance.com</a>
R & B Salsa <a class="moz-txt-link-freetext" href="http://www.randbsalsa.com">http://www.randbsalsa.com</a>
</pre>
</body>
</html>