I'm re-posting this because the last time I got no response. I'm like THISCLOSE to making this work if I can just figure out this last little bit. If anyone has any notion, please share. It might just be the little bit I need to get over the hump. Thanks. -------- Original Message -------- I am proposing a new project: OG User Roles. I have written to this list before and what I discovered was that I really needed to formulate a proposal for some sort of user_access hook that would include permissions granted from other modules to the final list of permissions for a user during a particular process. That, essentially, is the modification to user_access that I have created so that my module would work. Briefly, my OG User Roles module is designed to assign role(s) to a user restricted to the OG group he is in. Details on it are here: http://drupal.org/node/87679. What I have found is that my modified user_access (and therefore my proposed hook) works for node listing/view/updating/deleting, but NOT creating. I am able to create nodes with the modified user_access only if I call the node_add() function directly. Not a real good solution. So, I'm back here to ask: What else, besides user_access, does the default node/add mechanism call for permissions checks? Here's the scenario: I've given a user in a group a role which allows him to create a document. When his group menu comes up, he sees a "create" link to the document he's been given access to create (that means my modified user_access is working). However, when he clicks on the "create document" link, he gets "Access Denied" message. I wrote some debug code that writes out to a file the variable values from my modified user_access function when the user clicks on the "create document" link. What I noted is that the corect permissions and group context are always returned. What happens when it fails, i.e., user receives "Access Denied", is that the function loses the arg (arg(0), arg(1), arg(2)) values. They just disappear. This never happens on successful submissions. As you can probably see, I can't very well propose a hook if my simulated hook is not working correctly. Can someone give me some clue as to where I need to look in the node/add process to figure out why I'm losing the arg values and getting the denied error when user_access is bringing back the correct permissions? Thanks so much. -ron p.s. This could also be part of the solution for the proposed temporary access "peek" module. -- Ron Parker Software Creations http://www.scbbs.com Self-Administration Web Site http://saw.scbbs.com SDSS Subscription Mgmt Service http://sdss.scbbs.com Central Ave Dance Ensemble http://www.centralavedance.com R & B Salsa http://www.randbsalsa.com
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Ron Parker schrieb:
I'm re-posting this because the last time I got no response. I'm like THISCLOSE to making this work if I can just figure out this last little bit. If anyone has any notion, please share. It might just be the little bit I need to get over the hump. Thanks.
-------- Original Message --------
I am proposing a new project: OG User Roles. I have written to this list before and what I discovered was that I really needed to formulate a proposal for some sort of user_access hook that would include permissions granted from other modules to the final list of permissions for a user during a particular process.
That, essentially, is the modification to user_access that I have created so that my module would work. Briefly, my OG User Roles module is designed to assign role(s) to a user restricted to the OG group he is in. Details on it are here: http://drupal.org/node/87679.
IMO you are trying to use the role system for something it wasn't designed for: Dynamically asigned roles. Drupal roles are always static.
What I have found is that my modified user_access (and therefore my proposed hook) works for node listing/view/updating/deleting, but NOT creating. I am able to create nodes with the modified user_access only if I call the node_add() function directly. Not a real good solution.
So, I'm back here to ask:
What else, besides user_access, does the default node/add mechanism call for permissions checks?
Nothing. You probably need to rebuild the user's menu to get your changed permisions to "take". Since rebuilding the menu is a costly operation (in Drupal5) I am not too excited about dynamically assigned roles. Cheers, Gerhard -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGC2Ssfg6TFvELooQRAvbFAJsFypcHqfFhzozmsz1li+wOlCYZgwCcDVfe nT76eu2rwrSv4SGMYPqAu7s= =piOg -----END PGP SIGNATURE-----
Gerhard Killesreiter wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Ron Parker schrieb:
That, essentially, is the modification to user_access that I have created so that my module would work. Briefly, my OG User Roles module is designed to assign role(s) to a user restricted to the OG group he is in. Details on it are here: http://drupal.org/node/87679.
IMO you are trying to use the role system for something it wasn't designed for: Dynamically asigned roles. Drupal roles are always static.
Bingo! I seek to propose a hook that would essentially allow the role system to become dynamic.
What else, besides user_access, does the default node/add mechanism call for permissions checks?
Nothing. You probably need to rebuild the user's menu to get your changed permisions to "take".
Since my modified user_access currently works for list/view/update/delete, the menu system works perfectly. The correct create content links to add the correct node types for a role appear as they should. The problem is when I click on node/add/<node type>?gids[]=<group nid>, the user gets "access denied". user_access returns the correct roles, but there is something else in the node/add process that causes this process to fail. My guess right now is that $user->roles is called somewhere else in the process (outside of where it's called in user_access), and that's causing the failure. Problem is, I just can't locate where this is.
Since rebuilding the menu is a costly operation (in Drupal5) I am not too excited about dynamically assigned roles.
I understand, and appreciate your response. OG dynamically rebuilds it's menu each time, so the overhead would be the same. And, again, the OG menu uses my modified user_access to build the correct menu according to group role(s). -- Ron Parker Software Creations http://www.scbbs.com Self-Administration Web Site http://saw.scbbs.com SDSS Subscription Mgmt Service http://sdss.scbbs.com Central Ave Dance Ensemble http://www.centralavedance.com R & B Salsa http://www.randbsalsa.com
participants (2)
-
Gerhard Killesreiter -
Ron Parker