Hmm... I'm not having that trouble with node_privacy_byrole on the 4.6.x. code, but here are some things I might check.
1. Make sure in the table that there are no rows with realm=all, or any other realm.
2. Verify there are no other access control modules enabled. (e.g. taxonomy_access, organic groups, simple access).
The reason a module is required is that drupal fires the nodeapi hooks in modules to check and see if the user has permissions to node content. Different modules implement different security in different ways and the way they are integrated is by implementing the hook. Drupal does not implement any "node specific security" by default. So if you don't have any of these modules enabled all you get is the basic security model.
That's at least how I understand it. As always, I volunteer to be wrong about this.
Dave
-----Original Message----- From: support-bounces@drupal.org [mailto:support-bounces@drupal.org] On Behalf Of VJ Sent: Thursday, December 29, 2005 3:38 PM To: development@drupal.org Cc: vrao@misteam.net; support@drupal.org Subject: RE: [support] node_access table
Thanks.
I have node_privacy_byrole installed, but setting everything to 0 for both node_privacy_byrole_role and node_privacy_byrole_user has no effect..i.e anyone can access it.
Anyway, Ive had problems with that module before which is why I was wondering if I can bypass it...i.e set the permissions myself in code. On my site, when an user clicks 'complete' (which is a custom button), the node should immediately become read only.
From your email, I get the impression that I have to use a module. Why is
that? do these modules change the node_load query?
Thanks,
V
The short answer here is that it depends on which access control modules you're using. If you're using the "og module" it's different then if you're using "node privacy by role". If I understand it correctly, without additional modules installed this table doesn't do
anything.
You should be extremely careful about modifying this table without using the API's for the appropriate access module. More info is in the hook_access on the Drupal Api documentation.
If you still want to do this programatically then here's and example:
If you're using node_privacy_by_role, then an example insert would be:
Insert into node_access (nid,gid,realm,grant_view,grant_update,grant_delete) values (<node>,<role_id>,'node_access_byrole_role',<grant_view>,<grant_update
,
<grant_delete>)
With the followign replacements: <node> The node id that you're protecting - find from node edit
screen
<role_id> the role ID for the role your granting access to. <grant_view> 1 if the role can view, otherwise 0 <grant_update> 1 if the role can update, otherwise 0 <grant_delete> 1 if the role can delete, otherwise 0
-----Original Message----- From: support-bounces@drupal.org [mailto:support-bounces@drupal.org] On Behalf Of VJ Sent: Thursday, December 29, 2005 9:20 AM To: support@drupal.org Cc: development@drupal.org Subject: [support] node_access table
How does this table work? If I want to remove comment and update rights to a specific user (or role), whats the exact SQL query?
Thanks,
V
-- [ Drupal support list | http://lists.drupal.org/ ]
-- [ Drupal support list | http://lists.drupal.org/ ]
There arent any other access control modules, but Im way past a vanilla install..Im sure some of my code is interfering with node_privacy.
If I cant do this through the node_access table, is there any other way? I just want to make a node read only.
I can remove the edit interface through the theme, but thats my last option.
-v
Hmm... I'm not having that trouble with node_privacy_byrole on the 4.6.x. code, but here are some things I might check.
- Make sure in the table that there are no rows with realm=all, or any
other realm.
- Verify there are no other access control modules enabled. (e.g.
taxonomy_access, organic groups, simple access).
The reason a module is required is that drupal fires the nodeapi hooks in modules to check and see if the user has permissions to node content. Different modules implement different security in different ways and the way they are integrated is by implementing the hook. Drupal does not implement any "node specific security" by default. So if you don't have any of these modules enabled all you get is the basic security model.
That's at least how I understand it. As always, I volunteer to be wrong about this.
Dave
-----Original Message----- From: support-bounces@drupal.org [mailto:support-bounces@drupal.org] On Behalf Of VJ Sent: Thursday, December 29, 2005 3:38 PM To: development@drupal.org Cc: vrao@misteam.net; support@drupal.org Subject: RE: [support] node_access table
Thanks.
I have node_privacy_byrole installed, but setting everything to 0 for both node_privacy_byrole_role and node_privacy_byrole_user has no effect..i.e anyone can access it.
Anyway, Ive had problems with that module before which is why I was wondering if I can bypass it...i.e set the permissions myself in code. On my site, when an user clicks 'complete' (which is a custom button), the node should immediately become read only.
From your email, I get the impression that I have to use a module. Why is
that? do these modules change the node_load query?
Thanks,
V
The short answer here is that it depends on which access control modules you're using. If you're using the "og module" it's different then if you're using "node privacy by role". If I understand it correctly, without additional modules installed this table doesn't do
anything.
You should be extremely careful about modifying this table without using the API's for the appropriate access module. More info is in the hook_access on the Drupal Api documentation.
If you still want to do this programatically then here's and example:
If you're using node_privacy_by_role, then an example insert would be:
Insert into node_access (nid,gid,realm,grant_view,grant_update,grant_delete) values (<node>,<role_id>,'node_access_byrole_role',<grant_view>,<grant_update
,
<grant_delete>)
With the followign replacements: <node> The node id that you're protecting - find from node edit
screen
<role_id> the role ID for the role your granting access to. <grant_view> 1 if the role can view, otherwise 0 <grant_update> 1 if the role can update, otherwise 0 <grant_delete> 1 if the role can delete, otherwise 0
-----Original Message----- From: support-bounces@drupal.org [mailto:support-bounces@drupal.org] On Behalf Of VJ Sent: Thursday, December 29, 2005 9:20 AM To: support@drupal.org Cc: development@drupal.org Subject: [support] node_access table
How does this table work? If I want to remove comment and update rights to a specific user (or role), whats the exact SQL query?
Thanks,
V
-- [ Drupal support list | http://lists.drupal.org/ ]
-- [ Drupal support list | http://lists.drupal.org/ ] -- [ Drupal support list | http://lists.drupal.org/ ]
I solved it by introducing an if statement in function user_access. If this was a bad idea, please let me know.
-v
There arent any other access control modules, but Im way past a vanilla install..Im sure some of my code is interfering with node_privacy.
If I cant do this through the node_access table, is there any other way? I just want to make a node read only.
I can remove the edit interface through the theme, but thats my last option.
-v
Hmm... I'm not having that trouble with node_privacy_byrole on the 4.6.x. code, but here are some things I might check.
- Make sure in the table that there are no rows with realm=all, or any
other realm.
- Verify there are no other access control modules enabled. (e.g.
taxonomy_access, organic groups, simple access).
The reason a module is required is that drupal fires the nodeapi hooks in modules to check and see if the user has permissions to node content. Different modules implement different security in different ways and the way they are integrated is by implementing the hook. Drupal does not implement any "node specific security" by default. So if you don't have any of these modules enabled all you get is the basic security model.
That's at least how I understand it. As always, I volunteer to be wrong about this.
Dave
-----Original Message----- From: support-bounces@drupal.org [mailto:support-bounces@drupal.org] On Behalf Of VJ Sent: Thursday, December 29, 2005 3:38 PM To: development@drupal.org Cc: vrao@misteam.net; support@drupal.org Subject: RE: [support] node_access table
Thanks.
I have node_privacy_byrole installed, but setting everything to 0 for both node_privacy_byrole_role and node_privacy_byrole_user has no effect..i.e anyone can access it.
Anyway, Ive had problems with that module before which is why I was wondering if I can bypass it...i.e set the permissions myself in code. On my site, when an user clicks 'complete' (which is a custom button), the node should immediately become read only.
From your email, I get the impression that I have to use a module. Why is
that? do these modules change the node_load query?
Thanks,
V
The short answer here is that it depends on which access control modules you're using. If you're using the "og module" it's different then if you're using "node privacy by role". If I understand it correctly, without additional modules installed this table doesn't do
anything.
You should be extremely careful about modifying this table without using the API's for the appropriate access module. More info is in the hook_access on the Drupal Api documentation.
If you still want to do this programatically then here's and example:
If you're using node_privacy_by_role, then an example insert would be:
Insert into node_access (nid,gid,realm,grant_view,grant_update,grant_delete) values (<node>,<role_id>,'node_access_byrole_role',<grant_view>,<grant_update
,
<grant_delete>)
With the followign replacements: <node> The node id that you're protecting - find from node edit
screen
<role_id> the role ID for the role your granting access to. <grant_view> 1 if the role can view, otherwise 0 <grant_update> 1 if the role can update, otherwise 0 <grant_delete> 1 if the role can delete, otherwise 0
-----Original Message----- From: support-bounces@drupal.org [mailto:support-bounces@drupal.org] On Behalf Of VJ Sent: Thursday, December 29, 2005 9:20 AM To: support@drupal.org Cc: development@drupal.org Subject: [support] node_access table
How does this table work? If I want to remove comment and update rights to a specific user (or role), whats the exact SQL query?
Thanks,
V
-- [ Drupal support list | http://lists.drupal.org/ ]
-- [ Drupal support list | http://lists.drupal.org/ ] -- [ Drupal support list | http://lists.drupal.org/ ]
-- [ Drupal support list | http://lists.drupal.org/ ]
-
Metzler, David -
VJ