[development] Proposed user_access / $user->roles hook

Ron Parker sysop at scbbs.com
Thu Mar 22 20:43:59 UTC 2007


I am proposing a new project: OG User Roles. I have written to this list 
before and what I discovered was that I really needed to formulate a 
proposal for some sort of user_access hook that would include 
permissions granted from other modules to the final list of permissions 
for a user during a particular process.

That, essentially, is the modification to user_access that I have 
created so that my module would work.  Briefly, my OG User Roles module 
is designed to assign role(s) to a user restricted to the OG group he is 
in.  Details on it are here: http://drupal.org/node/87679.

What I have found is that my modified user_access (and therefore my 
proposed hook) works for node listing/view/updating/deleting, but NOT 
creating.  I am able to create nodes with  the modified user_access only 
if I call the node_add() function directly.  Not a real good solution.

So, I'm back here to ask:

What else, besides user_access, does the default node/add mechanism call 
for permissions checks?

Here's the scenario:  I've given a user in a group a role which allows 
him to create a document.  When his group menu comes up, he sees a 
"create" link to the document he's been given access to create (that 
means my modified user_access is working).  However, when he clicks on 
the "create document" link, he gets "Access Denied" message.

I wrote some debug code that writes out to a file the variable values 
from my modified user_access function when the user clicks on the 
"create document" link.  What I noted is that the corect permissions and 
group context are always returned.  What happens when it fails, i.e., 
user receives "Access Denied", is that the function loses the arg 
(arg(0), arg(1), arg(2)) values.  They just disappear. This never 
happens on successful submissions.

As you can probably see, I can't very well propose a hook if my 
simulated hook is not working correctly.  Can someone give me some clue 
as to where I need to look in the node/add process to figure out why I'm 
losing the arg values and getting the denied error when user_access is 
bringing back the correct permissions? 

Thanks so much.

-ron

p.s.  This could also be part of the solution for the proposed temporary 
access "peek"  module.

-- 
Ron Parker
Software Creations               http://www.scbbs.com
Self-Administration Web Site     http://saw.scbbs.com
SDSS Subscription Mgmt Service   http://sdss.scbbs.com
Central Ave Dance Ensemble       http://www.centralavedance.com
R & B Salsa                      http://www.randbsalsa.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.drupal.org/pipermail/development/attachments/20070322/efbbb0a8/attachment.htm 


More information about the development mailing list