[development] OG User Roles: user_access / node add / $user->roles

David Metzler metzlerd at metzlerd.com
Sat May 19 16:25:36 UTC 2007

I've run into similar problems with using user_load to alter  
user_data.  User_load doesn't fire as often as you might think it  
does due to some caching strategies.   To prove this, place a  
drupal_set_message call in your user_load trap and see when it  
fires.  It may not be firing on the page where you're getting the  
access denied errors.

To solve my problem I had to move user alteration into the init hook.

It may be that there's core bug here, but I haven't yet tracked it  
down since the init hook solved my problem.

I never did find out why user_load wasn't firing.
On May 15, 2007, at 11:56 AM, Ron Parker wrote:

> A few weeks back I floated my og user roles module  idea on this  
> list as instructed by CVS Admin.  This module (http://drupal.org/ 
> node/87679) is designed to assign roles to OG group members that  
> are specific to the groups they are in.  The problem was that I had  
> to patch the core user.module in order to get it to work.
> After a couple of suggestions, I decided to formulate a proposal  
> for a Drupal hook.  What I thought made the most sense was either a  
> user_access hook or a $user->roles hook because what I wanted to do  
> was add roles to the site wide roles returned by $user->roles.   
> user_access (which returns permissions allowed according to roles)  
> is called by node_access which is what determines access on a node/ 
> add.
> I recently proposed a $user->roles hook (http://drupal.org/node/ 
> 143393), and someone pointed out that I could accomplish the same  
> thing by using the existing hook_user "load" operation.  They were  
> right.  I modified my module to add the appropriate roles to the  
> user object using hook_user "load" and in testing, it appears that  
> $user->roles now returns the OG group as well as the site wide  
> roles when a user is in a group.
> However, on a group node add, for example, http://www.mysite.com/ 
> node/add/link?gids[]=29, my user gets an "Access denied" error.  I  
> wrote a little debug program that writes out the values returned by  
> my hook_user "load" addition, and every time it's called it returns  
> the correct values.
> node_access would be the access control for a group node add.  I  
> have examined the code closely, and this is the only code that  
> would be executed on a node "create":
>  // Can't use node_invoke(), because the access hook takes the $op  
> parameter
>  // before the $node parameter.
>  $module = node_get_types('module', $node);
>  if ($module == 'node') {
>    $module = 'node_content'; // Avoid function name collisions.
>  }
>  $access = module_invoke($module, 'access', $op, $node);
>  if (!is_null($access)) {
>    return $access;
>  }
> This code would then call "node_content_access" (hook_access for  
> node), which would use "user_access" (thus calling global $user,  
> thus invoking my modification) to determine access.
> So, I'm at a complete loss as to why I would get an "Access denied"  
> error for a group role.  I need some help!
> The only thing I have noticed which seems to give me a clue is that  
> when I load the "devel" module and give users access, everything  
> works.  But, I can't figure out what the devel module is doing that  
> would cause this.
> Any hint, clue or anything would be appreciated.  Thanks!
> -ron
> -- 
> Ron Parker
> Software Creations               http://www.scbbs.com
> Self-Administration Web Site     http://saw.scbbs.com
> SDSS Subscription Mgmt Service   http://sdss.scbbs.com
> Central Ave Dance Ensemble       http://www.centralavedance.com
> R & B Salsa                      http://www.randbsalsa.com

More information about the development mailing list