- ivnish Kazakhstan
Automatically closed because Drupal 7 security and bugfix support has ended → as of 5 January 2025. If the issue verifiably applies → to later versions, please reopen with details and update the version.
For comments it does make sense to use hook_menu_alter, as there is no better way of limiting comment access.
However for nodes this module should use hook_node_access (instead of hook_menu_alter) as this is the correct way of setting view/update/delete permissions on nodes.
This should clear a couple of issues in the queue related to this module not denying access in combination with other modules / use cases.
In my case, this module did not deny access in combination with the revisions module enabled. To solve this, I had to implement hook_node_access in a custom module returning NODE_ACCESS_DENY in case _edit_limit_user_acccess returns FALSE (which is bad as I'm forced to call your internal function).
In addition edit_limit_node_access is being called as a 'helper function' instead of as a hook which it is. Instead of returning NODE_ACCESS_DENY/ALLOW/IGNORE, it returns TRUE/FALSE in the module's code:
/**
* Helper function to determine if the user has permissions to use whatever grants node_access()
* grants to this user, as determined by the additional site membership checks.
*/
function edit_limit_node_access($op, $node, $account = NULL) {
module_load_include('inc', 'node', 'node.pages');
if (node_access($op, $node, $account)) {
switch ($op) {
case 'update':
if (user_access('bypass edit limits')) {
return TRUE;
}
return _edit_limit_user_acccess($node);
}
}
return FALSE;
}Closed: outdated
1.0
Code
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.
Automatically closed because Drupal 7 security and bugfix support has ended → as of 5 January 2025. If the issue verifiably applies → to later versions, please reopen with details and update the version.