- 🇳🇴Norway gisle Norway
This should go into the version compatible with Drupal 10.
The content_access module doesn't work out-of-the-box (for me). The problem appeared to be the default record set in the node_access table. This default record is set while installing the core node module.
db_insert('node_access')
->fields([
'nid' => 0,
'gid' => 0,
'realm' => 'all',
'grant_view' => 1,
'grant_update' => 0,
'grant_delete' => 0,
])
->execute();
It is also found in node/src/NodeGrantDatabaseStorage.php
public function writeDefault() {
$this->database->insert('node_access')
->fields([
'nid' => 0,
'realm' => 'all',
'gid' => 0,
'grant_view' => 1,
'grant_update' => 0,
'grant_delete' => 0,
])
->execute();
}
The node grants system always finds this default value when checking grants and this always results in an AccessResult::allowed(). It's impossible to deny access to nodes using content_access.
There is the possibility that I am using this module in a wrong manner but I have tried many permutations of permissions to try to get this module to work without deleting this default record, without any luck.
Steps to reproduce:
Expected behaviour:
Users with the role 'Webmaster' can't view 'testnode' and get a 403 response.
Real behaviour:
Users with the role 'Webmaster' can view 'testnode'.
On install, check if the default record exists and delete it if it does. This will result in a restrictive setup. You have to setup the 'Access control' of all content types to grant usage. I am unsure if this is a good solution but this worked for me.
Discuss if the proposed solution is a decent solution.
None.
None.
None.
Active
2.0
Code
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.
This should go into the version compatible with Drupal 10.