- π«π·France tostinni
Thanks for the patch, it fixes the permission problems that we had when the editor was able to modify the content but not viewing it.
The "bypass vapn" permission was added in ticket #3099467: Added "bypass vapn"-permisson β This removes bypassing roles from the roles to select for giving view access on a node form. However, there is no logic to actually ALLOW those roles to see restricted nodes.
- Create a role without "bypass node access" that has the "bypass vapn" permission
- Edit a node and check a box under the VAPN settings to limit view access of that node to another named role.
- Attempt to view the node with a user who has the bypass vapn permission and get access denied.
Add roles with the "bypass vapn" permission to the allowed roles in vapn_node_access(). Patch forthcoming.
Needs review
1.5
Code
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.
Thanks for the patch, it fixes the permission problems that we had when the editor was able to modify the content but not viewing it.