The flag count service, in its getUserFlagFlaggingCount it does not perform any access checks. This results into having inconsistent flag counts in specific use cases.
The use case that I have is:
- Users needs to view the count of their favourite content.
- Currently, by using the getUserFlagFlaggingCount method, the count of favourite content is taking into account content which the user does not have access (either is unpublished, either the specific rules of the site do not allow them to access).
I am still not sure either this is a bug or it is a feature needed for the specific project, but it looks problematic for more use cases.
Create a flag associated with a content type. Then create a node with a user without access to unpublished content and flag it. After that, unpublish it. The count of flags made by the user will take that node into account.
When calculating the user flagged counts, do not take into account the content that the user does not have access to.
Needs work
4.0
Flag core
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.
I've just adapted the tests to the new functionality, ready to review again.