Contrib.social

Permissions by field triggers warning

Open on Drupal.org β†’
Created on 25 September 2023, about 1 year ago

Problem/Motivation

I would like to fix issue desribed here : 3213875 πŸ› "read rights" always assigned Closed: cannot reproduce so basicly, Read right permission does not make any sense because by default this module does not denny anything there is still node visible no matter is read only access is triggered by this module or not.

Hence I installed this module : pbf β†’ which can allow view content only based on referenced field. Now I would like to use this module to add "edit" access only.

it works but once both modules installed it triggers following warning :

Warning: Undefined array key "value" in access_by_ref_node_access() (line 99 of modules\contrib\access_by_ref\access_by_ref.module).

access_by_ref_node_access(Object, 'update', Object)
call_user_func_array(Object, Array) (Line: 409)
Drupal\Core\Extension\ModuleHandler->Drupal\Core\Extension\{closure}(Object, 'access_by_ref') (Line: 388)
Drupal\Core\Extension\ModuleHandler->invokeAllWith('node_access', Object) (Line: 416)
Drupal\Core\Extension\ModuleHandler->invokeAll('node_access', Array) (Line: 97)
Drupal\Core\Entity\EntityAccessControlHandler->access(Object, 'update', Object, 1) (Line: 101)
Drupal\node\NodeAccessControlHandler->access(Object, 'update', Object, 1) (Line: 706)
Drupal\Core\Entity\ContentEntityBase->access('update', Object, 1) (Line: 195)
Drupal\node\Entity\Node->access('update', Object, 1) (Line: 68)
Drupal\Core\Entity\EntityAccessCheck->access(Object, Object, Object)
call_user_func_array(Array, Array) (Line: 160)
Drupal\Core\Access\AccessManager->performCheck('access_check.entity', Object) (Line: 136)
Drupal\Core\Access\AccessManager->check(Object, Object, Object, 1) (Line: 113)
Drupal\Core\Access\AccessManager->checkRequest(Object, Object, 1) (Line: 107)
Drupal\Core\Routing\AccessAwareRouter->checkAccess(Object) (Line: 92)
Drupal\Core\Routing\AccessAwareRouter->matchRequest(Object) (Line: 105)
Symfony\Component\HttpKernel\EventListener\RouterListener->onKernelRequest(Object, 'kernel.request', Object)
call_user_func(Array, Object, 'kernel.request', Object) (Line: 111)
Drupal\Component\EventDispatcher\ContainerAwareEventDispatcher->dispatch(Object, 'kernel.request') (Line: 158)
Symfony\Component\HttpKernel\HttpKernel->handleRaw(Object, 1) (Line: 76)
Symfony\Component\HttpKernel\HttpKernel->handle(Object, 1, 1) (Line: 58)
Drupal\Core\StackMiddleware\Session->handle(Object, 1, 1) (Line: 48)
Drupal\Core\StackMiddleware\KernelPreHandle->handle(Object, 1, 1) (Line: 106)
Drupal\page_cache\StackMiddleware\PageCache->pass(Object, 1, 1) (Line: 85)
Drupal\page_cache\StackMiddleware\PageCache->handle(Object, 1, 1) (Line: 48)
Drupal\Core\StackMiddleware\ReverseProxyMiddleware->handle(Object, 1, 1) (Line: 51)
Drupal\Core\StackMiddleware\NegotiationMiddleware->handle(Object, 1, 1) (Line: 51)
Drupal\Core\StackMiddleware\StackedHttpKernel->handle(Object, 1, 1) (Line: 704)
Drupal\Core\DrupalKernel->handle(Object) (Line: 19)

is anyone able to check the issue ?

πŸ› Bug report
Status

Active

Version

3.0

Component

Code

Created by

πŸ‡ΈπŸ‡°Slovakia coaston

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Merge Requests

Comments & Activities

  • Issue created by @coaston
  • Comment about 1 year ago β†’
    πŸ‡ΈπŸ‡°Slovakia coaston
  • Comment 20 days ago β†’
    πŸ‡©πŸ‡ͺGermany rogerpfaff Munich

    Can confirm this on 3.0.3

  • Comment 17 days ago β†’
    πŸ‡©πŸ‡ͺGermany rogerpfaff Munich

    Taking a deeper look I think there must be a change in return values somewhere? The code does not look like it could work as the return values that get checked are not keyed with 'value' but target_id.

    The code in question is this one

                case 'shared':  //allow if user shares a value is in this field

                $user = User::load(\Drupal::currentUser()->id());
                $user_field = $config->getExtra();
                $user_field_values =  $user->get($user_field)->getValue();

                foreach($node_field_value as $value){
                    foreach($user_field_values as $uvalue){
>>>                    if($value['value'] == $uvalue['value'] ){
                            $control_entity = $user;
                            $grant_access_read = $config_bool_read ? true : false;
                            $grant_access_update = $config_bool_update ? true : false;
                            $grant_access_delete = $config_bool_delete ? true : false;
                            break;
                        }
                    }
                }
                break;

    The arrays $node_field_value and $user_field_values look like this

    $node_field_value
Array
(
    [0] => Array
        (
            [target_id] => 26
        )

)
    $user_field_values
Array
(
    [0] => Array
        (
            [target_id] => 25
        )

    [1] => Array
        (
            [target_id] => 26
        )

)
  • Comment 17 days ago β†’
    πŸ‡©πŸ‡ͺGermany rogerpfaff Munich

    Also the module is basically unusable with this error so setting this to critical.

  • Comment 14 days ago β†’
    πŸ‡©πŸ‡ͺGermany rogerpfaff Munich

    There is now a MR to fix this.

    It's only changing the index value to target_id if you want to quick fix this in your install. See the code block marked with >>> above.

  • Merge request !11#3389641 Check for target_id instead of value for shared field references. β†’ (Open) created by Unnamed author
contrib.social Blog FAQ Discussions
Production build 0.71.5 2024