Support Access by Reference module

Created on 28 March 2024, 9 months ago

I want to provide access for premium nodes not only by roles but per user also. Access by reference module and nopremium with this patch is work good together.
So i can make all premium content type look like premium content, but i can give access not only for the whole premium area, but per user/per node basis also.

Feature request
Status

Active

Version

1.1

Component

Code

Created by

🇭🇺Hungary ibis

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

  • Issue created by @ibis
  • 🇳🇱Netherlands megachriz

    Thanks for the patch! Perhaps it is a better idea to introduce a hook so that other modules can alter premium access?
    Something as in #3025556: Ability to alter full content access .

  • 🇭🇺Hungary ibis

    Thanks for the answer! Then all of another modules need to implement the new hook.
    I think there is better to look all of the another modules who implement hook_node_access (invokeAll('node_access')), if we want to support all node access modules what use hook_node_access to work.

  • 🇳🇱Netherlands megachriz

    Yes, I thought about that too; invoking an access hook or calling $entity->access('view') on it. Correct me if I'm wrong, but I think that if access on an entity is denied, then usually that also means the whole page to that entity gives access denied (403). So that means the premium message will not be displayed - because the user can't see anything from the entity in the first place. In the opposite situation, where the system reports that the user has access to the entity, as a result giving the user "full access" to the entity then also causes that the premium message never gets displayed. Because then the user may just see everything from the entity.

    So therefore I think that only a specific hook can work in this situation.

    Unless maybe it would work to use the entity access system with a specific operation, thus something else than just view access. Instead of that perhaps $entity->access('premium') could work? But I'm not sure how existing node access modules would react on that. Probably that would still require an implementation in a custom module?

  • 🇭🇺Hungary ibis

    Yes, but the access_by_ref work with another logic, not with the common role based:
    only gives access to view if the referenced field pass (eg. the visitor's uid is in the visited node's user reference field).
    And nothing else: so we need any another module what deny the view of this node. And this is for example The Node Option Premium (wich deny the partial view) !
    So yes, in this use case is not good to see the $entity->access('view') because we need to give the option to modules for use their own logic.
    Therefore, i think, we need here invoke the hook_node_access only for specific (supported) modules.

Production build 0.71.5 2024