View access denied for co-author

Created on 5 April 2024, 9 months ago
Updated 11 April 2024, 8 months ago

Problem/Motivation

Access denied for co-author.

Steps to reproduce

I have a content type "visit", which view access by the author only.
1. I have one visit record, author 1 (not adm)
2. I (adm) added author 2 in co-author field
3. logged in as author 2 and open the link, "Access denied". Error is like:

-----------------
Path: /visit/72953. Drupal\Core\Http\Exception\CacheableAccessDeniedHttpException: in Drupal\Core\Routing\AccessAwareRouter->checkAccess()
-----------------

Did I miss any configuration?

Proposed resolution

Remaining tasks

User interface changes

API changes

Data model changes

🐛 Bug report
Status

Closed: won't fix

Version

1.1

Component

Code

Created by

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

  • Issue created by @sdsc
  • 🇬🇧United Kingdom aaron.ferris

    Had a quick look, for the co-author user make sure they have a role with permission to 'edit own content' for the bundle in question.

  • Status changed to Postponed: needs info 8 months ago
  • 🇧🇪Belgium dieterholvoet Brussels

    I have a content type "visit", which view access by the author only.

    How did you do this? Because the node module doesn't offer per-type 'view own' permissions, only a view own unpublished content permission. Are you using a contrib module that adds these per-type permissions?

  • yes, there is a content access module to let you define content type permission by role. I just need the permission by node and by person. D7 has a module nodeaccess. I think it is being ported over to D10, but seems not quite mature yet.

    Now I understand the co-author module is intended to have multiple people to edit one document, not for sharing node view access. But if it is not hard for you to implement this feature in -- only controls view access, that would be great!!

    Thank you! this ticket can be closed.

  • Status changed to Active 8 months ago
  • 🇧🇪Belgium dieterholvoet Brussels

    What module are you using exactly to grant your users view access per type? And what permissions? I need to know this if we want to add support for it. I could also add a view co-authored unpublished content permission to the module, but I'm not sure if that would be enough to help you here.

  • there is a content access module to let you define content type permission by role.

    https://www.drupal.org/project/content_access
    this module is by role level, not by user level. https://www.drupal.org/project/nodeaccess is by user level, but the latest version is alpha dated back to Feb 2023. If you provide a feature like nodeaccess, that would be GREAT!!!!

  • Status changed to Closed: won't fix 8 months ago
  • 🇧🇪Belgium dieterholvoet Brussels

    This module doesn't work with node grants, which is what you need to have user-level access control instead of role-level access control. That means it won't work with modules like Nodeaccess. It could theoretically, but it would make the module a lot more complex and I wouldn't be able to maintain the feature since I never really use node grants myself.

Production build 0.71.5 2024