Restric access to authenticated users, but keep access to users with roles

Created on 14 May 2024, 6 months ago

Problem/Motivation

This module doesn't work if I want to restrict access to users who doesn't have any role.
On Node I have checked `Authenticated user` and `Anonymous user`, so I expect that users that have some role do have access to this node, but that's not true. Basically any user doesn't have access to that node (except admins)

Steps to reproduce

Proposed resolution

Remaining tasks

User interface changes

API changes

Data model changes

🐛 Bug report
Status

Active

Version

3.0

Component

Code

Created by

🇱🇻Latvia biguzis

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

  • Issue created by @biguzis
  • Assigned to atul_ghate
  • 🇮🇳India atul_ghate

    I will work on this issue.

  • Issue was unassigned.
  • 🇮🇳India atul_ghate

    Hi @biguzis,
    I tried to reproduce this issue using below steps.

    1. clone the 3.0.6 branch
    2. enable module and create one article
    3. configure the Personal Access Restriction settings for this node i have created
    4. Add Personal Access Restriction settings for Anonymous user and select How to show the page? this option as Access Denied (403) and
      Page not found (404) as well but i did not faced issue you have reported. i can see page is restricated for Anonymous user

    please let me know if anything i have missed to reproduce this issue

  • 🇱🇻Latvia biguzis

    Hey! Thanks for the answer!

    I have checked both - anonymous and authenticated roles, like this - https://monosnap.com/file/xxnnSHyB6snevtBoc09BdFlLxwg7LD

    So, the expected behavior is that other roles do have access to particular article, but instead of that I got 403. And that is understandable as those users have this authenticated role, but not really what I need :)

    In your 4th point that is true and anonymous users don't have access, but the problematic situation is that I also want to restrict access to authenticated users that don't have any other role (registered users, but without roles (except authenticated but that's the default for any user)

    Hope this explains better :)

Production build 0.71.5 2024