Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.It looks like the problem is caused in hook_node_grants. The granted permission for the given group is not being applied to the user when trying to access nodes. I will attach a patch once I get the thread started.
| Comment | File | Size | Author |
|---|---|---|---|
| #10 | og_moderation-1616852-10.patch | 602 bytes | pgillis |
| #9 | og_moderation-1616852-9.patch | 795 bytes | jody lynn |
| #2 | og_moderation-hook_grants_issue-1616852-1.patch | 569 bytes | pgillis |
| #1 | og_moderation-hook_grants_issue-1616852-1.patch | 569 bytes | pgillis |
Comments
Comment #1
pgillis commentedComment #2
pgillis commentedComment #3
shenzhuxi commentedcommitted.
Comment #4
pgillis commentedHi,
Just wondering, comment #3 says the patch has been committed but when I check out the latest source I don't see the change. Do I need to be checking out a specific branch?
Comment #5
shenzhuxi commentedSorry, I forget to push.
Committed to 7.x-2.x.
Comment #6
marty2081 commentedI guess the same issue is in the 7.x-1.x branch, because I had the same issue there and I see the same code there. Are you going to apply the patch on that branch too?
Also I was wondering if
$grants['og_view_any_unpublished_' . $type . '_content'][] = array($gid);should be:
$grants['og_view_any_unpublished_' . $type . '_content'][] = $gid;?Comment #7
shenzhuxi commented7.x-1.x was fixed.
There seems no bug reports for a while.
Comment #9
jody lynnMarty2081 in #6 pointed out a major problem in the code which was not addressed.
The patch in #2 which was committed resulted in the implementation of hook_node_grants returning the wrong data structure. The hook must return an array of gids, not an array of arrays of gids.
I came upon this because the incorrect return value actually caused apachesolr search results to break and show no search results for users with og_moderation access.
But I am afraid that the error actually has also prevented users from accessing the content they should be able to access. I don't believe this is a security issue as I believe it could only prevent access, not give access.
Patch attached.
Comment #10
pgillis commentedHi Jody,
I have changed the way hook_node_grants is implemented because of performance issue Node access too slow when current user is member of large number of groups. I have attached a new patch against the latest code in git. Can you verify that this still works for your use case? Thanks.
Pete
Comment #11
pgillis commentedCommitted