Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
When determining view access to all users for a normal authenticated user $account
entity_metadata_user_access('view', NULL, $account, 'user');
You get the notice
Notice: Trying to get property of non-object in entity_metadata_user_access() (line 661 of /sites/all/modules/contrib/entity/modules/callbacks.inc).
Reason being no isset() check for the entity parameter on line 661.
Reproduction steps:
- Create a user with permission 'access user profiles', but not 'administer users'
- Run the following:
$account = user_load([THE_NEW_USER_UID]); entity_metadata_user_access('view', NULL, $account, 'user');
Comment | File | Size | Author |
---|---|---|---|
#13 | 2160355-21-entity-user-and-taxonomy-access.patch | 2.51 KB | fgm |
#9 | 2160355-9-entity-user-and-taxonomy-access.patch | 2.15 KB | wodenx |
#8 | 2160355-8-entity-user-and-taxonomy-access.patch | 1.68 KB | wodenx |
#7 | entity_patch-2160355-3.patch | 1.2 KB | gmercer |
entity_patch-2160355-2.patch | 613 bytes | gmercer | |
Comments
Comment #1
jgullstr CreditAttribution: jgullstr commentedComment #2
jgullstr CreditAttribution: jgullstr commentedAdded reproduction steps.
Comment #3
DamienMcKennaMarked #2195211: Warning after update: Missing argument 4 for entity_metadata_taxonomy_access as a duplicate.
Comment #4
andersiversen CreditAttribution: andersiversen commentedI found this issue from the duplicate #2195211: Warning after update. I've applied the patch in #1, but still get the error messages shown in the duplicate (now closed) issue from the ctools module:
Comment #7
gmercer CreditAttribution: gmercer commentedThe function entity_metadata_taxonomy_access() needs to have the last param $entity_type set to a default of NULL.
function entity_metadata_user_access($op, $entity = NULL, $account = NULL, $entity_type = NULL) {
Also...
The function entity_metadata_taxonomy_access() needs to have the last param $entity_type set to a default of NULL.
Changed to this:
function entity_metadata_taxonomy_access($op, $entity = NULL, $account = NULL, $entity_type = NULL) {
Comment #8
wodenx CreditAttribution: wodenx commentedThese are 2 separate issues, and the OP's issue is not addressed in the patch from #7. There is also a 3rd issue - if you use EntityDrupalWrapper::entityAccess() to check 'create' access for a new user entity, you'll get a notice about "unknown property $uid", like:
This is again because the callback doesn't check for its presence. Attached patch rolls all these issues together.
Comment #9
wodenx CreditAttribution: wodenx commentedActually - the same issue exists in the user property access callback as well, so rerolled the patch to include that.
Comment #10
zabelc CreditAttribution: zabelc commentedThis patch seems to work in my development environment. Any chance of committing it so that it's rolled into a release? (I hate to patch prod)
Comment #11
maximpodorov CreditAttribution: maximpodorov commentedThe patch solves the problems and fixes the strange absence of default values of the last arguments of functions.
Comment #12
fgmThe patch still has at least a problem, though: in some circumstances (like when using
restws
module, for example), access (entity_metadata_user_access()
may be called without an entity, to check view access to all entities of the type, as described in theentity_access()
doc. In that case,$entity
is null and the test fails although it is expected to succeed : admins bypass the check and do not see the error, but for other users with theaccess user profiles
permission, the final part of the checkisset($entity) && $entity->status
fails because there is no entity to check, soisset($entity)
isFALSE
. The check should probably be like this instead:Comment #13
fgmRerolled as per #21. Split on two lines to make the operator precedence more readable.
Comment #14
gabrielmachadosantos CreditAttribution: gabrielmachadosantos commentedApplied and tested the #13 patch. It seems to be working properly. +1 RTBC
Comment #15
gabrielmachadosantos CreditAttribution: gabrielmachadosantos commentedAccording to the tests, I'll move it to RTBC.
Comment #16
kopeboy CreditAttribution: kopeboy commentedHow to know when this will be included in a stable release?
I got this error when using an Entity Reference relationship in a view of users
Comment #17
fagoThanks, committed.
Comment #20
sano CreditAttribution: sano as a volunteer commentedI see a similar issue to the one described in #12, when the entity_metadata_taxonomy_access() is called in cases when the $entity object does not exist. Do I need to create a new issue, or can we reopen this one to track this problem? The error message I see is:
Notice: Trying to get property of non-object in entity_metadata_taxonomy_access() (line 827 of /var/www/rovdev/sites/all/modules/entity/modules/callbacks.inc).
The problem can be fixed by adding an isset() check for existence of $entity on line 826. I could produce a patch if desired.
Comment #21
Chris Burge CreditAttribution: Chris Burge commentedRe #20, issue is opened at #3018226: Trying to get property of non-object in entity_metadata_taxonomy_access(). Patch attached to that issue checks for $entity before trying to access its properties.