I've found that attempting to add a piece of content to a book after initially saving it causes and unexpected "Access Denied" error.
The bug arises from the following steps:
1.) Create a piece of content that can potentially be added to a Book (but don't add it to a book) and save it.
2.) Edit the piece of content from step 1. and on the edit form select "<create new book>" on the Book Outline tab and save.
3.) Log out and visit the content (or visit the content in another browser in which you are not logged in) and you will see the "Access Denied" page.
This only seems to occur when you add the content to a book after saving it initially. Going into the Book Access tab afterwards and clicking "Save Configuration" corrects the problem.
What I've found by examining the problem is that the node_access table isn't being properly updated in this scenario, but I can't figure out why.
What I've found is that the node_access table only gets the record for the book_access_author realm, and the book_access_role realm items never seem to get generated.
My guess is that something is going wrong in BookAccess::writeGrantRecords, but I can't figure it out. The call to node_access_write_grants isn't functioning properly.
Having users click "Save Configuration" on the Book Access tab is a workaround for the problem, but it it causing some confusion.
Can I get any help in figuring out what's going wrong here? Thanks in advance.
EDIT: I've found that the problem is actually caused by a problem in book_access_node_update and BookAccess::addRoleGrants.
In book_access_node_update, the name for the variables storing the default role access weren't being generated properly and the $grants array being passed to the BookAccess::addRoleGrants wasn't formatted properly. Also, the check in BookAccess::addRoleGrants needed to make sure that the array indices were actually set before attempting to reference a value.
I've added a patch that seems to clear it up. I'd be grateful if someone could test it out.
| Comment | File | Size | Author |
|---|---|---|---|
| #5 | 0001-Fixes-book_access_default_role-issue.patch | 779 bytes | zooney |
Comments
Comment #1
zooney commentedComment #2
zooney commentedI've found the actual issue... it was actually a bug that wasn't properly creating the grants array being passed to BookAccess::addRoleGrants.
Comment #3
zooney commentedComment #5
zooney commentedComment #6
zooney commentedI just modified the patch slightly, I'm not sure if the first change was really necessary... I'm also not entirely sure why the patch is failing the automated test...
Comment #10
mxr576I can confirm, that the published patch is working and as I can see, the problem is in the test, because the test is always failing with or without the patch. (You can check this on simplytest.me easily.) Sadly, I could not find out where is the problem in the test.
Regards, mxr576
Comment #11
joseph.olstadFixed, thanks everyone.
as for the test, can open a new issue for fixing the HEAD tests.