Hi,

One more bug. When you create the field_secured_areas for a content type and you set it to allow multiple term selection, the module doesn't work.

The bug takes place in the AccessCheckService.php file, method names canUserAccessByNodeId().

In this method you have a foreach on each taxonomy term allowed for this content. If the first taxonomy term is not rattached to the current user rights, then the foreach breaks and there is no check for the next taxonomy term (the next role).

This is the actual code :

if (!empty($aReferencedTaxonomyTerms)) {
        foreach ($aReferencedTaxonomyTerms as $aReferencedTerm) {

          if (isset($aReferencedTerm['target_id']) &&
            $this->isAccessAllowedByDatabase($aReferencedTerm['target_id']) === TRUE
          ) {
            return TRUE;
          }

          if (!isset($user_is_allowed_to_view)) {
           return FALSE;
          }

        }
      }

And the quick fix :

      if (!empty($aReferencedTaxonomyTerms)) {

        $user_is_allowed_to_view = FALSE;
        foreach ($aReferencedTaxonomyTerms as $aReferencedTerm) {

          if (isset($aReferencedTerm['target_id']) &&
            $this->isAccessAllowedByDatabase($aReferencedTerm['target_id']) === TRUE
          ) {
            $user_is_allowed_to_view = TRUE;
          }

        }
        return $user_is_allowed_to_view;
      }
        
      return TRUE;

Best regards,

Comments

Smiff created an issue. See original summary.

Smiff’s picture

Smiff commented
Component: User interface » Code
Smiff’s picture

Smiff commented
Issue summary: View changes
Smiff’s picture

Smiff commented
Issue summary: View changes

  • f7b3ac1 committed on 8.x-1.x 
    Issue #2761563 by Smiff: Fixed "Multiple roles".
jepster_’s picture

jepster_
Location 🇩🇪Düsseldorf
commented
Status: Active » Closed (fixed)

Thanks Smiff for your bug report. I have fixed the issue in the dev branch. Afterwards I have created a bugfix release together with your second bug report.