Here is what I'm using:

Drupal 7.7
field_collections v7.x-1.x-dev (downloaded last week)
field_permissions v7.x-1.0-alpha1

My symptoms:

- Fields in the collection which are restricted from edit are correctly hidden on a node form to users who don't have those fields' edit permissions
- Fields in the collection which are restricted from view are incorrectly displayed in the rendered node
- Submitting the node edit form, although restricted fields in the collection are not displayed, triggers these undefined index warnings for each restricted field:

Notice: Undefined index: #title in theme_field_collection_table_multiple_value_fields() (line 85 of /blah/blah/blah/sites/all/modules/field_collection_table/theme/theme.inc)

Here are relevant lines I've found in the field_permissions in my own search where this integration may be added:

field_permissions.module
line 115: function field_permissions_field_access($op, $field, $obj_type, $object, $account)
admin/includes/field_access.inc
line 11: function _field_permissions_field_view_access($field_name, $field_permissions, $obj_type, $object, $account)
line 63: function _field_permissions_field_edit_access($field_name, $field_permissions, $obj_type, $object, $account)

Files: 
CommentFileSizeAuthor
#8 interdiff.txt673 bytesmariacha1
#8 field_permissions-add_userid_hook-1284016-8.patch1.43 KBmariacha1
PASSED: [[SimpleTest]]: [MySQL] 296 pass(es).
[ View ]
#6 field_permissions-add_userid_hook-1284016-6.patch1.38 KBmariacha1
FAILED: [[SimpleTest]]: [MySQL] 279 pass(es), 11 fail(s), and 0 exception(s).
[ View ]
#3 permissionsByRole.png157 KBadellefrank
#3 authenticated_view_of_mytype.png8.95 KBadellefrank
#3 administrator_view_of_mytype.png10.19 KBadellefrank
#3 field_collections_permissions_issue.zip4.25 KBadellefrank

Comments

westbywest’s picture

The 2nd symptom described above was resolved by adding field_access awareness to field_collections_table:
http://drupal.org/node/1284042

RobLoach’s picture

Version:7.x-1.0-alpha1» 7.x-1.x-dev
Status:Active» Postponed (maintainer needs more info)

Try update?

adellefrank’s picture

I, too, have found that permissions for VIEWING OWN/EDITING OWN field is not working when that field is a subfield of a field collection.

To reproduce this problem, give View Own/Edit Own permissions to the authenticated user for a field collection "mycollection" and its subfield "subfield1" in a content type's "mytype". I've attached a feature with the setup I described above for testing. This feature uses:

adellefrank’s picture

Status:Postponed (maintainer needs more info)» Needs work

I'm hoping I can move this back into the "needs work" category, since I provided lots more info in comment #3.

DrupalDan’s picture

Version:7.x-1.x-dev» 7.x-1.0-beta2
Category:feature» bug
Status:Needs work» Active

I got a similiar problem. I use the module to restrict access to files that users uploaded. I gave the role author the field permissions to create and view own value for such a field of the collection as "Manuscript", but NOT edit own field for that field. But the author can still edit it like removing it or uploading a new one.

Can anyone please tell me how to fix this? Thanks!

mariacha1’s picture

Title:field_collection integration?» field_collection integration -- add hook for defining entity's owner
Issue summary:View changes
Status:Active» Needs review
StatusFileSize
new1.38 KB
FAILED: [[SimpleTest]]: [MySQL] 279 pass(es), 11 fail(s), and 0 exception(s).
[ View ]

It looks like the major issue here is with function _field_permissions_entity_is_owned_by_account(). It's looking for each entity to have a uid property. Here's the code within the function:

  // Try to get the uid of the entity owner from the entity itself. If it's not
  // set (for example, if the entity type does not store a uid or does not have
  // a concept of "ownership"), we need to assume that the provided user
  // account does not own it.

However, with field collections, there IS no defined uid per entity.

What do you think of adding a hook to allow other modules to modify the assigned userid?
hook_field_permissions_userid_ENTITY_TYPE_alter(&$uid, $entity)

Adding this hook could be the first step to getting field collections to work with field permissions.

Patch attached.

Status:Needs review» Needs work

The last submitted patch, 6: field_permissions-add_userid_hook-1284016-6.patch, failed testing.

mariacha1’s picture

Status:Needs work» Needs review
StatusFileSize
new1.43 KB
PASSED: [[SimpleTest]]: [MySQL] 296 pass(es).
[ View ]
new673 bytes

Sorry, broke tests. New attempt (with diff between it and #6).