Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.I have a project in which I wanted to give node preview view permissions to field (so anonymous users can preview their nodes) but not give anonymous users actual access to the fields. I was about to work on this on the theme, while I thought that extending field_permissions was not going to be that difficult.
I then thought of submitting a patch for this permissions, but as being too specific, I thought it was hard for it to be accepted.
Instead I modified field_permissions to allow other modules to add permissions and also grant access depending on those permissions, this can make use of all of the module UI which is nice while not altering too much the functionality.
| Comment | File | Size | Author |
|---|---|---|---|
| #10 | body-again-bad.png | 89.9 KB | mariacha1 |
| #10 | body-again-good.png | 72.55 KB | mariacha1 |
| #4 | 1448154-4-field_permissions-allow_module_extensions.patch | 3.8 KB | hanoii |
| #2 | 1448154-2-field_permissions-allow_module_extensions.patch | 4.22 KB | hanoii |
Comments
Comment #1
hanoiiComment #2
hanoiiAttached is a patch that adds one alterer and one hook. The alterer allows other modules to alter the permissions list and the hook allow the modules to grant access to them.
I also added an api php file with documentation, and I use my module for granting view on node preview as an example for it.
Comment #4
hanoiiProperly formatted patch.
Comment #5
Matthew Davidson CreditAttribution: Matthew Davidson commentedWorks like a charm for me. And kudos for updating the documentation; I never think to do that.
Comment #6
drewmacphee CreditAttribution: drewmacphee commentedWorked for me too, can we get a commit?
Comment #7
Bohus UlrychThis new hook functionality works great! It will be nice to have it implemented in the module directly.
Comment #8
ndf CreditAttribution: ndf at Blue Carpet commentedYou can grant permission with this patch for new/custom field-permissions. Though hook_field_access works inverted: if not any module denies, then grant.
field_access()in field.module will deny access for the first module that returns FALSE.Off-course it is nice to grant behaviour, but you cannot trust on it.
So my 2ct is to reverse the behavior, and also give the alterer the option to
We could wait until
field_permissions_field_access()is almost finished, and then invoke the hook where you can change the field_permission before returning it.Comment #10
mariacha1 CreditAttribution: mariacha1 at ThinkShout commentedI've committed this with some changes based on #8:
As @ndf mentions, the concept of returning TRUE and short-circuiting out of the permissions check isn't in keeping with the D7 field access model. The model only cares about when you return FALSE.
I've changed the api function to allow you to further restrict access to permissions, but not to attempt to grant new ones.
This means in a scenario like the one originally described, where I wanted to grant a role permission to view a field, but only on the "teaser" view mode, would need to be implemented in the following way:
Here's an illustration:
Good:
Bad: