The View Access plugin "Og Permission" doesn't seem to limit access at all. From my debugging it seems to be missing the function get_access_callback. Instead it uses the one that was inherited by the class views_plugin_access which always returns TRUE. I'm not 100% sure how the og_context_plugin_access_og_perm extends::access falls into this picture (probably need to talk to merlinofchaos about that, But it seems to be called by the display plugin after the menu access check. Probably for those views that don't use the menu like blocks and what not...

Anyway... This is the exact same issue in #1606990: Wsod using OG access permission in Views page display but or 7.x-1.x-dev

#7 og-fix_og_context_og_permission_views_access_plugin-1784570-7.patch6.05 KBBassistJimmyJam
PASSED: [[SimpleTest]]: [MySQL] 996 pass(es). View
#5 og-fix_og_context_og_permission_views_access_plugin-1784570-5.patch6 KBBassistJimmyJam
PASSED: [[SimpleTest]]: [MySQL] 998 pass(es). View
#3 og-fix_og_context_og_permission_views_access_plugin-1784570-3.patch5.33 KBBassistJimmyJam
PASSED: [[SimpleTest]]: [MySQL] 1,002 pass(es). View
#1 og-fix_og_context_og_permission_views_access_plugin-1784570-1.patch3.61 KBgeneralredneck
PASSED: [[SimpleTest]]: [MySQL] 1,000 pass(es). View


generalredneck’s picture

Status: Active » Needs review
3.61 KB
PASSED: [[SimpleTest]]: [MySQL] 1,000 pass(es). View

I've created a patch that will fix this problem. It's a very close replication to comment 10 in #1606990: Wsod using OG access permission in Views page display. I plan to extend the patch a little to accept either gid or eid, but at the moment, it just takes eid. Additionally, I would like to replace the entity Argument with tokens... just haven't figured that one out yet.

BassistJimmyJam’s picture

BassistJimmyJam’s picture

5.33 KB
PASSED: [[SimpleTest]]: [MySQL] 1,002 pass(es). View

Re-rolled a new patch that addresses a few issues, not including the ones in my previous comment:

  1. Fixed _og_context_views_page_access() docblock to include parameter types.
  2. Added missing @return to _og_context_views_page_access() docblock.
  3. Removed defaults for required parameters in _og_context_views_page_access().
  4. Added option for how to handle multiple groups found from the specified argument. Options include verify access to all groups and verify access to only the first group.
glennpratt’s picture

+++ b/og_context/og_context.moduleundefined
@@ -568,3 +568,50 @@ function _group_context_handler_entity($entity_type = 'node', $entity = NULL, $p
+ *   - first: Verify that the user has the specified permission in only the ¶

Trailing whitespace.

BassistJimmyJam’s picture

6 KB
PASSED: [[SimpleTest]]: [MySQL] 998 pass(es). View

A few additional changes:

  1. Fixed trailing whitespace from #4.
  2. Added missing commas on the last index of multi-line arrays.
  3. Added support for group entities when selecting the expected entity type of the argument.
randallknutson’s picture

Thanks for solving this issue for me! One quick note on the patch is that the example says:

"Entity ID (Entity forming the group you want) position accessed with the arg() function. e.g If your dynamic path is "node/%/overview" to choose "2" like "arg(2)"

but in reality that should be arg(1) which caused some debugging headaches.

BassistJimmyJam’s picture

6.05 KB
PASSED: [[SimpleTest]]: [MySQL] 996 pass(es). View

Thanks for pointing that out. I have fixed the example and made the description of the setting a little clearer to help avoid confusion.

rv0’s picture

Status: Needs review » Reviewed & tested by the community

Thanks, is working perfect for me

NWOM’s picture

Status: Reviewed & tested by the community » Needs work

Sadly no longer works with the most recent dev. It appears that the handler has been split into two files since then, with the first part of the patch already implemented.

An update would be amazing. Thanks in advance.

vistree’s picture

Issue summary: View changes

Is this working right now?
What do I have to set as views permission? Is "Access: Permission | View published content" fine?
I need to limit views display on users beeing member of the content's group!!