node_access should cache by vid and not nid.
The problem exists in workflow systems, where the published node is different than the draft node, and where the node access for each might be different. For example, the published node might be viewable by all, but the draft node might only be viewable by document authors, editors, publishers, etc... This later group of people are not super-users, so they don't get 'bypass node access' permission, but through some hook_node_access(), they do have access to unpublished/draft revisions. In this use case, we can not cache by nid, but must cache by vid.
This problem is in node_access() and is not the same problem in, which is specific to _node_revision_access().
I think that this problem is already solved in Drupal 8 through the use of entity->uuid().
|PASSED: [[SimpleTest]]: [MySQL] 40,753 pass(es). |
[ View ]
|FAILED: [[SimpleTest]]: [MySQL] Unable to apply patch core-node-access.patch. Unable to apply patch. See the log in the details link for more information. |
[ View ]