Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
I have a view that displays the voting widget that is associated with a node type using the "VotingAPI percent vote result" field.
In the view the permissions are ignored and the widget allows votes to be made. I assume that it should not allow votes and display the static widget if the return of user_access('rate content') is false.
Comments
Comment #1
quicksketchThanks, this indeed sounds like a bug.
Comment #2
CoolDreamZ CreditAttribution: CoolDreamZ commentedI have the same issue using the Bonus Grid view with a widget embedded in each grid cell. It gives the appearance of a vote for an anonymous user (which is not actually saved as far as I can see)
Comment #3
CoolDreamZ CreditAttribution: CoolDreamZ commentedAn update on this, the widget also displays even if Fivestar is not configured for the related content type
Comment #4
leenwebb CreditAttribution: leenwebb commentedSubscribing -- I have this same issue; I'm displaying "VotingAPI percent vote value" in my Bonus Grid view, and even though I have fivestar set to never allow anonymous voting, it's letting anonymous users vote.
(I think that's it not actually saving the vote, but I want it to have the same behavior it has on the actual node page -- to just display the votes thus far and not show any rollover behavior at all.)
Comment #5
leenwebb CreditAttribution: leenwebb commentedIn the spirit of trying to make developers cry, I'm posting my hack-tastic workaround for this bug. It is gross, but it works!
In fivestar.module, down way at the bottom around line #1510, I edited the two functions "fivestar_views_widget_compact_handler" and "fivestar_views_widget_normal_handler" like so:
Ouch. My anonymous vote interval is "never", which is functionally equivalent to being logged in (AKA having a UID of something other than 0). I couldn't figure out how to grab anonymous vote interval, so I grabbed $user instead.
If a user is logged in, they get to vote. If the user isn't logged in, they can see the stars but can't vote.
I was desperate to use Fivestar in some views, so if you are too, feel free to use this code. Hopefully before too long a Fivestar developer will come up with a real solution and save me from myself.
Comment #6
quicksketchThis has been fixed in both the Drupal 5 and 6 versions of the module, it'll be included in 1.14.
D6: http://cvs.drupal.org/viewvc.py/drupal/contributions/modules/fivestar/fi...
D5: http://cvs.drupal.org/viewvc.py/drupal/contributions/modules/fivestar/fi...
Comment #7
Anonymous (not verified) CreditAttribution: Anonymous commentedAutomatically closed -- issue fixed for two weeks with no activity.