Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Hey all, I'm not understanding why this resource is returning 403 forbidden for logged in users. I've been pulling my hair out for hours on how to fix this. Here is my setup below.
- Blogs permissions are set to anonymous users and anyone can view them on the site.
- The Resource is set to anonymous users as well and these users can see all publish content on the site.
- Admin or user role with "bypass access control" can view the nodes at site.com/node.json?full=0&limit=10&type=blog just fine
- A logged in normal user gets 403 forbidden
The expectation is that anyone one logged in should be able to see that resource since access control allows all users including anonymous users to view it. Why on earth is the resource blocking users from a simple GET of all nodes of this type? The docs state that it follows the same access control as drupal has set for that resource. Whats the deal here?
Comments
Comment #2
Media Crumb CreditAttribution: Media Crumb commentedComment #3
Media Crumb CreditAttribution: Media Crumb commentedLooks like its related to this
Comment #4
lokapujya