Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
In Drupal Commons an end user needs access to approve or ignore his/her trusted contacts.
Maybe this can be solved in general.
Comment | File | Size | Author |
---|---|---|---|
#14 | 2583303-og_membership-access_check-14.patch | 483 bytes | nplowman |
| |||
#8 | 2583303-og_membership_access_check-8.patch | 514 bytes | slv_ |
#4 | 2583303-og_membership_access_check-4.patch | 699 bytes | slv_ |
Comments
Comment #2
slowflyer CreditAttribution: slowflyer commentedComment #3
slowflyer CreditAttribution: slowflyer commentedComment #4
slv_ CreditAttribution: slv_ commentedThe problem seems a general one to me, indeed. Moving to bug instead of Feature Request. As it stands, the function goes against the permissions available in the UI for groups. Particularly:
So according to that, any user with that permission should be granted access to the membership entity.
Patch attached to solve it.
Comment #6
slv_ CreditAttribution: slv_ commentedDoh... patch correct, but badly created so it won't apply, I'll attach the right one asap T_T.
Comment #7
joelpittet@slv_ just need
--relative
flag inside the og folder I guess for git diff?Comment #8
slv_ CreditAttribution: slv_ commentedLet's see now!
Comment #10
slv_ CreditAttribution: slv_ commentedRight, I'm confident the patch is correct now, and was applied successfully. Problem is there's already a test failing in the branch, which is not related to this patch, but makes the tests fail.
The failing test seems to be there since January -> https://www.drupal.org/pift-ci-job/584179.
This is the test for the patch uploaded in previous comment: https://www.drupal.org/pift-ci-job/605815. Same failure. Marking as needs review, as I suppose it can be RTBC regardless of the other issue.
Comment #11
joelpittetIs there an issue for that failure?
Comment #12
slv_ CreditAttribution: slv_ commentedI've just created it https://www.drupal.org/node/2859078.
It also seems that one was in place from some time ago? Just found this (https://www.drupal.org/node/2770927#comment-11429029).
Comment #13
amitaibuThanks. Yeah, it would be great if you could tackle the failing test. Also, I'd love to have a simpleTest to assert the access change introduced in this patch
Comment #14
nplowman CreditAttribution: nplowman at FFW commentedI'm attaching a re-rolled patch that will apply cleanly on the newest version of the module.
Comment #15
joelpittet@nplowman that doesn't quite look like a re-roll. Did you mean to remove the user_access check?
Comment #16
danyg CreditAttribution: danyg at Cheppers commented@joelpittet Actually og_user_access() does the checking of user_access('administer group'), so I think checking og_user_access is enough and working. (Tested with OG 2.10)