Hello! It peferctly work for admin user. But it dont want save image into file input. Just create a node without image (empty field)
Please tell me how to repair it?

CommentFileSizeAuthor
#16 Screen Shot 2016-11-11 at 9.16.16 AM.png24.26 KBicicleking
#15 anonymous_users_can_add_canvas_images-2803343-15.patch1.41 KBrbayliss
#14 Screen Shot 2016-11-09 at 2.43.31 PM.png37.04 KBicicleking
#13 anonymous_users_can_add_canvas_images-2803343-13.patch563 bytesjosephleon
#12 anonymous_users_can_add_canvas_images-2803343-12.patch687 bytesjosephleon
#10 anonymous_users_can_add_canvas_images-2803343-10.patch687 bytesjosephleon

Comments

parkout created an issue. See original summary.

icicleking’s picture

icicleking commented

I was able to anonymously add canvas field content by allowing anonymous creation of the content type on which the canvas field was placed. /admin/people/permissions
As a caution I'll quote from the module page:

This module is no more secure than uploading a file through your browser. Because of this, it is advisable to use caution and not make this feature available to anonymous users.

Emphasis mine.

rbayliss’s picture

rbayliss commented

Thanks for checking, icicleking. parkout, can you give any more details that would help in replicating this issue?

parkout’s picture

parkout commented

Hello, yes i have placed permitions for them. Anonymous users can create a page, but field is empty. If user login it starts work correctly.
What information i can give you to help me solve this problem?

parkout’s picture

parkout commented

Hello! Please need your help. I have understood why empty field. I set field "requaried" and now when anonym draw something and click save he got error "please fill field, it is empty"
Something with encode64 ? very need help!

parkout’s picture

parkout commented

The problem still here( Please help

icicleking’s picture

icicleking commented

I was able to recreate this issue.

Desired behavior:

Anonymous users can create a node with a canvas field.

Steps:

  1. Enable canvas_field module.
  2. Add image field to content type, use the Canvas Field widget.
  3. Go to `/admin/people/permissions` and check the ": Create new content" for Anonymous
  4. Log out and go to `/node/add/`
  5. Create and save node with image drawn on the canvas.
  6. View node, canvas image does not appear on the page.

NOTE:
The image is uploaded to the `/default/files` directory/

parkout’s picture

parkout commented

Yes! You write all right. No images appear.
And if u check this canvas field 'requared' than u even cant save page, because it get error "empty" field

josephleon’s picture

josephleon commented

Followed the directions in comment #7 and was able to replicate the issue. I think the issue lies somewhere with the file module and how it handles anonymous users. Devel spits out the same data being passed into the function file_save_data() which is a function in the file module.

josephleon’s picture

josephleon commented
StatusFileSize
new anonymous_users_can_add_canvas_images-2803343-10.patch687 bytes

This patch sets the file status to 1 and also uses the function file_usage_add which creates the link with the file and the module.

https://api.drupal.org/api/drupal/includes%21file.inc/function/file_usag...

josephleon’s picture

josephleon commented
Status: Active » Needs review
josephleon’s picture

josephleon commented
StatusFileSize
new anonymous_users_can_add_canvas_images-2803343-12.patch687 bytes

Uploading patch created from module instead of root.

josephleon’s picture

josephleon commented
StatusFileSize
new anonymous_users_can_add_canvas_images-2803343-13.patch563 bytes

Fixed the paths (was still incorrect in #12)

icicleking’s picture

icicleking commented
Status: Needs review » Reviewed & tested by the community
StatusFileSize
new Screen Shot 2016-11-09 at 2.43.31 PM.png37.04 KB

the patch works for anonymous users

rbayliss’s picture

rbayliss commented
Status: Reviewed & tested by the community » Needs review
StatusFileSize
new anonymous_users_can_add_canvas_images-2803343-15.patch1.41 KB

Nice find on why this is happening! Looking a little closer, Drupal creates a token for anonymous user uploads, and if that token isn't present for temporary files, it ignores any attempts to save it to a filefield. Rather than creating a file_usage record prematurely (this is supposed to happen later on in file_field_insert()), I think we should just create a token to allow the user to save the file. Patch attached. @icicleking, @josephleon, can you give this a try and make sure it works?

icicleking’s picture

icicleking commented
Status: Needs review » Reviewed & tested by the community
StatusFileSize
new Screen Shot 2016-11-11 at 9.16.16 AM.png24.26 KB

@rbayliss the last patch works as expected.

  • rbayliss committed fd77c73 on 7.x-1.x authored by josephleon 
    Issue #2803343 by josephleon, rbayliss, icicleking: Not work for...
rbayliss’s picture

rbayliss commented
Status: Reviewed & tested by the community » Fixed

Awesome. Committed and should be available in the latest dev release shortly. Thank you all!

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.