Reproduce:
- drupal core: 8.2.5
- Permissions by Term: 8.x-1.13
- Create new user
- user logged in successfully
- when user try to access any page he gets 403 error and this kind of notice bellow (Undefined variable: grants,..) is created in report.
This can be fix with with "Rebuild permissions" but this can not be run for every new user created,...
There was similar issue, but I am not sure those are connected:
https://www.drupal.org/node/2841686
Notice: Undefined variable: grants in Drupal\permissions_by_term\AccessStorage->getGidsByRealm() (line 480 of mywebsite.dev/www/modules/permissions_by_term/src/AccessStorage.php) #0 mywebsite.dev/www/core/includes/bootstrap.inc(548): _drupal_error_handler_real(8, 'Undefined varia...', 'mywebsite.dev...', 480, Array) #1 mywebsite.dev/www/modules/permissions_by_term/src/AccessStorage.php(480): _drupal_error_handler(8, 'Undefined varia...', 'mywebsite.dev...', 480, Array) #2 mywebsite.dev/www/modules/permissions_by_term/permissions_by_term.module(208): Drupal\permissions_by_term\AccessStorage->getGidsByRealm('permissions_by_...') #3 [internal function]: permissions_by_term_node_grants(Object(Drupal\Core\Session\AccountProxy), 'view') #4 mywebsite.dev/www/core/lib/Drupal/Core/Extension/ModuleHandler.php(402): call_user_func_array('permissions_by_...', Array) #5 mywebsite.dev/www/core/modules/node/node.module(954): Drupal\Core\Extension\ModuleHandler->invokeAll('node_grants', Array) #6 mywebsite.dev/www/core/modules/node/src/NodeGrantDatabaseStorage.php(101): node_access_grants('view', Object(Drupal\Core\Session\AccountProxy)) #7 mywebsite.dev/www/core/modules/node/src/NodeAccessControlHandler.php(107): Drupal\node\NodeGrantDatabaseStorage->access(Object(Drupal\node\Entity\Node), 'view', Object(Drupal\Core\Session\AccountProxy)) #8 mywebsite.dev/www/core/lib/Drupal/Core/Entity/EntityAccessControlHandler.php(93): Drupal\node\NodeAccessControlHandler->checkAccess(Object(Drupal\node\Entity\Node), 'view', Object(Drupal\Core\Session\AccountProxy)) #9 mywebsite.dev/www/core/modules/node/src/NodeAccessControlHandler.php(68): Drupal\Core\Entity\EntityAccessControlHandler->access(Object(Drupal\node\Entity\Node), 'view', Object(Drupal\Core\Session\AccountProxy), true) #10 mywebsite.dev/www/core/lib/Drupal/Core/Entity/ContentEntityBase.php(593): Drupal\node\NodeAccessControlHandler->access(Object(Drupal\node\Entity\Node), 'view', Object(Drupal\Core\Session\AccountProxy), true) #11 mywebsite.dev/www/core/modules/node/src/Entity/Node.php(182): Drupal\Core\Entity\ContentEntityBase->access('view', Object(Drupal\Core\Session\AccountProxy), true) #12 mywebsite.dev/www/core/lib/Drupal/Core/Entity/EntityAccessCheck.php(61): Drupal\node\Entity\Node->access('view', Object(Drupal\Core\Session\AccountProxy), true) #13 [internal function]: Drupal\Core\Entity\EntityAccessCheck->access(Object(Symfony\Component\Routing\Route), Object(Drupal\Core\Routing\RouteMatch), Object(Drupal\Core\Session\AccountProxy)) #14 mywebsite.dev/www/core/lib/Drupal/Core/Access/AccessManager.php(163): call_user_func_array(Array, Array) #15 mywebsite.dev/www/core/lib/Drupal/Core/Access/AccessManager.php(139): Drupal\Core\Access\AccessManager->performCheck('access_check.en...', Object(Drupal\Component\Utility\ArgumentsResolver)) #16 mywebsite.dev/www/core/lib/Drupal/Core/Access/AccessManager.php(112): Drupal\Core\Access\AccessManager->check(Object(Drupal\Core\Routing\RouteMatch), Object(Drupal\Core\Session\AccountProxy), Object(Symfony\Component\HttpFoundation\Request), true) #17 mywebsite.dev/www/core/lib/Drupal/Core/Routing/AccessAwareRouter.php(102): Drupal\Core\Access\AccessManager->checkRequest(Object(Symfony\Component\HttpFoundation\Request), Object(Drupal\Core\Session\AccountProxy), true) #18 mywebsite.dev/www/core/lib/Drupal/Core/Routing/AccessAwareRouter.php(87): Drupal\Core\Routing\AccessAwareRouter->checkAccess(Object(Symfony\Component\HttpFoundation\Request)) #19 mywebsite.dev/www/vendor/symfony/http-kernel/EventListener/RouterListener.php(154): Drupal\Core\Routing\AccessAwareRouter->matchRequest(Object(Symfony\Component\HttpFoundation\Request)) #20 mywebsite.dev/www/core/lib/Drupal/Component/EventDispatcher/ContainerAwareEventDispatcher.php(111): Symfony\Component\HttpKernel\EventListener\RouterListener->onKernelRequest(Object(Symfony\Component\HttpKernel\Event\GetResponseEvent), 'kernel.request', Object(Drupal\Component\EventDispatcher\ContainerAwareEventDispatcher)) #21 mywebsite.dev/www/vendor/symfony/http-kernel/HttpKernel.php(120): Drupal\Component\EventDispatcher\ContainerAwareEventDispatcher->dispatch('kernel.request', Object(Symfony\Component\HttpKernel\Event\GetResponseEvent)) #22 mywebsite.dev/www/vendor/symfony/http-kernel/HttpKernel.php(62): Symfony\Component\HttpKernel\HttpKernel->handleRaw(Object(Symfony\Component\HttpFoundation\Request), 1) #23 mywebsite.dev/www/core/lib/Drupal/Core/StackMiddleware/Session.php(57): Symfony\Component\HttpKernel\HttpKernel->handle(Object(Symfony\Component\HttpFoundation\Request), 1, true) #24 mywebsite.dev/www/core/lib/Drupal/Core/StackMiddleware/KernelPreHandle.php(47): Drupal\Core\StackMiddleware\Session->handle(Object(Symfony\Component\HttpFoundation\Request), 1, true) #25 mywebsite.dev/www/core/modules/page_cache/src/StackMiddleware/PageCache.php(99): Drupal\Core\StackMiddleware\KernelPreHandle->handle(Object(Symfony\Component\HttpFoundation\Request), 1, true) #26 mywebsite.dev/www/core/modules/page_cache/src/StackMiddleware/PageCache.php(78): Drupal\page_cache\StackMiddleware\PageCache->pass(Object(Symfony\Component\HttpFoundation\Request), 1, true) #27 mywebsite.dev/www/core/lib/Drupal/Core/StackMiddleware/ReverseProxyMiddleware.php(47): Drupal\page_cache\StackMiddleware\PageCache->handle(Object(Symfony\Component\HttpFoundation\Request), 1, true) #28 mywebsite.dev/www/core/lib/Drupal/Core/StackMiddleware/NegotiationMiddleware.php(50): Drupal\Core\StackMiddleware\ReverseProxyMiddleware->handle(Object(Symfony\Component\HttpFoundation\Request), 1, true) #29 mywebsite.dev/www/vendor/stack/builder/src/Stack/StackedHttpKernel.php(23): Drupal\Core\StackMiddleware\NegotiationMiddleware->handle(Object(Symfony\Component\HttpFoundation\Request), 1, true) #30 mywebsite.dev/www/core/lib/Drupal/Core/DrupalKernel.php(652): Stack\StackedHttpKernel->handle(Object(Symfony\Component\HttpFoundation\Request), 1, true) #31 mywebsite.dev/www/index.php(19): Drupal\Core\DrupalKernel->handle(Object(Symfony\Component\HttpFoundation\Request)) #32 {main}.
Comments
Comment #2
zanvidmar CreditAttribution: zanvidmar as a volunteer commentedComment #3
Peter MajmeskuThanks for reporting. The node grants permission rebuild on user/node/term creation fix will come soon via 8.x-1.14.
Comment #5
Peter MajmeskuFixed in 8.x-1.14 release. Please re-open this issue, if the problem still persists. Thanks for reporting this issue.
Comment #7
DFeichtinger CreditAttribution: DFeichtinger commentedI'm afraid I'm still seeing the same with:
Drupal Core: 8.2.6
Permissions by Term: 8.x-1.16
Also applies if a user resets their password.
Looks like the
permissions_by_term_node_presave
function was removed in the commit following the fix due to another issue — perhaps it was needed? I'm taking a look and I'll update if I find anything but I'm unfamiliar with the codebase so any pointers as to what might be happening would be great.Comment #8
DFeichtinger CreditAttribution: DFeichtinger commentedLooks like there are 2 issues;
1.
$grants
needs to be initialized ingetGidsByRealm
2. The lines:
don't seem to work. Replacing with the older:
fixes things for me, but I assume that call was removed for a reason.
Comment #9
lias CreditAttribution: lias commentedDitto on having to rebuild permissions for each new user given Permissions by Term.
New users that apply the one time login link also hit this issue.
As @DFeichtinger stated, should the code he posted be used to fix this or will this do damage elsewhere?
Replacing with the older:
node_access_rebuild();
fixes things for me, but I assume that call was removed for a reason.
This deny error makes the module unusable.
Comment #10
Peter Majmeskunode_access_rebuild(); has been removed for performance purpose. You do not want to update the entire node access records registry, when you are updating one user.
There has been a bug in querying the database. No nodes has been retrieved, when the user has been updated (like password reset) in modules/permissions_by_term/permissions_by_term.module:267. I have updated the latest dev version. Please test the dev branch one time. You can download a copy here: https://www.drupal.org/project/permissions_by_term/releases/8.x-1.x-dev. After you confirm, that this update fixes your issue, I will patch the PbT release.
You can see the changes here (I have removed also a lot of useless tests): http://cgit.drupalcode.org/permissions_by_term/commit/?id=b61c29bf3da1db...
Comment #11
lias CreditAttribution: lias commentedThank you @jepSter for the quick response and your updates to the dev version you linked seemed to have fixed the issue.
Comment #12
Peter MajmeskuThe bugfix has been released 8.x-1.17. Thanks for your support.