Missing content in Views after update to 8.x-1.0-rc1

I think this really should be called out in the release notes for RC1, no doubt this will impact other Drupal sites.

Hmm well the only thing that changed in an update hook was a new property being added to group types. I'd be surprised if that caused Search API indexes to fail, but I'm not familiar at all with the inner workings of Search API in D8.

My guess is the node access rights got rebuilt but the search index was not told about this. So while I'll add a link to this issue in the RC1 notes, please try and get to the bottom of this so it can be fixed in either Search API or Group.

Updated the release notes, see: https://www.drupal.org/project/group/releases/8.x-1.0-rc1 Please move this to the Search API queue if you figure the problem lies there. I'm following the issue now so I'll have a look at it from time to time.

This sounds an awful lot like a core bug I spent a long time working on several years ago, that still is not committed: #1349080: node_access filters out accessible nodes when node is left joined. It's a bug in the way node access alters any query which uses it -- if the query has a join table that has the node table appear more than once, the grants get applied entirely incorrectly.

If this is indeed the root cause, there are two approaches you can take:

1. workaround of "Disable SQL Rewriting" under Other -> Query Options -- note that if there are other query alter modules beyond node access you will need to deal with those, and you also need to add your own access protection as filters to the view itself, because the node access rules are getting entirely bypassed by the view...

2. Apply a patch from that issue.

Cheers,
John

Patch from #1349080 works fine, thanks!

Let's warm this up:

Steps to reproduce:

1. Install drupal 8.7.2 / 8.x-1.0-rc3
2. Create role "manager" (or so) with the following permissions:
- Article: Edit any content
- Access the Content overview page
- Use the administration pages and help
3. Add an article to a group
4. Login as manager and see that the article you just added to the group is not listed under /admin/content
5. But you can edit the node through /node/edit/nid (just to check that everything is set up correctly)

Workarounds mentioned by freelock

1. Disable sql rewrite does work but yeah, we might not really want that...
2. On another instance with a lot of modules I tested #1349080-426: node_access filters out accessible nodes when node is left joined, which does not help.

but when logged in as a standard member of the Group, even though nodes that should be displayed are assigned to the group as well as my user, I don't see any content.

If I understand this correctly this is different from the steps I outlined above? The steps above are not about content and user being in the same group but a user not in the group having access to nodes with group relation not showing in views.

I think I'm having a similar issue now. Perhaps my issue is a duplicate of this, but I'm not sure: https://www.drupal.org/project/group/issues/3182228

Did anyone have any luck in resolving this?

Is there any way to bump this up in priority? It seems like a big issue like this, being around for two years, warrants attention at some point.

Bumping up issues that haven't seen activity for over a year and were about a really old version (RC1) is generally not a great idea. It might be better to close this one as outdated and open a support issue with your findings or use the search function to find a more relevant issue.

Node access has changed a lot in Group since 1.0 so there's a big chance this issue is outdated now.

@kristiaanvandeneynde Got it. Thanks.

I didn't see anything specifically related, so I created a new issue: https://www.drupal.org/project/group/issues/3182228