node_access_rebuild incorrectly grants everyone access [#841882]

platform: php-5.3.2, mysql-5.1.48, drupal-6.17

I installed the modules domain, domain_adv, nodeaccess, og and some other modules.
After I rebuild the permissions (admin/content/node-settings/rebuild), the anonymous user has access to every node.

mysql> select * from node_access where nid=0;
+-----+-----+-------------------+------------+--------------+--------------+
| nid | gid | realm             | grant_view | grant_update | grant_delete |
+-----+-----+-------------------+------------+--------------+--------------+
|   0 |   0 | domain_all        |          1 |            0 |            0 |
|   0 |   1 | nodeaccess_author |          1 |            1 |            1 |
|   0 |   1 | nodeaccess_rid    |          1 |            0 |            0 |
|   0 |   2 | nodeaccess_rid    |          1 |            0 |            0 |
+-----+-----+-------------------+------------+--------------+--------------+

If I modify the table manualy (delete from node_access where nid=0 and realm="nodeaccess_rid" and gid=1;) the node access for the anonymous user is OK.
What setting should I change?
How can I find the piece of code that sets the grant_view for nid=0, realm=nodeaccess_rid?

Comments

Comment #1

rblomme CreditAttribution: rblomme commented 1 July 2010 at 12:59

Status:

Active

» Closed (fixed)

I had a corrupt entry in the node and node_revisions table (empty title, body, teaser of a filebrowser node):

mysql> select * from node where nid=1992;
+------+-------------+-------+-----+--------+------------+------------+---------+---------+----------+--------+----------+------+------+-----------+
| nid  | type        | title | uid | status | created    | changed    | comment | promote | moderate | sticky | language | vid  | tnid | translate |
+------+-------------+-------+-----+--------+------------+------------+---------+---------+----------+--------+----------+------+------+-----------+
| 1992 | dir_listing |       |   1 |      1 | 1246966950 | 1246966950 |       0 |       0 |        0 |      0 |          | 2085 |    0 |         0 |
+------+-------------+-------+-----+--------+------------+------------+---------+---------+----------+--------+----------+------+------+-----------+
mysql> select * from node_revisions where nid=1992;
+------+------+-----+-------+------+--------+------------+--------+------+
| nid  | vid  | uid | title | body | teaser | timestamp  | format | log  |
+------+------+-----+-------+------+--------+------------+--------+------+
| 1992 | 2085 |   0 |       |      |        | 1246966950 |      0 |      |
+------+------+-----+-------+------+--------+------------+--------+------+

The timestamp is the day when I converted my drupal-4.7 site to 6.13.

I found this corrupt record using the following debug code in node.module:

function node_access_write_grants($node, $grants, $realm = NULL, $delete = TRUE) {
if ( $node->nid == 0 ) {
  dpm($node);
}

The output showed $node->nid was NULL (not 0) at this point and vid=2085.
I removed the record in both tables. After I rebuild the permissions (admin/content/node-settings/rebuild):

mysql> select * from node_access where nid=0;
+-----+-----+------------+------------+--------------+--------------+
| nid | gid | realm      | grant_view | grant_update | grant_delete |
+-----+-----+------------+------------+--------------+--------------+
|   0 |   0 | domain_all |          1 |            0 |            0 |
+-----+-----+------------+------------+--------------+--------------+

Problem solved!