I found that after enabling the og_field_access module to provide improved access to view and update various fields on my content, that some fields (with restricted permissions) would not be saved during a feeds import.

I was importing as a user with all the required permissions to edit/update the fields in question, and could manually make the changes that the import was expected to do.

This user->uid was corrctly being mapped to the content->uid.

The problem appears to be that the function "entitysave($entity)" in file FeedsNodeProcessor.inc is calling the node_save($entity) as the user who is running the import. In my case, this is always the anonymous user, as cron is the trigger for feeds importing.

I believe that the node_save call should be made as the user who is designated as the creator of the node.

The following patch changes the current user to that account for the duration of the node_save call, which fixes the problem in my case.

CommentFileSizeAuthor
#1 feeds-save-node-as-user-2284743-1.patch708 bytesjlscott
Support from Acquia helps fund testing for Drupal Acquia logo

Comments

jlscott’s picture

jlscott CreditAttribution: jlscott commented
FileSize
feeds-save-node-as-user-2284743-1.patch708 bytes

Patch attached.

twistor’s picture

twistor CreditAttribution: twistor commented
Status: Active » Needs work
Issue tags: -Organic Groups +Needs tests

I'm a bit confused by this. I thought field_access() was only called during form-edit and view.

If I'm wrong, at the very minimum this needs:

  • Tests
  • To be moved to FeedsProcessor
  • To check the return value of user_load()

That said, this is really nasty.

MegaChriz’s picture

MegaChriz CreditAttribution: MegaChriz commented

Would it help to turn the "Authorize" option off in the node processor settings? This can cause permission issues sometimes with an error message like "User is not authorized to create content type". See also #2175525: User admin is not authorized to create content type.

jlscott’s picture

jlscott CreditAttribution: jlscott commented

@twistor. I can confirm that field_access() is called during the node import process. I have used the PhpStorm IDE with Xdebug to step through each instruction and analyse the data changes that occurred.

If there is a more appropriate place to introduce the patch, then I am happy to do that. I am not at all familiar with preparing tests, so that may require assistance from someone else.

@MegaChriz. If the "Authorize" option is turned off, this may result in unwanted node creation, as my import source is from a mailhandler mailbox, so I want to ensure that the sender of each email notification is a valid registered user on the system with permissions to create this node type.

twistor’s picture

twistor CreditAttribution: twistor commented
Title: Field permissions prevents saving of some content » Allow saving of entities as the entity owner
Category: Bug report » Feature request

@jlscott, Would you be able to point me to where field_access() gets called in the import process?

On further review, this could be a useful feature for other reasons as well, but it should be optional. Meaning we should add a configuration option to perform the save as the owner. This should be moved out of NodeProcessor, and probably be added to EntityProcessor as well.