I found that after enabling the og_field_access module to provide improved access to view and update various fields on my content, that some fields (with restricted permissions) would not be saved during a feeds import.
I was importing as a user with all the required permissions to edit/update the fields in question, and could manually make the changes that the import was expected to do.
This user->uid was corrctly being mapped to the content->uid.
The problem appears to be that the function "entitysave($entity)" in file FeedsNodeProcessor.inc is calling the node_save($entity) as the user who is running the import. In my case, this is always the anonymous user, as cron is the trigger for feeds importing.
I believe that the node_save call should be made as the user who is designated as the creator of the node.
The following patch changes the current user to that account for the duration of the node_save call, which fixes the problem in my case.
Comment | File | Size | Author |
---|---|---|---|
#1 | feeds-save-node-as-user-2284743-1.patch | 708 bytes | jlscott |
Comments
Comment #1
jlscott CreditAttribution: jlscott commentedPatch attached.
Comment #2
twistor CreditAttribution: twistor commentedI'm a bit confused by this. I thought field_access() was only called during form-edit and view.
If I'm wrong, at the very minimum this needs:
That said, this is really nasty.
Comment #3
MegaChriz CreditAttribution: MegaChriz commentedWould it help to turn the "Authorize" option off in the node processor settings? This can cause permission issues sometimes with an error message like "User is not authorized to create content type". See also #2175525: User admin is not authorized to create content type.
Comment #4
jlscott CreditAttribution: jlscott commented@twistor. I can confirm that field_access() is called during the node import process. I have used the PhpStorm IDE with Xdebug to step through each instruction and analyse the data changes that occurred.
If there is a more appropriate place to introduce the patch, then I am happy to do that. I am not at all familiar with preparing tests, so that may require assistance from someone else.
@MegaChriz. If the "Authorize" option is turned off, this may result in unwanted node creation, as my import source is from a mailhandler mailbox, so I want to ensure that the sender of each email notification is a valid registered user on the system with permissions to create this node type.
Comment #5
twistor CreditAttribution: twistor commented@jlscott, Would you be able to point me to where field_access() gets called in the import process?
On further review, this could be a useful feature for other reasons as well, but it should be optional. Meaning we should add a configuration option to perform the save as the owner. This should be moved out of NodeProcessor, and probably be added to EntityProcessor as well.