Hi, great module from a functionality standpoint, exactly what I wanted. I'm having two issues which I am pretty sure are related hence I'll add them as one.

Upon registering (/user/register) a user who enters a nodeaccess password properly gets the password validated and entered into the DB, however it does not actually grant access until a subsequent submit of /user/#/edit -- no fields need to be altered, just a submit. Feels like some sort of cache that needs to be cleared or created.

Similarly, whenever a node with the password is edited, all the current nodeaccess_password grants are invalidated and any affected user must again submit from /user/#/edit to re-validate themselves. Again, no field changes are required, the data is still there, it is the submission that is required. Also note that as far as I can tell it is only nodeaccess_password that is affected, other access control changes seem to take immediate effect.

Both of these are reasonably significant usability issues, but particularly the registration step because of the users affected. Any thoughts as to what needs to be run to recreate the grants without having each user updating their profile?

FYI: nodeaccess_password is one of many forms of access control on my site and they all seem to interact properly except for the above issue.

Comments

danielb’s picture

danielb commented

change (around line 130) from:
elseif ($op == "after_update") {
to
elseif ($op == "after_update" || $op == "insert") {

Don't know about the problem with editing the node - that seems more complex, because the rights on the node will be updated whether we like it or not. However, if you save the node with the same passwords, I don't see why users should be affected :/

Dave Kinchlea’s picture

Dave Kinchlea commented
Status: Active » Postponed

Thanks,

It took me some time to find the time to test this, sorry, but I got around to it today. No difference as far as I can tell. Upon registering a new user and providing the password they are still denied access until saving their profile, again without modifying the form at all, just saving it.

As I've found another way of attacking the problem, I've removed this from my site for now... I do like the concept a lot however so I'll likely return to this at some future date.

Cheers

danielb’s picture

danielb commented
Status: Postponed » Fixed

Well I've added that change anyway, if it continues to be a problem I'm sure someone will mention it. I have to push this forward or nothing will get done around here - there is not much interest in testing patches around here.

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.