I've confirmed that, upon clicking "Private" and submitting the changes on a page, that the page is indeed private and unavailable to groups without access. The page, however, does not reflect that in the state of the "Private" check box as I edited the page again and found the check box *unchecked*. The page is still private, but there's no way to see that without either digging into the database or testing the page itself with another login.

Comments

straffin’s picture

straffin commented

I believe I've found the problem. When "Private" is installed to an existing site, there are no entries in the "private" table for existing nodes. Only nodes created after the module has been installed end up with rows in the "private" table.

I assume that this is not by design and is indeed a problem that someone will try to fix?

schildi’s picture

schildi commented

duplicate of error described in 138827 ?

Regards
Schildi

v1nce’s picture

v1nce commented

The problem is within the private_nodeapi function. Specifically, if you're editing a node that was created before the private.module was implemented on your site, it will not update the database correctly.

The 'update' case within the private_nodeapi fucntion should have added logic like:

<?php
    case 'update':
      $already_exists = db_result(db_query('SELECT 1 FROM {private} WHERE nid = %d', $node->nid));
      if ($already_exists) {
        db_query('UPDATE {private} SET private = %d WHERE nid = %d', $node->private, $node->nid);
      }
      elseif ($node->private) {
        db_query('INSERT INTO {private} (nid, private) VALUES (%d, %d)', $node->nid, $node->private);
      }
      break;
?>
gracearoha’s picture

gracearoha commented

i have noticed that if i add a new node in a group and set it to private, it does show that node as a "1" in the private table. However, in reality it shows as a public post and both authenticated users who are not members of that group can view it and also anonymous users can view it.

my node access table shows three entries for the node:

602 210 og_subscriber 1 1 1
602 1 example 1 0 0
602 126 example_author 1 1 1

what is this "example" and "example_author" all about?

btw: my admin/og/og setting for visibility of posts is set to:

"Visibility chosen by author/editor using a checkbox on the posting form. Checkbox defaults to Private."
However, in fact, the check box does not default to private.

If i go into the node access table and manually delete the two rows with "example" and "example_author", then the node posting becomes private (only available to users of that group). What can be causing this and how can it be prevented?

eaton’s picture

eaton commented
Status: Active » Closed (works as designed)

"Visibility chosen by author/editor using a checkbox on the posting form. Checkbox defaults to Private."
However, in fact, the check box does not default to private.

That option isn't even being added by private module -- it's part of the Organic Groups module. Different node access mechanisms cannot, presently, coexist on the same node. Use OG, rather than private.module.

The original issue that started this post has been resolved.