Install
Works with Drupal: 7.xUsing Composer to manage Drupal site dependencies
Downloads
Release notes
Fixes References - Critical - Unsupported - SA-CONTRIB-2017-38
- Issue #2075409 by timaholt: Added UUID/Deploy support locally in the References project.
- Issue #2065759 by vladimir-m: Message 'is not a valid node id for this field.
- Issue #2077439 by marcingy: Fixed Validation callbacks can result in an unneed db query due to a cache miss.
- Issue #2019063 by marcingy: Fixed Nids are needless added to a dynamic query when user has certain permissions.
- Issue #1504112 by jarrodirwin | alexverb: Title mismatch. Please check your selection (Error text should be more helpfull).
- Issue #2082187 by stamina: Added New search method for autocomplete.
Thanks to Dropsolid for providing the time to help out getting this module released and to all others who have helped get it this far.
Caution to those who upgrade:
User 1 can always select all content. Eg, unpublished nodes. When a content editor with different permissions opens the edit page it will still see the title of the content it does not have access to. When that user with fewer permissions compared to user 1 tries to save the entity it will also fail to validate properly due to the access check it runs. See the invalid value state in the steps above. This makes the whole patch a bit difficult as it might cause for more friction and have unintended side effects.
Users with edit permissions for a specific entity and with permissions to edit a specific field will always see the title of the referenced node as entered by the user that saved that entity before. Caution is warranted when using this release in existing workflows where different roles can edit the same node but might see different content.