Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.I'm using 6.x-1.0, but the bug is in the dev version as well.
In this function:
function user_relationship_limits_user_limit($rtid, $user) {
//default to no restrictions if we don't find anything
$user_limit = 0;
//Go through each role of the user, find the max allowed limit
foreach ($user->roles as $key => $value) {
//Find role limit and add it to our array
$user_role_limit = user_relationship_limits_role_limit($rtid, $key);
//if there's no value for any role, no restrictions and there's nothing else to check below
if (empty($user_role_limit)) {
return;
}
//keep resetting this value to the highest value we've found
$user_limit = max($user_limit, $user_role_limit);
}
return $user_limit;
}
This check screws everything up:
//if there's no value for any role, no restrictions and there's nothing else to check below
if (empty($user_role_limit)) {
return;
}
I have a relationship type that authenticated users aren't allowed to create. I have a VIP role and I've set a limit of 1 relationship for that role. When that foreach goes through each role it begins with the authenticated role and checks for a role limit on that role, but there isn't one and the function returns nothing thus granting everyone unlimited relationships of that type.
I'm not sure what that check is supposed to do, but just removing it makes everything work as it should.
| Comment | File | Size | Author |
|---|---|---|---|
| #3 | anon-unlimited-1194116.patch | 772 bytes | mrf |
Comments
Comment #1
TwiiK CreditAttribution: TwiiK commentedI think there's also a bug with the "Include relationships pending approval in totals?" setting.
If checked it will count all currently pending relationship, including the one I'm trying to accept, and when I have the limit set to 1 it won't allow me any relationships of that type. It should only count other pending relationships and not the one you're currently trying to accept.
I haven't got a suggested fix for you and I'm sorry that I'm unable to create patches for these issues, but I have a tight deadline and very little time to spare. :)
Comment #2
mrf CreditAttribution: mrf commentedOk, I think I've grasped what is happening here, but I'm at a loss for a good way to fix it.
Problem is that 'authenticated user' is a special role that applies to everyone. If a user has two custom roles one with unlimited relationships and one has a smaller limit you would want to default to unlimited, but that is not always the case with authenticated.
I guess the only way to fix this would be to treat authenticated as a special case that will not override other relationships, but I could see to this leading to confusion from someone who expects authenticated to work correctly.
Comment #3
mrf CreditAttribution: mrf commentedOk, came up with a solution I can live with, here's a patch, and this has also been committed to the latest dev. Fix is also in 7.x