This project is not covered by Drupal’s security advisory policy.
This module "fixes" access to unpublished nodes in Views.
[A1] An ordinary user (without "bypass node access" permission) cannot "access" unpublished nodes, except users with permissions 'view own unpublished content' can access their own.
Default Drupal
[A2] In default Drupal, an ordinary user can access all unpublished nodes in Views if there is no filter to prevent it.
Caution: A2 != A1
Node Grants
Drupal provides a node access control mechanism called "node grants". It is disabled by default, and automatically enabled as soon as any module requires it (by implementing hook_node_grants).
[A3] With node grants enabled, an ordinary user cannot access any unpublished nodes in Views.
Caution: A3 != A1, A3 != A2
This module
[A4] With this module enabled, an ordinary user can access the same unpublished nodes in Views as they can access the node directly*.
Success: A4 = A1
*The access in Views copies the Drupal default access [A1]. It doesn't take account of other modules altering permissions by means of hook_node_access.
Project information
- Minimally maintained
Maintainers monitor issues, but fast responses are not guaranteed. - Maintenance fixes only
Considered feature-complete by its maintainers. - Module categories: Access Control
- 1 site reports using this module
- Created by AdamPS on , updated
- This project is not covered by the security advisory policy.
Use at your own risk! It may have publicly disclosed vulnerabilities.
Releases
Development version: 7.x-1.x-dev updated 13 Oct 2017 at 08:14 UTC