Coherent Access Module Problem
Hi,
Drupal 6.8
Following Bill's book, I created Shared Posts using coherent_access module. The problem is that when student create a Notes node, it isn't private even though the pref is set to private by default, and it will be so when I create a Notes node. That option is not even presented to student. The permission doesn't offer student role to control the private option, and is hidden automatically.
Any help would be appreciated. -Hiro
Groups:
Login or register to post comments
Hello, Hiro, What theme are
Hello, Hiro,
What theme are you using?
Also, can you check that the content types being governed using coherent_access are not also being used within groups (via Organic Groups)? Node types being controlled via coherent_access should not be used within Organic Groups.
Also, have you rebuilt your node_access table? This is accessible at /admin/content/node-settings
Also, I believe that UID1 can see "private" nodes --
But the first thing I would do is rebuild the node_access table as described above.
Cheers,
Bill
FunnyMonkey
Click. Connect. Learn.
Using Drupal in Education
Thank you
Thank you for your response, Bill.
It's LiteJazz theme. I followed your book from the beginning so I set the Notes to be outside of OG. I have rebuilt permission numerous times.
So, I have a test user. I login with that account on a separate machine. I create a Notes post. I log out, but the post is listed under the recent post, and I can click open it. I switch to my admin machine and find that the created Note node has Private unchecked. If I create a Notes post from user/1, it is Private by default, but not from the student account.
Which version?
Which version of coherent access are you using? I reported some problems with the 6.x.1.0 version and contributed a patch, which I believe was committed to the 6.x.1.x-dev version.
Another module to consider would be node privacy by role (NPBR). I favor it over coherent access at this point, and have been using it to allow private posts outside of Organic Groups.
With NPBR, you can configure the default view, edit and delete permissions by role for each content type. You can also designate roles that have the permission to change the permissions on a node-by-node basis.
This allows for several interesting configurations. First, you can set up content types that are always private to select roles (like students, for example). Students could create private content that can be viewed by groups that the admin selects. You can also provide some roles with editing privileges for collaborative projects. Allowing administrators (or teachers or other trusted users) the freedom to change the permissions (perhaps on request, or by assignment, or ...) allows for great flexibility. But you must also be careful, because the same user could decide to give anonymous edit or delete privileges, which is probably a bad idea....
I have worked with both of these modules (and contributed a patch for coherent access) and personally found NPBR to be more stable and easier to understand than coherent access....but that's just my opinion. Otherwise, I would echo everything that Bill said - sage advice - especially rebuilding the node access table and mixing with Organic groups (you have to make sure the content type cannot be posted within groups).
Hope this helps,
Mike
NPBR
If you don't need to grant individual users add or edit rights, then Node Privacy By Role is a good choice.
If you want users to be able to specify other users who can view/edit the node, then coherent_access is probably a better fit. We have used it in a few different contexts, and it's worked without the issues described here.
Another possible option is content access with acl, but the UI for that is (IMO) awkward -- adding edit rights is a multi-step process, and not particularly intuitive.
Cheers,
Bill
FunnyMonkey
Click. Connect. Learn.
Using Drupal in Education
Not sure about NPBR
Since what I need is a content type that is shared only between individual student and me, and there is no chance to be shared with anyone else, I don't think NPBR works because it is per role instead of per user, and my option is on coherent_access. Is this correct?
Thank you for your time. -Hiro
Yes, and Bill's summary is
Yes, and Bill's summary is correct that if a post really must be shared between a subset of users and cannot be done on a per role basis, then coherent_access is your best best.
I am doing it with NPBR by allowing all teachers to view/edit the student's work (but other students cannot view or edit) and I don't grant any role the ability to delete the post - this is left to the author. I am assuming their are no malicious teachers who would edit a post that they weren't supposed to - which I supposed could be questioned - but by saving revisions, you can always track the changes that have been made and revert if someone makes a mistake. My implementation is designed for a single department with faculty working together with individual students and groups of students on both private and collaborative projects.
Workflow and Workflow Access
You could also craft a solution with this using Workflow and Workflow Access. Given that you know your desired state (ie, only you and the student can see the post) you really don't need the flexibility of either Node Privacy By Role or Coherent Access.
FunnyMonkey
Click. Connect. Learn.
Using Drupal in Education
Workflow Access
Thank you Bill for your continuous help.
I installed Workflow but not sure what I need to do. The only Action I see, including the advanced option, is make it private to OG, not the user who created the post. I feel I am missing something. -Hiro
== New Info ==
I might have serious permission issues. I set action to unpublish after create/update, and it is not working. The post is showing in public. On the other hand, comments to the post will be hidden when logged out. Weird.
This is getting very much over my head. -Hiro
MGN Patch
Ah, yes, I did try your patch. Since I had no idea how to apply patch (the instruction was beyond my head), I manually copied lines from your patch to the module, and the unwanted list under the shared posts did disappear.
The 6.x.1.x-dev you mentioned, I can't find it anywhere, however. I only see the one under 6/25/2008.
6.x.1.x-dev was last updated
6.x.1.x-dev was last updated on November 4th. You can find it by going to the project page and clicking on view all releases. Then scroll down and you'll see it. The direct link is http://drupal.org/node/274961.
Information on applying patches (if you are interested) is at http://drupal.org/patch/apply ... instructions depend on the platform you are working on.
Dev seems to work
Thank you so much for this. This dev version seems to work, but now all of the private posts I had before this version became public(!). Ouch! I guess I have to edit them one by one.
Yes, I did read the patch instruction under Mac OSX a few times, but it didn't work. I thought I followed each steps. I am on OSX10.5.5, by the way. In the end, going line by line was easier for me :-)
-Hiro
Rebuild node access table first
At Administer --> Content Management --> Post Settings
FunnyMonkey
Click. Connect. Learn.
Using Drupal in Education
100+ times
Yes, I rebuild permission hundreds of times every day!
I think something is wrong with my db, but I am not good enough to see the problem. Just now, I reassigned 90+ posts to private, but they still shows up when logged out. I rebuild permission and run update.php like a mad man.
Glad to hear its working.
Glad to hear its working. Follow Bill's advice and I would expect all the permissions would be preserved. Sorry I can't help when it comes to patching on MacOS ... no experience there yet.
Page Caching?
This may have nothing to do with your problem, but I don't know how many times I make a change, log out and then am startled to find that "it didn't take" only to find out it was because of the performance settings. Have you tried clearing the cache at admin/settings/performance ?. You also might want to check your minimum cache lifetime. While developing I've learned to turn off page caching and disable it in my browser to avoid this. Hope this helps...
I was thinking the exact same thing
You can also clear the cache tables directly in your database -- just truncate, or empty, all the tables beginning with "cache" --
This, combined with clearing the cache of your browser, can often work miracles.
Cheers,
Bill
FunnyMonkey
Click. Connect. Learn.
Using Drupal in Education
Cache
I forgot to mention I have been running the truncation all the cache tables like a madman as well. In fact, if I don't truncate cache_menu, db even won't import to my local dev machine.
By the way, I finally made it work just 10 minutes ago!!
I removed coherent_access module, and redone everything from the scratch using the latest dev version, 100+ posts(!). So far it seems to be working as designed. I am crossing my fingers :-)
Thank you so much for you continuous help. I think I can close this issue.
Page caching
I don't turn page caching on because I have believed it only works for anonymous users, and my site is designed for my classes, where everyone is supposed to login.
Should I enable page caching?
HELP!
This is too weird.
The dev version seemed to work fine, but I was keep getting private messages public. I had no idea why this was keep happening. When this happens, I have to re-save each of the private nodes, just open > edit > save. I have done this 4 times to all the 90+ nodes. My hands/shoulder hurts.
Just now, I realized what is causing this. Every time I run Rebuild Permission, all the private nodes became public. This happens on both of the live site and my local dev machine. Any idea?
Congratulations Hiro! You've discovered a bug!
I downloaded the latest dev version and was able to quickly verify your discovery. Glancing through the code, it appears that $grant_view on line 424 of 6.x.1.x-dev version of the coherent_access.module should be changed to $private. I did this and it seems to solve the problem. I've posted an issue and a patch in the coherent_access issue queue, but its a simple enough change for you to do it by hand and verify that it solves the problem you are having. Please test it on just a couple of nodes - I would hate to have you fix all 90+ again only to find that this wasn't the cause of your troubles. But this is also the risk that you take using code that's still under development. Hopefully this patch will do the trick.
It works!!
Thank you so, so much! It seems to be working.
I have tried on both local dev and the live site, running rebuild permission 5 times each, and is not making them public anymore. Only catch is, this one variable change made granted viewer disappear so all the posts are private with no viewer assigned. I can edit 90+ times again, knowing this is the last time!
I can't thank you enough!
Got another problem
I just realized there is another problem. I really hoped I am done with this and start writing up the materials for the classes next week(!).
Now the Shared Posts aren't showing up under My Account, which is OK because you can see them in the block, until it grows more than 4 posts.
The 'more..' link bellow the 4th posts gets me Access Denied even though I am user/1. Sorry to bother you again, but any help would be appreciated.
Another bug...
On line 777 of coherent_access.module their should be 'return' before the function call like
return _coherent_access_user_has_shared_content( .... Add the word return before the function call and this should be fixed. Now the shared posts tab will be present and the more link shouldn't fail.I've created another issue on the coherent_access queue with a proper patch to fix this. The patch is a little more involved than the one word fix because I took the opportunity to streamline the code a bit, but that's more coding efficiency than functionality. You should be fine with the one word fix.
Hope this helps!
Fixed!
Thank you so much!!
Can't imagine what would had been without your help.
I really hope I don't encounter any more issue so I can move on to working on contents before too late :-)
My token of appreciation, if you like jazz music, here you can find some free audio/video of my music:
http://anonemusic.com/
I will think of better gift later so you will become my personal TS!
-Hiro
Great!
Glad to hear its finally working. It can take a little effort to get the kinks out from time to time, but it works well in the end. Happy to help out when I can...don't hesitate to ask if you have any more troubles.
New problem - Urgent :_(
Drupal 6.8 / coherent_access 6.x-1.0
Yesterday, I was made aware that students' private notes are public until I run Rebuild Permission. Every time someone create the private notes to me, they are public. As soon as I run Rebuild Permission, they become private. I emptied all the cache tables but to no avail. This is really bad. I appreciate any suggestion.
-Hiro
Upgrade to the latest dev and try again
Hi Hiro,
I assume you have 'new nodes will default to private' checked?
Jeff committed a number of patches that came about because of your earlier troubles - not all of the problems were discussed here - so it might be that one of those patches addresses this problem. I would switch to 6.x.1.x-dev until he releases 1.1.
I just came across a different problem (with the current dev version) that I have to troubleshoot and will leave an issue in the coherent access queue on D.O.
Yes!
Once again, you saved me!
Trying the dev version always scares me. Your comments give me comfort in a great deal. Thank you so much!
-Hiro
View Private Notes
Drupal 6.8
I hope I can post this to this thread. I am encountering a new issue regarding the Private Note nodes based on this thread. The nodes are created from the both ends. Some of them are originated from me to individual student. Others are created by individual students to my eyes only. Then we exchange using comments to the subject.
My new problem is View. For the life of me, I can't make the sort by time stamp. If I sort by Updated/Commented, the nodes which has no comment pushed way down. If I sort by Post date then new comment won't show up at the top of the list.
I need to monitor if student created a new Private Note node and if student posted a new comment. I feel View should be able to do this but I have not been able to find the way. Any help would be appreciated.
By the way, I am using Table view, which seems to be easier for my eyes for this specific task.
-Hiro