[SOLVED] Drupal Views bypassing hook_node_access permissions
If your Drupal site has some content which is restricted to certain users using hook_node_access you might find that the Views you create might bypass these hook_node_access restrictions granting unauthorized users complete access to view the content. The permissions might come into place only when the users click on the title of the node. If you need to know how to fix this, read on.
There are two ways to stop Views from bypassing hook_node_access_permissions
- You can use the following two hooks:
- These two hooks are the ones used by like content access to prevent unauthorized access
- You could also hook_query_TAG_alter to filter out content which the user shouldn't have access too but the former one is the preferred method
Hope that helps.
The easiest way to solve a Drupal issue is to hand it to the Drupal experts. Do you need professional help in building your Drupal site? We can provide a wide range of Drupal services to help you deploy your Drupal site easily and quickly. Get in touch with us to know more.
Reference: http://drupal.org/node/1266388