I found the problem in S9Y that when having special groups that do not allow read-access to users that are not logged in and having comments made by logged in users to such "hidden" entries that the entries are hidden for not logged in users in RSS, yet the comments remain visible for all users - even if they are not logged in.
Is there a way or workaround to only have the comments displayed in RSS the same way as entries are only displayed in RSS when visible for the users rights?
Applying Group ACL to Comments in RSS
-
garvinhicking
- Core Developer
- Posts: 30022
- Joined: Tue Sep 16, 2003 9:45 pm
- Location: Cologne, Germany
- Contact:
Re: Applying Group ACL to Comments in RSS
Hi!
Yes, comments do not get ACLs applied, because technically that would mean to completele rewritite the used SQL query and make several JOINS to other tables. Sine this is a feelable performance impact, this work has not yet been done...
Best regards,
Garvin
Yes, comments do not get ACLs applied, because technically that would mean to completele rewritite the used SQL query and make several JOINS to other tables. Sine this is a feelable performance impact, this work has not yet been done...
Best regards,
Garvin
# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
Thanks for the fast reply...
Well. I can understand the problem in this one. I already scaned through the code and found the according queries in the fetch* methods. Tho - Is it possible to add a plugin to do that kind of job? Let's say - in a way that the user can choose if they want ACLs to be applied or not depending in the grounps the comments were made to?
As I undersandt it, the guid of the entries is read anyways in the process of reading the comments - so wouldn't it be possible to use such a plugin to scan through additional rights read seperately?
On the other hand - is there a way to simply deactivate the appearence of the content of the comments in the RSS feed to not give private information ( which usually is referred to in comments to private entries ) away to everybody in the RSS feed?
As I undersandt it, the guid of the entries is read anyways in the process of reading the comments - so wouldn't it be possible to use such a plugin to scan through additional rights read seperately?
On the other hand - is there a way to simply deactivate the appearence of the content of the comments in the RSS feed to not give private information ( which usually is referred to in comments to private entries ) away to everybody in the RSS feed?
-
garvinhicking
- Core Developer
- Posts: 30022
- Joined: Tue Sep 16, 2003 9:45 pm
- Location: Cologne, Germany
- Contact:
Re: Thanks for the fast reply...
Hi!
Yes, this shouldn't be a problem. Genereally, s9y already has this "optimize ACL checks away" feature, so the option could be used there. I'd even favor implementing this in the core, it's just that it requires a rewritie of the current fetch method to go more in sync with how entries and categories are fetched.
Are you interested in looking into this? The next weeks are a bit swamped with work for me, so I'm not sure if I can find the time to implement this soon.
Your other suggestion, of removing the content in case of an unreadable entry would work with a separate query. But I believe the first way is the cleaner one, even if it means a performance impact.
Regards,
Garvin
Yes, this shouldn't be a problem. Genereally, s9y already has this "optimize ACL checks away" feature, so the option could be used there. I'd even favor implementing this in the core, it's just that it requires a rewritie of the current fetch method to go more in sync with how entries and categories are fetched.
Are you interested in looking into this? The next weeks are a bit swamped with work for me, so I'm not sure if I can find the time to implement this soon.
Filtering out comments aftre they have been fetched will introduce a problem because then a comment feed no longer contains 15 items, but maybe only 1, missing the other X ones that would have come after 15 items. Thus, a single SQL query with all required joins is the only way to make this work properly in one go.As I undersandt it, the guid of the entries is read anyways in the process of reading the comments - so wouldn't it be possible to use such a plugin to scan through additional rights read seperately?
Your other suggestion, of removing the content in case of an unreadable entry would work with a separate query. But I believe the first way is the cleaner one, even if it means a performance impact.
Regards,
Garvin
# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/