Latest sites

  • 2017-11-26: New Drupal 8 site at Rue du Commerce, architected and tech-led by OSInet, just went throught Black Friday week with flying colors thanks to RabbitMQ
  • 2017-05-26: New headless Drupal 8 / Symfony 3 site at FranceTV Sport, architected and tech-led by OSInet, with RabbitMQ
  • 2017-02-20: New Drupal 8 site galaxy (+/- 70 sites) for Agences Régionales de Santé architected and tech-led by OSInet, delivered by Klee
  • 2015-08-21: 50% less server load with MongoDB on the Drupal 7 site factory at France Télévisions
  • 2015-07-15: Our first Drupal 8 production site at France Télévisions is live
  • 2014-08-18: 400% speedup in 3 weeks for http://france3-regions.francetvinfo.fr/ : who said Drupal back-offices had to be slow ?
  • 2014-02-07: Sotchi Olympics traffic not a problem for http://www.francetvsport.fr/ , which I rearchitected on Drupal 7 in 2013
  • 2011-09-14: Completed migration of FranceInfo.FR from SPIP to Drupal
  • 2011-07-13: The new social network features of Le Figaro are now powered by an OSInet-designed MongoDB implementation

Quick news

  • 2014-03-27: MongoDB Watchdog module ported to Drupal 8 at the Szeged Dev Days.
  • 2014-01-26: My post on the Symfony web profiler in Silex selected in Week of Symfony. w00t !
  • 2013-10-18: My first commit went into MongoDB today. And, guess what ? It's in JavaScript
  • 2013-09-20 to 29: Working on Drupal 8 EntityAPI at the extended code sprints during and around DrupalCon Prague
  • 2012-08-19: Working on Drupal 8 EntityAPI at Drupalcon Munich
  • 2012-06-15: Working on Drupal 8 EntityAPI at DrupalDevDays Barcelona
  • 2012-03-23: Working on the future Drupal Document Oriented Storage at DrupalCon Denver. D8 or later ? Bets are on Later

If non-admin users can see some user accounts but not others...

After a massive user import to a customer's site, said customer noticed that, while he could see any user profile when logged, he could only see some of them when he was not logged in, receiving an "access denied" on the other accounts.

Now, with the administer users permission, a user can see any profile, so this didn't come into consideration, but since anonymous users could see some profiles and not others, the permissions granting anonymous access to the profiles were obviously set up correctly. So what could be wrong ?

Now, to understand what's going on in such a case, a small trip to user.module is necessary. In Drupal 4.7.x and 5.x, access to user/% is controlled directly in user_menu, and the rule for such an access is as follows:

<?php
$view_access
= user_access('access user profiles');
[..
snip..]
if (
$user !== FALSE) {
 
$view_access |= $user->uid == arg(1);
 
$view_access &= $account->status || $admin_access;
?>

...meaning any user can see his own account or any non-blocked account, assuming he has access user profiles permission, meaning this problem cannot happen. However in Drupal 6 and Drupal 7, things are a bit different, this access is now controlled by the user_view_access($account) function:

<?php
// From DRUPAL-6--10 (1.892.2.12) and DRUPAL-7-0-UNSTABLE-5 (1.963)
function user_view_access($account) {
  return
$account && $account->uid &&
    (
     
// Always let users view their own profile.
     
($GLOBALS['user']->uid == $account->uid) ||
     
// Administrators can view all accounts.
     
user_access('administer users') ||
     
// The user is not blocked and logged in at least once.
     
($account->access && $account->status && user_access('access user profiles'))
    );
}
?>

And the rules have slightly changed in the meantime: any user can now see his own account, or any non-blocked account which has logged in at least once, due to the test on $account->access.

So here is the key : after a mass import, most accounts will likely just have been created, and the just imported accounts won't have "access" set to a non zero value, meaning they won't be visible to any user without administer users permission. Solution: either be satisfied with it or set access to any non-zero value during the import.

Thanks

Thank you very much for your explanation! After an import, where thousands of users were created using Drupal API, some profile could not be accessed...