Community Documentation
Drupal 5 » node.module

node_access

5 node.module node_access($op, $node = NULL)
6 node.module node_access($op, $node, $account = NULL)
7 node.module node_access($op, $node, $account = NULL)
8 node.module node_access($op, $node, $account = NULL)

Determine whether the current user may perform the given operation on the specified node.

Parameters

$op: The operation to be performed on the node. Possible values are:

  • "view"
  • "update"
  • "delete"
  • "create"

$node: The node object (or node array) on which the operation is to be performed, or node type (e.g. 'forum') for "create" operation.

Return value

TRUE if the operation may be performed.

Related topics

Node access rights
The node access system determines who can do what to which nodes.

▸ 29 functions call node_access()

▾ 29 functions call node_access()

blogapi_blogger_edit_post in modules/blogapi/blogapi.module
Blogging API callback. Modifies the specified blog node.
blogapi_blogger_new_post in modules/blogapi/blogapi.module
Blogging API callback. Inserts a new blog post as a node.
blogapi_mt_publish_post in modules/blogapi/blogapi.module
Blogging API callback. Publishes the given node
comment_menu in modules/comment/comment.module
Implementation of hook_menu().
hook_access in developer/hooks/node.php
Define access restrictions.
hook_node_access_records in developer/hooks/core.php
Set permissions for a node to be written to the database.
hook_node_grants in developer/hooks/core.php
Inform the node access system what permissions the user has.
node_access in modules/node/node.module
Determine whether the current user may perform the given operation on the specified node.
node_access_acquire_grants in modules/node/node.module
This function will call module invoke to get a list of grants and then write them to the database. It is called at node save, and should be called by modules whenever something other than a node_save causes the permissions on a node to change.
node_access_grants in modules/node/node.module
Fetch an array of permission IDs granted to the given user ID.
node_access_rebuild in modules/node/node.module
Rebuild the node access database. This is occasionally needed by modules that make system-wide changes to access levels.
node_access_view_all_nodes in modules/node/node.module
Determine whether the user has a global viewing grant for all nodes.
node_access_write_grants in modules/node/node.module
This function will write a list of grants to the database, deleting any pre-existing grants. If a realm is provided, it will only delete grants from that realm, but it will always delete a grant from the 'all' realm. Modules which utilize…
node_add in modules/node/node.module
Present a node submission form or a set of links to such forms.
node_db_rewrite_sql in modules/node/node.module
Implementation of hook_db_rewrite_sql
node_delete in modules/node/node.module
Delete a node.
node_form in modules/node/node.module
Generate the node add/edit form array.
node_form_submit in modules/node/node.module
node_menu in modules/node/node.module
Implementation of hook_menu().
node_preview in modules/node/node.module
Generate a node preview.
node_revisions in modules/node/node.module
Menu callback for revisions related activities.
node_revision_delete in modules/node/node.module
Delete the revision with specified revision number. A "delete revision" nodeapi event is invoked when a revision is deleted.
node_revision_overview in modules/node/node.module
Generate an overview table of older revisions of a node.
node_revision_revert in modules/node/node.module
Revert to the revision with the specified revision number. A node and nodeapi "update" event is triggered (via the node_save() call) when a revision is reverted.
upload_file_download in modules/upload/upload.module
upload_js in modules/upload/upload.module
Menu-callback for JavaScript-based uploads.
_blogapi_get_node_types in modules/blogapi/blogapi.module
_node_access_join_sql in modules/node/node.module
Generate an SQL join clause for use in fetching a node listing.
_node_access_where_sql in modules/node/node.module
Generate an SQL where clause for use in fetching a node listing.

File

modules/node/node.module, line 2752
The core that allows content to be submitted to the site. Modules and scripts may programmatically submit nodes using the usual form API pattern.

Code

<?php
function node_access($op, $node = NULL) {
  global $user;

  if (!$node || !in_array($op, array('view', 'update', 'delete', 'create'), TRUE)) {
    // If there was no node to check against, or the $op was not one of the
    // supported ones, we return access denied.
    return FALSE;
  }
  // Convert the node to an object if necessary:
  if ($op != 'create') {
    $node = (object) $node;
  }
  // If the node is in a restricted format, disallow editing.
  if ($op == 'update' && !filter_access($node->format)) {
    return FALSE;
  }

  if (user_access('administer nodes')) {
    return TRUE;
  }

  if (!user_access('access content')) {
    return FALSE;
  }

  // Can't use node_invoke(), because the access hook takes the $op parameter
  // before the $node parameter.
  $module = node_get_types('module', $node);
  if ($module == 'node') {
    $module = 'node_content'; // Avoid function name collisions.
  }
  $access = module_invoke($module, 'access', $op, $node);
  if (!is_null($access)) {
    return $access;
  }

  // If the module did not override the access rights, use those set in the
  // node_access table.
  if ($op != 'create' && $node->nid && $node->status) {
    $grants = array();
    foreach (node_access_grants($op) as $realm => $gids) {
      foreach ($gids as $gid) {
        $grants[] = "(gid = $gid AND realm = '$realm')";
      }
    }

    $grants_sql = '';
    if (count($grants)) {
      $grants_sql = 'AND (' . implode(' OR ', $grants) . ')';
    }

    $sql = "SELECT COUNT(*) FROM {node_access} WHERE (nid = 0 OR nid = %d) $grants_sql AND grant_$op >= 1";
    $result = db_query($sql, $node->nid);
    return (db_result($result));
  }

  // Let authors view their own nodes.
  if ($op == 'view' && $user->uid == $node->uid && $user->uid != 0) {
    return TRUE;
  }

  return FALSE;
}
?>
Login or register to post comments