Home » API reference » node.api.php

hook_node_access_records_alter

Versions
7
hook_node_access_records_alter(&$grants, $node)

Alter permissions for a node before it is written to the database.

Node access modules establish rules for user access to content. Node access records are stored in the {node_access} table and define which permissions are required to access a node. This hook is invoked after node access modules returned their requirements via hook_node_access_records(); doing so allows modules to modify the $grants array by reference before it is stored, so custom or advanced business logic can be applied.

See also

hook_node_access_records()

Upon viewing, editing or deleting a node, hook_node_grants() builds a permissions array that is compared against the stored access records. The user must have one or more matching permissions in order to complete the requested operation.

See also

hook_node_grants()

@see hook_node_grants_alter()

The preferred use of this hook is in a module that bridges multiple node access modules with a configurable behavior, as shown in the example by the variable 'example_preview_terms'. This variable would be a configuration setting for your module.

Parameters

&$grants The $grants array returned by hook_node_access_records().

$node The node for which the grants were acquired.

Related topics

Node access rights
The node access system determines who can do what to which nodes.
Hooks
Allow modules to interact with the Drupal core.

Code

modules/node/node.api.php, line 140

<?php
function hook_node_access_records_alter(&$grants, $node) {
  // Our module allows editors to tag specific articles as 'preview'
  // content using the taxonomy system. If the node being saved
  // contains one of the preview terms defined in our variable
  // 'example_preview_terms', then only our grants are retained,
  // and other grants are removed. Doing so ensures that our rules
  // are enforced no matter what priority other grants are given.
  $preview = variable_get('example_preview_terms', array());
  // Check to see if we have enabled complex behavior.
  if (!empty($preview)) {
    foreach ($preview as $term_id) {
      if (isset($node->taxonomy[$term_id])) {
        // Our module grants are set in $grants['example'].
        $temp = $grants['example'];
        // Now remove all module grants but our own.
        $grants = array('example' => $temp);
        // No need to check additonal terms.
        break;
      }
    }
  }
}
?>
Login or register to post comments
 
 

All source code and documentation on this site is released under the terms of the GNU General Public License, version 2 and later. Drupal is a registered trademark of Dries Buytaert.