node_access
Definition
node_access($op, $node = NULL, $uid = NULL)
modules/node.module, line 1870
Description
Determine whether the current user may perform the given operation on the specified node.
Parameters
$op The operation to be performed on the node. Possible values are:
- "view"
- "update"
- "delete"
$uid The user ID on which the operation is to be performed.
Return value
TRUE if the operation may be performed.
Related topics
Name | Description |
|---|---|
| Node access rights | The node access system determines who can do what to which nodes. |
Code
<?php
function node_access($op, $node = NULL, $uid = NULL) {
// Convert the node to an object if necessary:
$node = array2object($node);
// If the node is in a restricted format, disallow editing.
if ($op == 'update' && !filter_access($node->format)) {
return FALSE;
}
if (user_access('administer nodes')) {
return TRUE;
}
if (!user_access('access content')) {
return FALSE;
}
// Can't use node_invoke(), because the access hook takes the $op parameter
// before the $node parameter.
$access = module_invoke(node_get_module_name($node), 'access', $op, $node);
if (!is_null($access)) {
return $access;
}
// If the module did not override the access rights, use those set in the
// node_access table.
if ($node->nid && $node->status) {
$sql = 'SELECT COUNT(*) FROM {node_access} WHERE (nid = 0 OR nid = %d) AND CONCAT(realm, gid) IN (';
$grants = array();
foreach (node_access_grants($op, $uid) as $realm => $gids) {
foreach ($gids as $gid) {
$grants[] = "'". $realm . $gid ."'";
}
}
$sql .= implode(',', $grants) .') AND grant_'. $op .' = 1';
$result = db_query($sql, $node->nid);
return (db_result($result));
}
return FALSE;
}
?>