NodeGrantDatabaseStorageInterface.php

Same filename in other branches
  1. 8.9.x core/modules/node/src/NodeGrantDatabaseStorageInterface.php
  2. 10 core/modules/node/src/NodeGrantDatabaseStorageInterface.php
  3. 11.x core/modules/node/src/NodeGrantDatabaseStorageInterface.php

Namespace

Drupal\node

File

core/modules/node/src/NodeGrantDatabaseStorageInterface.php

View source
<?php

namespace Drupal\node;

use Drupal\Core\Session\AccountInterface;

/**
 * Provides an interface for node access grant storage.
 *
 * @ingroup node_access
 */
interface NodeGrantDatabaseStorageInterface {
    
    /**
     * Checks all grants for a given account.
     *
     * @param \Drupal\Core\Session\AccountInterface $account
     *   A user object representing the user for whom the operation is to be
     *   performed.
     *
     * @return int
     *   Status of the access check.
     */
    public function checkAll(AccountInterface $account);
    
    /**
     * Alters a query when node access is required.
     *
     * @param mixed $query
     *   Query that is being altered.
     * @param array $tables
     *   A list of tables that need to be part of the alter.
     * @param string $op
     *   The operation to be performed on the node. Possible values are:
     *   - "view"
     *   - "update"
     *   - "delete"
     *   - "create"
     * @param \Drupal\Core\Session\AccountInterface $account
     *   A user object representing the user for whom the operation is to be
     *   performed.
     * @param string $base_table
     *   The base table of the query.
     *
     * @return int
     *   Status of the access check.
     */
    public function alterQuery($query, array $tables, $op, AccountInterface $account, $base_table);
    
    /**
     * Writes a list of grants to the database, deleting previously saved ones.
     *
     * If a realm is provided, it will only delete grants from that realm, but
     * it will always delete a grant from the 'all' realm. Modules that use
     * node access can use this method when doing mass updates due to widespread
     * permission changes.
     *
     * Note: Don't call this method directly from a contributed module. Call
     * \Drupal\node\NodeAccessControlHandlerInterface::acquireGrants() instead.
     *
     * @param \Drupal\node\NodeInterface $node
     *   The node whose grants are being written.
     * @param array $grants
     *   A list of grants to write. Each grant is an array that must contain the
     *   following keys: realm, gid, grant_view, grant_update, grant_delete.
     *   The realm is specified by a particular module; the gid is as well, and
     *   is a module-defined id to define grant privileges. each grant_* field
     *   is a boolean value.
     * @param string $realm
     *   (optional) If provided, read/write grants for that realm only. Defaults to
     *   NULL.
     * @param bool $delete
     *   (optional) If false, does not delete records. This is only for optimization
     *   purposes, and assumes the caller has already performed a mass delete of
     *   some form. Defaults to TRUE.
     */
    public function write(NodeInterface $node, array $grants, $realm = NULL, $delete = TRUE);
    
    /**
     * Deletes all node access entries.
     */
    public function delete();
    
    /**
     * Creates the default node access grant entry.
     */
    public function writeDefault();
    
    /**
     * Determines access to nodes based on node grants.
     *
     * @param \Drupal\node\NodeInterface $node
     *   The entity for which to check 'create' access.
     * @param string $operation
     *   The entity operation. Usually one of 'view', 'edit', 'create' or
     *   'delete'.
     * @param \Drupal\Core\Session\AccountInterface $account
     *   The user for which to check access.
     *
     * @return \Drupal\Core\Access\AccessResultInterface
     *   The access result, either allowed or neutral. If there are no node
     *   grants, the default grant defined by writeDefault() is applied.
     *
     * @see hook_node_grants()
     * @see hook_node_access_records()
     * @see \Drupal\node\NodeGrantDatabaseStorageInterface::writeDefault()
     */
    public function access(NodeInterface $node, $operation, AccountInterface $account);
    
    /**
     * Counts available node grants.
     *
     * @return int
     *   Returns the amount of node grants.
     */
    public function count();
    
    /**
     * Remove the access records belonging to certain nodes.
     *
     * @param array $nids
     *   A list of node IDs. The grant records belonging to these nodes will be
     *   deleted.
     */
    public function deleteNodeRecords(array $nids);

}

Interfaces

Title Deprecated Summary
NodeGrantDatabaseStorageInterface Provides an interface for node access grant storage.

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.