8.2.x node.api.php hook_node_access_records(\Drupal\node\NodeInterface $node)
8.0.x node.api.php hook_node_access_records(\Drupal\node\NodeInterface $node)
8.1.x node.api.php hook_node_access_records(\Drupal\node\NodeInterface $node)
5.x core.php hook_node_access_records($node)
6.x core.php hook_node_access_records($node)
7.x node.api.php hook_node_access_records($node)

Set permissions for a node to be written to the database.

When a node is saved, a module implementing node access will be asked if it is interested in the access permissions to a node. If it is interested, it must respond with an array of array of permissions for that node.

Each item in the array should contain:

'realm' This should only be realms for which the module has returned grant IDs in hook_node_grants. 'gid' This is a 'grant ID', which can have an arbitrary meaning per realm. 'grant_view' If set to TRUE a user with the gid in the realm can view this node. 'grant_edit' If set to TRUE a user with the gid in the realm can edit this node. 'grant_delete' If set to TRUE a user with the gid in the realm can delete this node. 'priority' If multiple modules seek to set permissions on a node, the realms that have the highest priority will win out, and realms with a lower priority will not be written. If there is any doubt, it is best to leave this 0.

Related topics

1 function implements hook_node_access_records()

Note: this list is generated by pattern matching, so it may include some functions that are not actually implementations of this hook.

node_access_example_node_access_records in developer/examples/node_access_example.module
Implementation of hook_node_access_records().
1 invocation of hook_node_access_records()
node_access_acquire_grants in modules/node/node.module
This function will call module invoke to get a list of grants and then write them to the database. It is called at node save, and should be called by modules whenever something other than a node_save causes the permissions on a node to change.


developer/hooks/core.php, line 848
These are the hooks that are invoked by the Drupal core.


function hook_node_access_records($node) {
  if (node_access_example_disabling()) {

  // We only care about the node if it's been marked private. If not, it is
  // treated just like any other node and we completely ignore it.
  if ($node->private) {
    $grants = array();
    $grants[] = array(
      'realm' => 'example',
      'gid' => TRUE,
      'grant_view' => TRUE,
      'grant_update' => FALSE,
      'grant_delete' => FALSE,
      'priority' => 0,

    // For the example_author array, the GID is equivalent to a UID, which
    // means there are many many groups of just 1 user.
    $grants[] = array(
      'realm' => 'example_author',
      'gid' => $node->uid,
      'grant_view' => TRUE,
      'grant_update' => TRUE,
      'grant_delete' => TRUE,
      'priority' => 0,
    return $grants;