Same name and namespace in other branches
  1. 4.6.x developer/hooks/node.php \hook_access()
  2. 5.x developer/hooks/node.php \hook_access()
  3. 6.x developer/hooks/node.php \hook_access()

Define access restrictions.

This hook allows node modules to limit access to the node types they define.

Parameters

$op: The operation to be performed. Possible values:

  • "create"
  • "delete"
  • "update"
  • "view"

$node: The node on which the operation is to be performed, or, if it does not yet exist, the type of node to be created.

Return value

TRUE if the operation may be performed; FALSE if the operation may not be returned; NULL to not override the settings in the node_access table.

The administrative account (user ID #1) always passes any access check, so this hook is not called in that case. If this hook is not defined for a node type, all access checks will fail, so only the administrator will be able to see content of that type. However, users with the "administer nodes" permission may always view and edit content through the administrative interface.

For a detailed usage example, see node_example.module.

Related topics

14 functions implement hook_access()

Note: this list is generated by pattern matching, so it may include some functions that are not actually implementations of this hook.

blog_access in modules/blog.module
Implementation of hook_access().
book_access in modules/book.module
Implementation of hook_access().
comment_access in modules/comment.module
This is *not* a hook_access() implementation. This function is called to determine whether the current user has access to a particular comment.
fileupload_access in developer/examples/fileupload.module
Implementation of hook_access.
filter_access in modules/filter.module
Returns true if the user is allowed to access this format.

... See full list

File

developer/hooks/node.php, line 79
These hooks are defined by node modules, modules that define a new kind of node.

Code

function hook_access($op, $node) {
  global $user;
  if ($op == 'create') {
    return user_access('create stories');
  }
  if ($op == 'update' || $op == 'delete') {
    if (user_access('edit own stories') && $user->uid == $node->uid) {
      return TRUE;
    }
  }
}