Same name and namespace in other branches
  1. 6.x modules/node/node.module \node_access_write_grants()
  2. 7.x modules/node/node.module \node_access_write_grants()

This function will write a list of grants to the database, deleting any pre-existing grants. If a realm is provided, it will only delete grants from that realm, but it will always delete a grant from the 'all' realm. Modules which utilize node_access can use this function when doing mass updates due to widespread permission changes.

Parameters

$node: The $node being written to. All that is necessary is that it contain a nid.

$grants: A list of grants to write. Each grant is an array that must contain the following keys: realm, gid, grant_view, grant_update, grant_delete. The realm is specified by a particular module; the gid is as well, and is a module-defined id to define grant privileges. each grant_* field is a boolean value.

$realm: If provided, only read/write grants for that realm.

$delete: If false, do not delete records. This is only for optimization purposes, and assumes the caller has already performed a mass delete of some form.

Related topics

Node access rights
The node access system determines who can do what to which nodes.
1 call to node_access_write_grants()
node_access_acquire_grants in modules/node/node.module
This function will call module invoke to get a list of grants and then write them to the database. It is called at node save, and should be called by modules whenever something other than a node_save causes the permissions on a node to change.

File

modules/node/node.module, line 2987
The core that allows content to be submitted to the site. Modules and scripts may programmatically submit nodes using the usual form API pattern.

Code

function node_access_write_grants($node, $grants, $realm = NULL, $delete = TRUE) {
  if ($delete) {
    $query = 'DELETE FROM {node_access} WHERE nid = %d';
    if ($realm) {
      $query .= " AND realm in ('%s', 'all')";
    }
    db_query($query, $node->nid, $realm);
  }

  // Only perform work when node_access modules are active.
  if (count(module_implements('node_grants'))) {
    foreach ($grants as $grant) {
      if ($realm && $realm != $grant['realm']) {
        continue;
      }

      // Only write grants; denies are implicit.
      if ($grant['grant_view'] || $grant['grant_update'] || $grant['grant_delete']) {
        db_query("INSERT INTO {node_access} (nid, realm, gid, grant_view, grant_update, grant_delete) VALUES (%d, '%s', %d, %d, %d, %d)", $node->nid, $grant['realm'], $grant['gid'], $grant['grant_view'], $grant['grant_update'], $grant['grant_delete']);
      }
    }
  }
}