function node_access_example_node_access_records

Implements hook_node_access_records().

All node access modules must implement this hook. If the module is interested in the privacy of the node passed in, return a list of node access values for each grant ID we offer.

In this example, for each node which is marked 'private,' we define three realms:

The first and second are realms are 'node_access_example_view' and 'node_access_example_edit,' which have a single grant ID, 1. The user is either a member of these realms or not, depending upon the operation and the access permission set.

The third is node_access_example_author. It gives the node author special privileges. node_access_example_author has one grant ID for every UID, and each user is automatically a member of the group where GID == UID. This has the effect of giving each user their own grant ID for nodes they authored, within this realm.

Drupal calls this hook when a node is saved, or when access permissions change in order to rebuild the node access database table(s).

The array you return will define the realm and the grant ID for the given node. This is stored in the {node_access} table for subsequent comparison against the user's realm and grant IDs, which you'll supply in hook_node_grants().

Realm names and grant IDs are arbitrary. Official drupal naming conventions do not cover access realms, but since all realms are stored in the same database table, it's probably a good idea to use descriptive names which follow the module name, such as 'mymodule_realmname'.

See also

node_access_example_node_grants()

Related topics

File

node_access_example/node_access_example.module, line 335

Code

function node_access_example_node_access_records($node) {
    // We only care about the node if it's been marked private. If not, it is
    // treated just like any other node and we completely ignore it.
    if (!empty($node->private)) {
        $grants = array();
        $grants[] = array(
            'realm' => 'node_access_example_view',
            'gid' => NODE_ACCESS_EXAMPLE_GRANT_ALL,
            'grant_view' => 1,
            'grant_update' => 0,
            'grant_delete' => 0,
            'priority' => 0,
        );
        $grants[] = array(
            'realm' => 'node_access_example_edit',
            'gid' => NODE_ACCESS_EXAMPLE_GRANT_ALL,
            'grant_view' => 1,
            'grant_update' => 1,
            'grant_delete' => 1,
            'priority' => 0,
        );
        // For the node_access_example_author realm, the grant ID (gid) is
        // equivalent to the node author's user ID (UID).
        // We check the node UID so that we don't grant author privileges for
        // anonymous nodes to anonymous users.
        if ($node->uid) {
            $grants[] = array(
                'realm' => 'node_access_example_author',
                'gid' => $node->uid,
                'grant_view' => 1,
                'grant_update' => 1,
                'grant_delete' => 1,
                'priority' => 0,
            );
        }
        return $grants;
    }
    // Return nothing if the node has not been marked private.
}