Our hook_menu() page callback function.

Information for the user about what nodes are marked private on the system and which of those the user has access to.

The queries showing what is accessible to the current user demonstrate the use of the 'node_access' tag to make sure that we don't show inappropriate information to unprivileged users.

Return value

string Page content.

See also

Example: Page

Related topics

Example: Node Access
Demonstrates node access.
1 string reference to 'node_access_example_private_node_listing'
node_access_example_menu in node_access_example/node_access_example.module
Implements hook_menu().

File

node_access_example/node_access_example.module, line 121
Module file illustrating API-based node access.

Code

function node_access_example_private_node_listing() {
  $content = '<div>' . t('This example shows how a module can use the Drupal node access system to allow access to specific nodes. You will need to look at the code and then experiment with it by creating nodes, marking them private, and accessing them as various users.') . '</div>';

  // Find out how many nodes are marked private.
  $query = db_select('node', 'n');
  $query
    ->addExpression('COUNT(n.nid)', 'private_count');
  $query
    ->join('node_access_example', 'nae', 'nae.nid = n.nid');
  $num_private = $query
    ->condition('nae.private', 1)
    ->execute()
    ->fetchField();

  // Find out how many nodes owned by this user are marked private.
  $query = db_select('node', 'n');
  $query
    ->addExpression('COUNT(n.nid)', 'private_count');
  $query
    ->join('node_access_example', 'nae', 'nae.nid = n.nid');
  $num_personal = $query
    ->condition('n.uid', $GLOBALS['user']->uid)
    ->condition('nae.private', 1)
    ->execute()
    ->fetchfield();
  $content .= '<div>' . t('There are currently @num private nodes in the system @num_personal are yours.', array(
    '@num' => $num_private,
    '@num_personal' => $num_personal,
  )) . '</div>';

  // Use a 'node_access' tag with a query to find out how many this user has
  // access to. This will be the standard way to make lists while respecting
  // node access restrictions.
  $query = db_select('node', 'n');
  $query
    ->addExpression('COUNT(n.nid)', 'private_count');
  $query
    ->addTag('node_access');
  $query
    ->join('node_access_example', 'nae', 'nae.nid = n.nid');
  $num_private_accessible = $query
    ->condition('nae.private', 1)
    ->execute()
    ->fetchField();
  $content .= '<div>' . t('You have access to @num private nodes.', array(
    '@num' => $num_private_accessible,
  )) . '</div>';

  // Use the key 'node_access' tag to get the key data from the nodes this
  // has access to.
  $query = db_select('node', 'n', array(
    'fetch' => PDO::FETCH_ASSOC,
  ));
  $query
    ->addTag('node_access');
  $query
    ->join('node_access_example', 'nae', 'nae.nid = n.nid');
  $query
    ->join('users', 'u', 'u.uid = n.uid');
  $result = $query
    ->fields('n', array(
    'nid',
    'title',
    'uid',
  ))
    ->fields('u', array(
    'name',
  ))
    ->condition('nae.private', 1)
    ->execute();
  $rows = array();
  foreach ($result as $node) {
    $node['nid'] = l($node['nid'], 'node/' . $node['nid']);
    $rows[] = array(
      'data' => $node,
      'class' => array(
        'accessible',
      ),
    );
  }
  $content .= '<div>' . t('Accessible rows:') . theme('table', array(
    'header' => array(
      'nid',
      'title',
      'uid',
      'username',
    ),
    'rows' => $rows,
  )) . '</div>';
  return array(
    '#markup' => $content,
  );
}