1 node.module _node_access_write_grants(Node $node, $grants, $realm = NULL, $delete = TRUE)

Writes a list of grants to the database, deleting any previously saved ones.

If a realm is provided, it will only delete grants from that realm, but it will always delete a grant from the 'all' realm. Modules that utilize node_access() can use this function when doing mass updates due to widespread permission changes.

Note: Don't call this function directly from a contributed module. Call node_access_acquire_grants() instead.

Parameters

Node $node: The node whose grants are being written. All that is necessary is that it contains a nid.

$grants: A list of grants to write. Each grant is an array that must contain the following keys: realm, gid, grant_view, grant_update, grant_delete. The realm is specified by a particular module; the gid is as well, and is a module-defined id to define grant privileges. each grant_* field is a boolean value.

$realm: (optional) If provided, read/write grants for that realm only.

$delete: (optional) If false, does not delete records. This is only for optimization purposes, and assumes the caller has already performed a mass delete of some form. Defaults to TRUE.

Related topics

Node access rights The node access system determines who can do what to which nodes.

File

core/modules/node/node.module, line 3283
The core module that allows content to be submitted to the site.

Code

function _node_access_write_grants(Node $node, $grants, $realm = NULL, $delete = TRUE) {
  if ($delete) {
    $query = db_delete('node_access')->condition('nid', $node->nid);
    if ($realm) {
      $query->condition('realm', array($realm, 'all'), 'IN');
    }
    $query->execute();
  }

  // Only perform work when node_access modules are active.
  if (!empty($grants) && count(module_implements('node_grants'))) {
    $query = db_insert('node_access')->fields(array('nid', 'realm', 'gid', 'grant_view', 'grant_update', 'grant_delete'));
    foreach ($grants as $grant) {
      if ($realm && $realm != $grant['realm']) {
        continue;
      }
      // Only write grants; denies are implicit.
      if ($grant['grant_view'] || $grant['grant_update'] || $grant['grant_delete']) {
        $grant['nid'] = $node->nid;
        $query->values($grant);
      }
    }
    $query->execute();
  }
}