1 node.module node_access($op, $node, $account = NULL)

Access callback: Checks a user's permission for performing a node operation.


string $op: The operation to be performed on the node. Possible values are:

  • create
  • view
  • update
  • delete

Node|string $node: The node entity on which the operation is to be performed, or the node type (e.g., 'post') for the 'create' operation.

User $account: (optional) A user object representing the user for whom the operation is to be performed. Determines access for a user other than the current user.

Return value

bool: TRUE if the operation may be performed, FALSE otherwise.

See also


Related topics


core/modules/node/node.module, line 2737
The core module that allows content to be submitted to the site.


function node_access($op, $node, $account = NULL) {
  if ($op == 'create') {
    // In some cases a node object, rather than a bundle string is provided.
    if (is_string($node)) {
      $bundle = $node;
    else {
      $bundle = $node->bundle();
    return Node::createAccess($bundle, $account);
  elseif ($node instanceof Node) {
    return $node->access($op, $account);
  return FALSE;