1 node_access_example.module | node_access_example_node_grants($account, $op) |
Implements hook_node_grants().
It tells the node access system what grant IDs the user belongs to for each realm, based on the operation being performed.
When the user tries to perform an operation on the node, Backdrop calls hook_node_grants() to determine grant ID and realm for the user. Backdrop looks up the grant ID and realm for the node, and compares them to the grant ID and realm provided here. If grant ID and realm match for both user and node, then the operation is allowed.
Grant ID and realm are both determined per node in hook_node_access_records().
In our example, we've created three access realms: one for authorship and two that track with the permission system.
We always add node_access_example_author to the list of grants, with a grant ID equal to their user ID. We do this because in our model, authorship always gives you permission to edit or delete your nodes, even if they're marked private.
Then we compare the user's permissions to the operation to determine whether the user falls into the other two realms: node_access_example_view, and/or node_access_example_edit. If the user has the 'access any private content' permission we defined in hook_permission(), they're declared as belonging to the node_access_example_realm. Similarly, if they have the 'edit any private content' permission, we add the node_access_example_edit realm to the list of grants they have.
See also
node_access_example_permission()
node_access_example_node_access_records()
Related topics
File
- modules/
examples/ node_access_example/ node_access_example.module, line 261 - Hook implementations for the Node Access Example module.
Code
function node_access_example_node_grants($account, $op) {
$grants = array();
// First grant a grant to the author for own content.
// Do not grant to anonymous user else all anonymous users would be author.
if ($account->uid) {
$grants['node_access_example_author'] = array($account->uid);
}
// Then, if "access any private content" is allowed to the account,
// grant view, update, or delete as necessary.
if ($op == 'view' && user_access('access any private content', $account)) {
$grants['node_access_example_view'] = array(NODE_ACCESS_EXAMPLE_GRANT_ALL);
}
if (($op == 'update' || $op == 'delete') && user_access('edit any private content', $account)) {
$grants['node_access_example_edit'] = array(NODE_ACCESS_EXAMPLE_GRANT_ALL);
}
return $grants;
}