[support] Controlling Node Access For Projects
Steve Edwards
killshot91 at comcast.net
Mon Dec 3 06:42:09 UTC 2007
I'm writing a module that will control access to projects at a user level instead of a role level. I have an admin form written
that will allow an administrator to select which users can access each project, and stores the data in a project_permissions
table. My next task is to figure out how to use this data to control access to each project. From what I've been able to find,
it looks like I need to use a combination of hook_node_grants() and hook_node_access_records().
I have my hook_node_access_records function written as follows:
/*
* Implementation of hook_node_access_records()
*/
function project_permissions_node_access_records($node) {
if ($node->type == 'project_project') {
$sql = "SELECT * FROM project_permissions WHERE nid = %d";
$result = db_query($sql, $node->nid);
while ($permission = db_fetch_object($result)) {
$grants[] = array(
'realm' => 'project_permissions',
'gid' => $permission->uid,
'grant_view' => TRUE,
'grant_update' => TRUE,
'grant_delete' => TRUE,
);
}
return $grants;
}
}
and it correctly saves the data to the node_access table. I'm still trying to figure out how to implement hook_node_grants. If
anyone can shed some light on that, I'd appreciate it.
But my bigger question is this: does using these two hooks override the access that is set in the Project module? For instance,
if a users role has been granted view access, but in my module he hasn't been granted access, which will win?
Thanks.
Steve
More information about the support
mailing list