[support] OG node type access restrictions

[Larry Garfield]

Hi all.  I'm staring at a tricky node permission question I'd like some help 
on.  Using Drupal 5.x.

I have a series of Organic Groups, with a node type of "Board".  Each Board is 
owned by uid 1, and has one or more other managers.  I also have a number of 
other node types (for now let's say News and Page) defined.  News, Page, and 
Board are both CCK-defined nodes, so they're owned by node.module.

What I want is to have OG manageres able to create Page nodes only in their 
own OG, not in any others.  I also want to have anyone who is a subscriber of 
a given OG to be able to create a News node in that OG, or better yet be able 
to create a News node without even being a subscriber of that OG (optional 
bonus).

The roles system doesn't know from OG, so if I put managers into a "Manager" 
role then they'd be able to create Page nodes in any OG.  I considered 
hook_access(), but that works only for nodes I've defined within that module.  
I glanced at hook_node_grants, but since I'm using OG already I'm quite 
worried to avoid getting into that mess if I can avoid it (since they both 
interact with the node_access table.

Does anyone have a better suggestion for how to make that work?  I'm perfectly 
happy with a code-based solution so if "write this bunch of code" is the 
answer, I'm cool with that, but of course the less code I write the fewer 
bugs I can write, too. :-)

-- 
Larry Garfield			AIM: LOLG42
larry at garfieldtech.com		ICQ: 6817012

"If nature has made any one thing less susceptible than all others of 
exclusive property, it is the action of the thinking power called an idea, 
which an individual may exclusively possess as long as he keeps it to 
himself; but the moment it is divulged, it forces itself into the possession 
of every one, and the receiver cannot dispossess himself of it."  -- Thomas 
Jefferson