Actually having properly looked at node_access, indeed you can't do what you want without changes to core. 'create' operations are somewhat special and the only thing that gets to decide if a 'normal' user can create a node is the hook_access defined in the node's module (that is the module that allows the creation of that sort of node.) Taxonomy Access controls creates by using db_rewrite_sql, but in my mind that is ugly. If any developers are still following this thread, would adding a invocation of nodeapi or something similar to node_access be permissable, as in this case at least, it would be very useful. On 29/03/07, Ron Parker <sysop@scbbs.com> wrote:
Steven Jones wrote:
Hi,
I think the functionality that you're after could be covered by creative use of hook_node_grants, node_access_grants and your own user access system in OG user roles.
Here is where I bump into my Drupal ignorance. I thought (and please excuse my misuse of terminology) node grants and node permissions were different. By node grants I mean "grant_list", "grant_view", "grant_update", "grant_delete". By node permissions, I mean "create_node_content", "edit_node_content", "administer_module", etc...
Now, if it's possible to create a mechanism that adds the correct user access roles within OG, then it sounds like that's the way I should go.
I myself have found much of the OG functionality lacking, and would be interested in helping to write these features if you wanted.
Yes, very interested.
Core modifications are really not needed, but would indeed save a lot of work!
For example, on OG, this is the user_access check to determine whether to display a create content link:
node_access('create', $type->type))
node_access, as you know, calls user_access.
Theoretically, you are saying that it's possible to create a user access function in OG that would override or append to the Drupal core user access function?
-ron
-- Regards Steven Jones