Keve, My understanding is that you should not write the rows which grant nothing, as you state. Regarding writing at least one row per node, even if it grants nothing, I'm not sure. If you find that useful for checking integrity then I don't see it doing harm. What is the expected behavior when a node has no grants in the node_access table? I think either: a) noone is allowed to view that node. Or, b) another module might write an entry to the node_access table. That is, the user has two access control modules installed. While (b) should remain possible, I think it will be rare. More likely the user has made a node which noone can see, including themselves. Is this really what they wanted? -Dave On Saturday 18 March 2006 06:24 am, Keve wrote:
Concerning taxonomy_access, there is an idea to remove (and not generate) those lines in table 'node_access' where all three types of grants are 0.(grant_view = 0 and grant_upadet = 0 and grant_delete = 0). Because actually only records which grants some permission affect node_access() behaviour.