Rob, You haven't given all the details your user-to-node relationships and how you will store them, but it sounds to me like hook_db_rewrite_sql is exactly what you need. It lets you define join(s) and where clause(s) to hide content. Those clauses can be based on the current user and/or whatever else you come up with. hook_db_rewrite_sql makes the node_access table possible. Node_access is the way the node.module uses the hook, but is not the only way. However, I recommend you use the node_access table if you can make it apply to your situation. If you're planning to make a giant mapping between each user and each node. Then it sounds like a lot of data and an administrative nightmare. But also something that the node_access table is able to represent. I wrote a couple access control modules which might be good examples. One based on users, roles and taxonomy <http://drupal.org/project/issues/53738> and a similar one for the category module <http://cvs.drupal.org/viewcvs/drupal/contributions/modules/category/contrib/cac_lite/>. They both rely on the node_access table mostly, but for special cases use hook_db_rewrite_sql. -Dave On Monday 03 April 2006 12:13 am, Rob Thorne wrote:
I'm writing a module for 4.7 that needs to control access to nodes that are only viewable by users who are approved via an external module. To determine if a node is viewable, I need to check the user *and* the node id. This would work, except for a design decision that was made "for performance".