I'm writing a module that will control access to projects at a user level instead of a role level. I have an admin form written that will allow an administrator to select which users can access each project, and stores the data in a project_permissions table. My next task is to figure out how to use this data to control access to each project. From what I've been able to find, it looks like I need to use a combination of hook_node_grants() and hook_node_access_records().
I have my hook_node_access_records function written as follows:
/* * Implementation of hook_node_access_records() */ function project_permissions_node_access_records($node) { if ($node->type == 'project_project') { $sql = "SELECT * FROM project_permissions WHERE nid = %d"; $result = db_query($sql, $node->nid); while ($permission = db_fetch_object($result)) { $grants[] = array( 'realm' => 'project_permissions', 'gid' => $permission->uid, 'grant_view' => TRUE, 'grant_update' => TRUE, 'grant_delete' => TRUE, ); } return $grants; } }
and it correctly saves the data to the node_access table. I'm still trying to figure out how to implement hook_node_grants. If anyone can shed some light on that, I'd appreciate it.
But my bigger question is this: does using these two hooks override the access that is set in the Project module? For instance, if a users role has been granted view access, but in my module he hasn't been granted access, which will win?
Thanks.
Steve
Quoting Steve Edwards killshot91@comcast.net:
I'm writing a module that will control access to projects at a user level instead of a role level. I have an admin form written
No need to reinvent the wheel; http://drupal.org/project/content_access
Earnie -- http://for-my-kids.com/ -- http://give-me-an-offer.com/
I looked into it, and my customer had looked into it, too. The one problem they have is that with Content Access and Projects/Issues, the access you assign at the project level doesn't filter down to the issues, so you have to go into each issue to assign access. What I am trying to do is create a blanket permissions access so that what is true at the project level is also true for issues.
That all being said, I go back to my original questions: will using these hooks override what is in the Project module?
Thanks.
Steve
Earnie Boyd wrote:
Quoting Steve Edwards killshot91@comcast.net:
I'm writing a module that will control access to projects at a user level instead of a role level. I have an admin form written
No need to reinvent the wheel; http://drupal.org/project/content_access
Earnie -- http://for-my-kids.com/ -- http://give-me-an-offer.com/
Quoting Steve Edwards killshot91@comcast.net:
I looked into it, and my customer had looked into it, too. The one problem they have is that with Content Access and Projects/Issues, the access you assign at the project level doesn't filter down to the issues, so you have to go into each issue to assign access. What I am trying to do is create a blanket permissions access so that what is true at the project level is also true for issues.
Content Access [1] uses ACL [2] which is an API that content access uses so you should be able to extend it.
That all being said, I go back to my original questions: will using these hooks override what is in the Project module?
That is the way it is supposed to work, yes.
[1] http://drupal.org/project/content_access [2] http://drupal.org/project/acl
Earnie -- http://for-my-kids.com/ -- http://give-me-an-offer.com/
-
Earnie Boyd -
Steve Edwards