[development] Getting Around The Limitations of hook_db_rewrite_sql

Rob Thorne rob at torenware.com
Mon Apr 3 07:13:44 UTC 2006 

I'm writing a module for 4.7 that needs to control access to nodes that 
are only viewable by users who are approved via an external module.  To 
determine if a node is viewable,  I need to check the user *and* the 
node id.  This would work, except for a design decision that was made 
"for performance".  Here's what it says in the docs, in the article 
about "Node access rights" 
(http://api.drupal.org/api/HEAD/group/node_access):

    In node listings, the process above is followed except that
    hook_access <http://api.drupal.org/api/HEAD/function/hook_access>()
    is not called on each node for performance reasons and for proper
    functioning of the pager system. When adding a node listing to your
    module, be sure to use db_rewrite_sql
    <http://api.drupal.org/api/HEAD/function/db_rewrite_sql>() to add
    the appropriate clauses to your query for access checks.

In other words, even if you set up your hook_access to prohibit viewing 
of your content, Drupal 4.7 *will display your private content to an 
anonymous user*.  Once your private node gets added to the list, there 
are no further checks to your hook access to determine if your node is 
safe to display.   I don't see any way that hook_db_rewrite_sql can be 
used for this purpose, since there is no simple relationship between the 
current user and whether a node should be viewable, short of doing one 
of the following things:

    * I could use a IN ()  clause to list every node id of the given
      type that the given user is allowed to see.  This may work in my
      current situation, but there can easily be *thousands* of these in
      some applications.  So this is not a general solution.
    * I could manipulate the node_access table *on the fly* each time a
      user with some access to the content type.
    * I could  somehow  hack the  node to hide  itself by not
      displaying  any sensitive content in hook_view, and theming it to
      be hidden via CSS.

<rant>
IMNHO, this is complete insane.
</rant>

What's the best way to get around this, um, performance enhancement?

Thanks,
Rob

It may help improve

More information about the development mailing list