[development] Even more flexibility in content management
Earl Miles
merlin at logrus.com
Fri Dec 29 01:07:00 UTC 2006
Nedjo Rogers wrote:
>> "view TYPE content" - roles that are allowed to view the content
>> type's nodes
>
>
> 'view' is already one of the options fed into hook_access(), so in that
> sense this set of permissions already exists--it's just not implemented
> (yet) in the core node types. If you wish to implement it for a custom
> node type, you can define perms 'view whatevers' and/or 'view own
> whatevers' in hook_perm().
>
> Then:
>
> /**
> * Implementation of hook_access().
> */
> function whatever_access($op, $node) {
> global $user;
>
> if (user_access('administer whatevers')) {
> return TRUE;
> }
>
> if ($op == 'view') {
> return (user_access('view whatevers') || (user_access('view own
> whatevers') && ($user->uid == $node->uid)));
> }
> ,,,
> }
Note that this method doesn't work very well because it does not prevent this
content from being listed -- that requires either 1) using the node_access
table, or 2) implementing hook_db_rewrite_sql to ensure that inaccessible types
are not listed.
More information about the development
mailing list