[development] Even more flexibility in content management

Earl Miles merlin at logrus.com
Fri Dec 29 01:07:00 UTC 2006


Nedjo Rogers wrote:
>> "view TYPE content" - roles that are allowed to view the content 
>> type's nodes
> 
> 
> 'view' is already one of the options fed into hook_access(), so in that 
> sense this set of permissions already exists--it's just not implemented 
> (yet) in the core node types. If you wish to implement it for a custom 
> node type, you can define perms 'view whatevers' and/or 'view own 
> whatevers' in hook_perm().
> 
> Then:
> 
> /**
> * Implementation of hook_access().
> */
> function whatever_access($op, $node) {
>  global $user;
> 
>  if (user_access('administer whatevers')) {
>    return TRUE;
>  }
> 
>  if ($op == 'view') {
>    return (user_access('view whatevers') || (user_access('view own 
> whatevers') && ($user->uid == $node->uid)));
>  }
>  ,,,
> }

Note that this method doesn't work very well because it does not prevent this 
content from being listed -- that requires either 1) using the node_access 
table, or 2) implementing hook_db_rewrite_sql to ensure that inaccessible types 
are not listed.



More information about the development mailing list