[development] Overriding node_db_rewrite_sql()

Moshe Weitzman weitzman at tejasa.com
Thu Jul 26 16:32:25 UTC 2007

i'll go further, and suggest that you should not implement that hook in 
your module either. you want to restrict nodes using the node access 
API, just like og itself. See the example node_access module on 

Dave Cohen wrote:
> You should write your own hook_db_rewrite_sql and not muck with what's in 
> node.module.  You should not have to muck with it.
> If you've installed a module that implements hook_node_grants() and 
> hook_node_access_records(), then you must rebuild the node_access table.  See 
> Administer >> Content management >> Post settings >> Rebuild permissions.
> If you've not installed a module implementing those hooks, and you want 
> complete control over who sees what (that is, you don't want 
> node_db_rewrite_sql to affect anything), then you have to manually remove the 
> default entry in the node_access table (where gid is 0, nid is 0, and realm 
> is 'all').  If that entry is present, the node module lets everyone view 
> everything.
> There is a little-known module called devel_node_access, in the devel module, 
> which you should be using, just to show you which nodes are protected.  It 
> provides a block which you should enable in the footer.
> As far as your user #1 issues are concerned, remember that user_access() 
> always returns true for user #1. So that user generally has unrestricted 
> access to everything.
> -Dave
> On Thursday 26 July 2007 00:06, Ron Parker wrote:
>> Currently, I patch the node.module's node_db_rewrite_sql() function.
>> What I would like to do is take this functionality and put it into a
>> separate custom module so that I don't have to patch the core module.
>> I was advised to take the code, place it in my custom module, and weight
>> my custom module heavier than the node module.  Tried that, but I'm
>> getting some serious errors.

More information about the development mailing list