[development] Fancy Node Access with OG
Ken Rickard
agentrickard at gmail.com
Wed Jul 28 02:58:01 UTC 2010
Take a long look at the order of the access checks in the node_access
() function itself before you go much further.
Of course, in Drupal 7, revoking access is trivial with
hook_node_access().
On Jul 27, 2010, at 8:37 PM, Moshe Weitzman <weitzman at tejasa.com> wrote:
> Once you grant 'edit any *** content type' perm, there is nothing OG
> or any node access module can do to intervene. You have to revoke that
> perm in order for anyone in those roles to be denied access.
>
> On Tue, Jul 27, 2010 at 6:47 PM, Adam B. Ross <grayside at gmail.com>
> wrote:
>> I'm working on a node access module to stomp all over OG's og_public
>> grant realm. As part of this process, I am conditionally creating a
>> grant that specifically grants no access. It appears this grant does
>> not even get written to the node_access table.
>>
>> This would not be a problem, except (or so I surmise) without a "0"
>> in
>> the update column of that table, users that are not members of a
>> given
>> group can go directly to node/#/edit and make changes. (On account of
>> the <em>edit any **** content type</em> permission.
>>
>> Is there some way I can simply revoke access to nodes?
>>
>> Why am I attempting this madness? I am attempt to skate along the top
>> of the Spaces module.
>>
More information about the development
mailing list