You are here

function abt_node_access in Access By Term 7

Implements hook_node_access().

Runs every time a user tries to view a node. If the node is unpublished and the user has no roles with the permission "view unpublished abt controlled nodes" then the visitor sees "access denied".

File

./abt.module, line 18
abt.module Module for controling access by using user->term<-node relationship.

Code

function abt_node_access($node, $op, $account) {
  if (is_string($node)) {

    // when checking for access to the content type
    return NODE_ACCESS_IGNORE;
  }
  if ($op == 'view' && $node->status == 0 && !user_access('view unpublished abt controlled nodes') && !(user_access('view own unpublished content') && $account->uid == $node->uid && $account->uid != 0)) {
    return NODE_ACCESS_DENY;
  }

  // since node_node_access() is taking care of create/update/delete permissions, let's just handle $op=view here
  if ($op == 'view' && $account->uid == $node->uid && $account->uid != 0 && user_access('view own abt controlled nodes')) {
    return NODE_ACCESS_ALLOW;
  }
  return NODE_ACCESS_IGNORE;
}