You are here

Home » API reference » Content Access 5 » content_access.module

function content_access_optimize_grants in Content Access 5

Same name and namespace in other branches
  1. 8 content_access.module \content_access_optimize_grants()
  2. 6 content_access.module \content_access_optimize_grants()
  3. 7 content_access.module \content_access_optimize_grants()
1 call to content_access_optimize_grants()
content_access_node_access_records in ./content_access.module

File

./content_access.module, line 564

Code

function content_access_optimize_grants(&$grants, $node) {

  //populate $view, $update and $delete with roles, that have access
  foreach (array(
    'view',
    'update',
    'delete',
  ) as $op) {
    ${$op} = array();
  }
  foreach ($grants as $key => $grant) {
    foreach (array(
      'view',
      'update',
      'delete',
    ) as $op) {
      if ($grant['grant_' . $op]) {
        ${$op}[] = $key;
      }
    }
  }

  // Compare the permissions.
  $all = array(
    DRUPAL_ANONYMOUS_RID,
    DRUPAL_AUTHENTICATED_RID,
  );
  if (count(array_diff($all, $view)) == 0) {

    //grant view access to all instead of single roles
    $view = array(
      'all',
    );
    $grants['all'] = array(
      'realm' => 'all',
      'gid' => 0,
      'grant_view' => 1,
      'grant_update' => 0,
      'grant_delete' => 0,
      'priority' => content_access_get_settings('priority', $node->type),
    );
  }
  $edit_perm_roles = content_access_get_permission_access('edit ' . $node->type . ' content');
  $edit_own_roles = content_access_get_permission_access('edit own ' . $node->type . ' content');
  if (in_array(DRUPAL_AUTHENTICATED_RID, $edit_own_roles)) {
    $edit_perm_roles[] = 'author';
  }
  foreach (array(
    'update',
    'delete',
  ) as $op) {
    ${$op} = array_diff(${$op}, $edit_perm_roles);
  }

  // $view, $update and $delete contain now only the necessary rids/author
  // so let's remove unnecessary grants, if any.
  foreach ($grants as $key => $grant) {
    foreach (array(
      'view',
      'update',
      'delete',
    ) as $op) {
      if ($grant['grant_' . $op] && in_array($key, ${$op})) {

        //it's still here, so we can't remove this grant
        continue 2;
      }
    }

    //ok, remove it
    unset($grants[$key]);
  }
}