You are here

Home » API reference » Domain Access 6.2 » domain.module

function domain_node_grants in Domain Access 6.2

Same name and namespace in other branches
  1. 5 domain.module \domain_node_grants()
  2. 7.3 domain.module \domain_node_grants()
  3. 7.2 domain.module \domain_node_grants()

Implement hook_node_grants.

Informs the node access system what permissions the user has. By design all users are in the realm defined by the currently active domain_id.

1 call to domain_node_grants()
domain_views_get_grants in domain_views/domain_views.module
Helper function to return the node grants for this user.

File

./domain.module, line 1572
Core module functions for the Domain Access suite.

Code

function domain_node_grants($account, $op) {
  global $_domain;
  $grants = array();

  // Do we need to use complex rules?
  $rules = variable_get('domain_access_rules', FALSE);

  // By design, all users can see content sent to all affiliates,
  // but the $_domain['site_grant'] can be set to FALSE.
  if ($op == 'view') {
    if ($_domain['site_grant']) {
      $grants['domain_site'][] = 0;
      if ($rules) {
        $grants['domain_site']['group'] = 'domain';
      }
    }

    // Grant based on active domain.
    $grants['domain_id'][] = $_domain['domain_id'];
    if ($rules) {
      $grants['domain_id']['group'] = 'domain';
    }

    // In special cases, we grant the ability to view all nodes.  That is,
    // we simply get out of the way of other node_access rules.
    // We do this with the universal 'domain_all' grant.
    if (domain_grant_all()) {

      // If no other node access modules are present, return our grant.
      // Otherwise, we just step out of the way.
      if ($rules) {
        $grants = array();
      }
      else {
        $grants = array(
          'domain_all' => array(
            0,
          ),
        );
      }
    }
  }
  else {

    // The $account may not have domain information loaded, so get it.
    $domains = domain_get_user_domains($account);
    $perm = 'delete domain nodes';
    if ($op == 'update') {
      $perm = 'edit domain nodes';
    }
    if (user_access($perm, $account)) {
      if (!empty($domains)) {
        foreach ($domains as $id) {
          if (abs($id) > 0) {
            if ($id > 0) {
              $grants['domain_id'][] = $id;
            }
            else {
              $grants['domain_id'][] = 0;
            }

            // Advanced rules let us access check unpublished nodes for editing.
            if ($rules) {
              $grants['domain_id']['check'] = TRUE;
            }
          }
        }
      }
    }
  }

  // Let Domain Access module extensions act to override the defaults.
  static $_modules;
  if (!isset($_modules)) {
    $_modules = module_implements('domaingrants');
  }
  if (!empty($_modules)) {
    foreach ($_modules as $module) {

      // Cannot use module_invoke_all() since these are passed by reference.
      $function = $module . '_domaingrants';
      $function($grants, $account, $op);
    }
  }
  return $grants;
}