You are here

public function NodeGrantDatabaseStorage::write in Drupal 8

Same name and namespace in other branches
  1. 9 core/modules/node/src/NodeGrantDatabaseStorage.php \Drupal\node\NodeGrantDatabaseStorage::write()

Writes a list of grants to the database, deleting previously saved ones.

If a realm is provided, it will only delete grants from that realm, but it will always delete a grant from the 'all' realm. Modules that use node access can use this method when doing mass updates due to widespread permission changes.

Note: Don't call this method directly from a contributed module. Call \Drupal\node\NodeAccessControlHandlerInterface::acquireGrants() instead.

Parameters

\Drupal\node\NodeInterface $node: The node whose grants are being written.

array $grants: A list of grants to write. Each grant is an array that must contain the following keys: realm, gid, grant_view, grant_update, grant_delete. The realm is specified by a particular module; the gid is as well, and is a module-defined id to define grant privileges. each grant_* field is a boolean value.

string $realm: (optional) If provided, read/write grants for that realm only. Defaults to NULL.

bool $delete: (optional) If false, does not delete records. This is only for optimization purposes, and assumes the caller has already performed a mass delete of some form. Defaults to TRUE.

Overrides NodeGrantDatabaseStorageInterface::write

File

core/modules/node/src/NodeGrantDatabaseStorage.php, line 203

Class

NodeGrantDatabaseStorage
Defines a storage handler class that handles the node grants system.

Namespace

Drupal\node

Code

public function write(NodeInterface $node, array $grants, $realm = NULL, $delete = TRUE) {
  if ($delete) {
    $query = $this->database
      ->delete('node_access')
      ->condition('nid', $node
      ->id());
    if ($realm) {
      $query
        ->condition('realm', [
        $realm,
        'all',
      ], 'IN');
    }
    $query
      ->execute();
  }

  // Only perform work when node_access modules are active.
  if (!empty($grants) && count($this->moduleHandler
    ->getImplementations('node_grants'))) {
    $query = $this->database
      ->insert('node_access')
      ->fields([
      'nid',
      'langcode',
      'fallback',
      'realm',
      'gid',
      'grant_view',
      'grant_update',
      'grant_delete',
    ]);

    // If we have defined a granted langcode, use it. But if not, add a grant
    // for every language this node is translated to.
    $fallback_langcode = $node
      ->getUntranslated()
      ->language()
      ->getId();
    foreach ($grants as $grant) {
      if ($realm && $realm != $grant['realm']) {
        continue;
      }
      if (isset($grant['langcode'])) {
        $grant_languages = [
          $grant['langcode'] => $this->languageManager
            ->getLanguage($grant['langcode']),
        ];
      }
      else {
        $grant_languages = $node
          ->getTranslationLanguages(TRUE);
      }
      foreach ($grant_languages as $grant_langcode => $grant_language) {

        // Only write grants; denies are implicit.
        if ($grant['grant_view'] || $grant['grant_update'] || $grant['grant_delete']) {
          $grant['nid'] = $node
            ->id();
          $grant['langcode'] = $grant_langcode;

          // The record with the original langcode is used as the fallback.
          if ($grant['langcode'] == $fallback_langcode) {
            $grant['fallback'] = 1;
          }
          else {
            $grant['fallback'] = 0;
          }
          $query
            ->values($grant);
        }
      }
    }
    $query
      ->execute();
  }
}