function gnode_node_access_records in Group 7
Implements hook_node_access_records().
In compliance mode defines the following realms:
- 'gnode:NODE_TYPE': Grants view and update or delete any access to nodes.
- 'gnode_unpublished:NODE_TYPE': Grants view access to unpublished nodes.
- 'gnode_author:UID:NODE_TYPE': Grants update or delete access to authors.
- 'gnode_bypass': Given to anyone with the 'bypass group access' permission.
In safe mode there is a single realm:
- 'gnode:safemode': Grants view access, however this is never given to any user as we hand access control over to gnode_query_node_access_alter().
See also
File
- modules/
gnode/ gnode.node_access.inc, line 147 - Hooks and functions used in compliance mode.
Code
function gnode_node_access_records($node) {
$grants = array();
// If the node isn't part of a group, we do not set any access records for it.
// This allows the node module to take over the responsibility for access by
// setting the all access record in node_access_acquire_grants().
if (empty($node->group)) {
return $grants;
}
// We can use the same grant-all base because we will only hand out the grants
// based on the $op parameter in hook_node_grants().
$base = array(
'grant_view' => 1,
'grant_update' => 1,
'grant_delete' => 1,
'priority' => 0,
);
// Add the non-author record for viewing nodes.
$prefix = $node->status ? 'gnode' : 'gnode_unpublished';
$grants[] = array(
'gid' => $node->group,
'realm' => "{$prefix}:{$node->type}",
) + $base;
// Add the author record for updating or deleting nodes.
$grants[] = array(
'gid' => $node->group,
'realm' => "gnode_author:{$node->uid}:{$node->type}",
) + $base;
// Add the general access bypass record.
$grants[] = array(
'gid' => GNODE_MASTER_GRANT_ID,
'realm' => 'gnode_bypass',
) + $base;
return $grants;
}