You are here

Home » API reference » Organic groups 7 » og.module

function og_node_access in Organic groups 7

Same name and namespace in other branches
  1. 7.2 og.module \og_node_access()

Implement hook_node_access()

File

./og.module, line 438
Enable users to create and manage groups with roles and permissions.

Code

function og_node_access($node, $op, $account) {
  $type = is_string($node) ? $node : (is_array($node) ? $node['type'] : $node->type);
  if (in_array($op, array(
    'update',
    'delete',
  ))) {
    $access = og_user_access_entity('administer group', 'node', $node, $account);
    if (is_null($access)) {

      // The node isn't in an OG context, so no need to keep testing.
      return NODE_ACCESS_IGNORE;
    }
    else {
      $access = $access || og_user_access_entity("{$op} any {$type} content", 'node', $node, $account) || og_user_access_entity("{$op} own {$type} content", 'node', $node, $account) && $account->uid == $node->uid;
    }
    if (!$access && $op == 'update' && og_get_group('node', $node->nid)) {

      // The node is a group, so check "update group" permission.
      $access = og_user_access_entity('update group', 'node', $node, $account);
    }
    if ($access) {
      return NODE_ACCESS_ALLOW;
    }

    // Check if OG should explicitly deny access or not.
    return variable_get('og_node_access_strict', TRUE) ? NODE_ACCESS_DENY : NODE_ACCESS_IGNORE;
  }
  return NODE_ACCESS_IGNORE;
}