You are here

Home » API reference » Private 7.2 » private.module

function private_node_access in Private 7.2

Implements hook_node_access().

File

./private.module, line 139
A tremendously simple access control module -- it allows users to mark individual nodes as private; users with 'access private content' perms can read these nodes, while others cannot.

Code

function private_node_access($node, $op, $account) {
  if (is_string($node)) {
    return NODE_ACCESS_IGNORE;
  }

  // Apply restrictions on private nodes, except for the owner.
  $owner = $account->uid != 0 && $node->uid == $account->uid;
  if ($node->private && !$owner) {
    if ($op == 'update' || $op == 'delete') {
      if (!user_access('edit private content', $account)) {

        // Missing access for write.
        return NODE_ACCESS_DENY;
      }
    }
    elseif ($op == 'view') {
      if (!user_access('access private content', $account)) {

        // Missing access for view.
        return NODE_ACCESS_DENY;
      }
    }
  }

  // Otherwise, fall back to the pre-existing access rules in core/modules.
  // Note that this module never grants extra access, it only removes it.
  return NODE_ACCESS_IGNORE;
}