function private_content_node_access_records in Private 8.2
Same name and namespace in other branches
- 8 private_content.module \private_content_node_access_records()
Implements hook_node_access_records().
All node access modules must implement this hook. If the module is interested in the privacy of the node passed in, return a list of node access values for each grant ID we offer.
File
- ./
private_content.module, line 117 - A tremendously simple access control module -- it allows users to mark individual nodes as private; users with 'access private content' perms can read these nodes, while others cannot.
Code
function private_content_node_access_records(NodeInterface $node) {
if (private_content_disabling()) {
return;
}
// See the README.txt file and the comment "STRATEGY" at the top of this file for background explanation.
// 1) Ignore update permissions here as they are handled in hook_access.
// It's not safe to grant update access here to a private node because we cannot be sure the user is entitled.
// 2) Ignore any nodes where we don't wish to alter the default access; other modules may grants access,
// or else core provides the correct default access.
$grants = array();
if ($node->status && private_content_get_value($node)) {
// Grant read access to users with 'access private content'.
$grants[] = array(
'realm' => 'private_view',
'gid' => PRIVATE_GRANT_ALL,
'grant_view' => 1,
'grant_update' => 0,
'grant_delete' => 0,
'priority' => 0,
);
// Grant read access to the owner, but not ANONYMOUS user.
if (!$node
->getOwner()
->isAnonymous()) {
$grants[] = array(
'realm' => 'private_author',
'gid' => $node
->getOwnerId(),
'grant_view' => 1,
'grant_update' => 0,
'grant_delete' => 0,
'priority' => 0,
);
}
// Otherwise, deny read access for private nodes.
}
return $grants;
}