function private_content_node_access_records in Private content 8.2

Implements hook_node_access_records().

All node access modules must implement this hook. If the module is interested in the privacy of the node passed in, return a list of node access values for each grant ID we offer.

File

./private_content.module, line 86: A tremendously simple access control module -- it allows users to mark individual nodes as private; users with 'access private content' perms can read these nodes, while others cannot.

Code

function private_content_node_access_records(NodeInterface $node) {

  // See the README.txt file and the comment "STRATEGY" at the top of this file for background explanation.
  // 1) Ignore update permissions here as they are handled in hook_access.
  //    It's not safe to grant update access here to a private node because we cannot be sure the user is entitled.
  // 2) Ignore any nodes where we don't wish to alter the default access; other modules may grants access,
  //    or else core provides the correct default access.
  $grants = array();
  if ($node->status && $node->private
    ->isPrivate()) {

    // Grant read access to users with 'access private content'.
    $grants[] = array(
      'realm' => 'private_view',
      'gid' => PRIVATE_GRANT_ALL,
      'grant_view' => 1,
      'grant_update' => 0,
      'grant_delete' => 0,
      'priority' => 0,
    );

    // Grant read access to the owner, but not ANONYMOUS user.
    if (!$node
      ->getOwner()
      ->isAnonymous()) {
      $grants[] = array(
        'realm' => 'private_author',
        'gid' => $node
          ->getOwnerId(),
        'grant_view' => 1,
        'grant_update' => 0,
        'grant_delete' => 0,
        'priority' => 0,
      );
    }

    // Otherwise, deny read access for private nodes.
  }
  return $grants;
}

You are here

function private_content_node_access_records in Private content 8.2

File

Code

API Navigation