function restws_entity_node_access in RESTful Web Services 7
Access callback for the node entity.
Replacement for entity_metadata_no_hook_node_access() because it does not work with the create operation.
@todo Remove this once https://drupal.org/node/1780646 is fixed.
See also
entity_metadata_no_hook_node_access()
1 string reference to 'restws_entity_node_access'
- restws_entity_info_alter in ./
restws.module - Implements hook_entity_info_alter().
File
- ./
restws.module, line 433 - RESTful web services module.
Code
function restws_entity_node_access($op, $node = NULL, $account = NULL) {
// First deal with the case where a $node is provided.
if (isset($node)) {
// Ugly hack to handle field access, because entity_api does not distinguish
// between 'create' and 'update' permissions for fields. This should rather
// be fixed in EntityStructureWrapper::propertyAccess() (entity.wrapper.inc).
if ($op == 'update' && empty($node->nid)) {
$op = 'create';
}
if ($op == 'create') {
if (isset($node->type)) {
return node_access($op, $node->type, $account);
}
else {
throw new EntityMalformedException('Permission to create a node was requested but no node type was given.');
}
}
// If a non-default revision is given, incorporate revision access.
$default_revision = node_load($node->nid);
if ($node->vid !== $default_revision->vid) {
return _node_revision_access($node, $op, $account);
}
else {
return node_access($op, $node, $account);
}
}
// No node is provided. Check for access to all nodes.
if (user_access('bypass node access', $account)) {
return TRUE;
}
if (!user_access('access content', $account)) {
return FALSE;
}
if ($op == 'view' && node_access_view_all_nodes($account)) {
return TRUE;
}
return FALSE;
}