function xmlsitemap_node_view_access in XML sitemap 6.2
Same name and namespace in other branches
- 7.2 xmlsitemap_node/xmlsitemap_node.module \xmlsitemap_node_view_access()
Determine whether a user may view the specified node.
Parameters
$node: The node object on which the operation is to be performed, or node type (e.g. 'forum') for "create" operation.
$account: Optional, a user object representing the user for whom the operation is to be performed. Determines access for a user other than the current user.
Return value
TRUE if the operation may be performed, FALSE otherwise.
This is for all intesive purposes a copy of Drupal 7's node_access() function. It invokes a backport of Drupal 7's hook_node_grants_alter() specifically for use with XML sitemap.
1 call to xmlsitemap_node_view_access()
- xmlsitemap_node_create_link in xmlsitemap_node/
xmlsitemap_node.module - Create a sitemap link from a node.
File
- xmlsitemap_node/
xmlsitemap_node.module, line 254
Code
function xmlsitemap_node_view_access($node, $account = NULL) {
global $user;
$op = 'view';
$rights =& xmlsitemap_static(__FUNCTION__, array());
if (!$node || !in_array($op, array(
'view',
'update',
'delete',
'create',
), TRUE)) {
// If there was no node to check against, or the $op was not one of the
// supported ones, we return access denied.
return FALSE;
}
// If no user object is supplied, the access check is for the current user.
if (empty($account)) {
$account = $user;
}
// $node may be either an object or a node type. Since node types cannot be
// an integer, use either nid or type as the static cache id.
//$cid = is_object($node) ? $node->nid : $node;
// If we've already checked access for this node, user and op, return from
// cache.
if (isset($rights[$account->uid][$node->nid])) {
return $rights[$account->uid][$node->nid];
}
if (user_access('administer nodes', $account)) {
$rights[$account->uid][$node->nid] = TRUE;
return TRUE;
}
if (!user_access('access content', $account)) {
$rights[$account->uid][$node->nid] = FALSE;
return FALSE;
}
// Can't use node_invoke(), because the access hook takes the $op parameter
// before the $node parameter.
$module = node_get_types('module', $node);
if ($module == 'node') {
$module = 'node_content';
// Avoid function name collisions.
}
$access = module_invoke($module, 'access', $op, $node, $account);
if (!is_null($access)) {
$rights[$account->uid][$node->nid] = $access;
return $access;
}
// If the module did not override the access rights, use those set in the
// node_access table.
if ($op != 'create' && $node->nid && $node->status) {
if (module_implements('node_grants')) {
// Fetch the node grants and allow other modules to alter them (D7 backport).
$grants =& xmlsitemap_static(__FUNCTION__ . ':grants', array());
if (!isset($grants[$account->uid][$op])) {
// Indicate that this is our special function in the grants.
$account->xmlsitemap_node_access = TRUE;
$grants[$account->uid][$op] = node_access_grants($op, $account);
// Call hook_node_grants_alter(). This is a backport from Drupal 7.
drupal_alter('node_grants', $grants[$account->uid][$op], $account, $op);
// Remove the special indicator.
unset($account->xmlsitemap_node_access);
}
$grant_condition = array();
foreach ($grants[$account->uid][$op] as $realm => $gids) {
foreach ($gids as $gid) {
$grant_condition[] = "(gid = {$gid} AND realm = '{$realm}')";
}
}
if (count($grant_condition)) {
$grant_condition = 'AND (' . implode(' OR ', $grant_condition) . ')';
}
else {
$grant_condition = '';
}
$sql = "SELECT 1 FROM {node_access} WHERE (nid = 0 OR nid = %d) {$grant_condition} AND grant_{$op} >= 1";
$result = (bool) db_result(db_query_range($sql, $node->nid, 0, 1));
$rights[$account->uid][$node->nid] = $result;
return $result;
}
elseif ($op == 'view') {
// If no modules implement hook_node_grants(), the default behaviour is to
// allow all users to view published nodes, so reflect that here.
$rights[$account->uid][$op] = TRUE;
return TRUE;
}
}
// Let authors view their own nodes.
if ($op == 'view' && $account->uid == $node->uid && $account->uid) {
$rights[$account->uid][$op] = TRUE;
return TRUE;
}
return FALSE;
}