hook_node_grants_alter
- drupal
| Versions | |
|---|---|
| 7 | hook_node_grants_alter(&$grants, $account, $op) |
Alter user access rules when trying to view, edit or delete a node.
Node access modules establish rules for user access to content. hook_node_grants() defines permissions for a user to view, edit or delete nodes by building a $grants array that indicates the permissions assigned to the user by each node access module. This hook is called to allow modules to modify the $grants array by reference, so the interaction of multiple node access modules can be altered or advanced business logic can be applied.
Parameters
&$grants The $grants array returned by hook_node_grants().
$account The user account requesting access to content.
$op The operation being performed, 'view', 'update' or 'delete'.
Developers may use this hook to either add additional grants to a user or to remove existing grants. These rules are typically based on either the permissions assigned to a user role, or specific attributes of a user account.
See also
The resulting grants are then checked against the records stored in the {node_access} table to determine if the operation may be completed.
A module may deny all access to a user by setting $grants to an empty array.
hook_node_access_records_alter()
Related topics
Code
drupal/
<?php
function hook_node_grants_alter(&$grants, $account, $op) {
// Our sample module never allows certain roles to edit or delete
// content. Since some other node access modules might allow this
// permission, we expressly remove it by returning an empty $grants
// array for roles specified in our variable setting.
// Get our list of banned roles.
$restricted = variable_get('example_restricted_roles', array());
if ($op != 'view' && !empty($restricted)) {
// Now check the roles for this account against the restrictions.
foreach ($restricted as $role_id) {
if (isset($user->roles[$role_id])) {
$grants = array();
}
}
}
}
?>