pass optional $node to hook_node_grants
| Project: | Drupal |
| Version: | 7.x-dev |
| Component: | node system |
| Category: | feature request |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | active |
Jump to:
It's not really a bug and maybe it even is done on purpose (I don't get it though).
hook_node_grants($user, $op) is currently in core (not sure about contrib modules) only called by node_access($op, $node = NULL) and node_access_view_all_nodes().
Why is $op passed and $node not? The only purpose of $op on its own I can come up with, is to optimize a node-access-module.
hook_node_grants($user, $op, $node = NULL). When $node is passed (currently only node_access()), a node-access-module could do a lot more (e.g. overriding grants instead of extending grants).
Since results of hook_node_grants() aren't loaded just once, passing $node is only a good thing (don't have to worry about modules which don't use it; a lot don't use $op either).
Is it possible that this still get changed in drupal5?
#1
Example:
hook_node_grants($user, $op, $node = null) {
if ($node) {
// restrict access per role per contenttype
return array('myrealmbytype_'.$node->type => array($user->roles));
}
}
By passing $node it becomes possible to use $node's qualifications by defining which realms need to checked (now we need to overflow the node_access table with records for every node).
#2
Is there anything going on with this?
I keep slamming my head against the wall trying to implement access control in User Relationships in an efficient manner. Maybe I'm missing something somewhere, but I need to know the node author and the account to be able to set permissions by relationship.
#3
new features go in D7