It's not really a bug and maybe it even is done on purpose (I don't get it though).

hook_node_grants($user, $op) is currently in core (not sure about contrib modules) only called by node_access($op, $node = NULL) and node_access_view_all_nodes().

Why is $op passed and $node not? The only purpose of $op on its own I can come up with, is to optimize a node-access-module.

hook_node_grants($user, $op, $node = NULL). When $node is passed (currently only node_access()), a node-access-module could do a lot more (e.g. overriding grants instead of extending grants).

Since results of hook_node_grants() aren't loaded just once, passing $node is only a good thing (don't have to worry about modules which don't use it; a lot don't use $op either).

Is it possible that this still get changed in drupal5?

Comments

casey’s picture

casey commented

Example:

hook_node_grants($user, $op, $node = null) {
if ($node) {
// restrict access per role per contenttype
return array('myrealmbytype_'.$node->type => array($user->roles));
}

}

By passing $node it becomes possible to use $node's qualifications by defining which realms need to checked (now we need to overflow the node_access table with records for every node).

sprsquish’s picture

sprsquish commented

Is there anything going on with this?

I keep slamming my head against the wall trying to implement access control in User Relationships in an efficient manner. Maybe I'm missing something somewhere, but I need to know the node author and the account to be able to set permissions by relationship.

bart jansens’s picture

bart jansens commented
Version: 5.0-rc1 » 7.x-dev
Category: bug » feature

new features go in D7

casey’s picture

casey commented
Status: Active » Closed (works as designed)

Never mind, this request is nonsense: it would make it impossible to do queries for nodes to which a certain user has access to.