Facebook Friend Based Permisions
ahansen1 - February 28, 2009 - 10:36
| Project: | Drupal for Facebook |
| Version: | 6.x-2.x-dev |
| Component: | Code |
| Category: | feature request |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | active |
Jump to:
Description
The desired functionality is to be able to limit node access based on if the node author is in their friends list.
#1
I've been attempting to add this bit of functionality and stumbled upon the deprecated fb_node_grantsXXX method. It seems that somehow this used in conjunction with an implementation of hook_node_access_records it would be possible to accomplish this sort of functionality. However, I'm a bit new to the node access stuff and am not sure if this is correct? Especially given that this method has been deprecated? Thought maybe this path was already explored and resulted in a dead end?
Another potential option would appear to be modifying the fb_canvas_nodeapi method to verify that the user is in the friends list and if not update the node content to contain an access denied error message.
Anyone have any thoughts on these? Or have any other ideas on accomplishing this?
#2
I mentioned this in my list of desired features. I'd like to have a fb_access.module which uses drupal's node_access features. It would enable grants based on friendship and also group or network membership.
If anyone takes a stab at this, please submit a patch. If anyone can sponsor the development, that would be great, too. It's a non-trivial chunk of work.
#3
I was able to get this functional and am using it on one of my production sites. I used the partial code already in the module as a starting point. I wish I had more time to package it up into a pretty little fb-access.module, but I figured this was better then nothing for now.
First, needed to install another module to get better control over node access. I choose http://drupal.org/project/content_access. Then, for the nodes which I wanted to be restricted, I turned off access in that module. For other nodes that I still wanted anonymous users to see, e.g. Page, I left that open in that module.
Second, made the changes in my dff_custom module. Basically used the grant hook that was already there, but XXX''ed out. Then, added a hook implementation for node_access_records to create the appropriate node_access records. What it currently does is add a node_access record for each node with a gid of the facebook user id. After putting this in and running a re-build of the access tables from http://localhost/admin/content/node-settings, it was good to go.
I'm not 100% sure I did this all correctly? But, it seems to be working for my use case based on the little bit of testing that I did.
function dff_custom_node_access_records($node) {
$grants = array();
$query = "SELECT fbu FROM {fb_user_app} WHERE uid = %s";
$args[] = $node->uid;
$result = db_query($query, $args);
while ($data = db_fetch_object($result)) {
if ($data->fbu) {
$grants[] = array(
'realm' => FB_GRANT_REALM_FRIEND,
'nid' => $node->nid,
'gid' => $data->fbu,
'grant_view' => TRUE,
'grant_update' => FALSE,
'grant_delete' => FALSE,
'priority' => 0,
);
}
}
return $grants;
}
function dff_custom_node_grants($user, $op) {
$fbu = fb_get_fbu($user);
// $GLOBALS['fb']) was to prevent errors as described here http://drupal.org/node/371341
if ($fbu && isset($GLOBALS['fb'])) {
$friends = fb_get_friends($fbu);
// For access purposes, consider a users to be a friend of themselves
$friends[] = $fbu;
if (count($friends))
$grants[FB_GRANT_REALM_FRIEND] = $friends;
// Not currently creating the access records for this, but interesting idea
$groups = fb_get_groups($fbu);
if (count($groups))
$grants[FB_GRANT_REALM_GROUP] = $groups;
}
return $grants;
}