Hi!
I am building a module where I need to dynamically decide the access to a node. The situation is that in an intranet, I might have to show certain nodes based on login ip. When a user logs in from a specific office he has view access to these nodes and when an user logs in from other office, she might have view access to completely different set of nodes. I need to control only view access and not update and delete.
In D6 I am thinking of using db_rewrite_sql to control the listing of nodes and use drupal_accesss_denied in hook_nodeapi_view to handle situations such as a bookmarked node, which should not be accessible to a user in a specific location.
I am wondering if this approach is correct or any alternate is possible ?
regards
Vivek
Comments
I have not tried the module
I have not tried the module but it sounds like you could use Virtual roles. I would try adding one role per office, use Content Access to set view permissions and use Virtual roles to dynamical assign a role based on ip.
If you are coding a module,
If you are coding a module, you can do this using hook_node_access_records() and hook_node_grants(). You can set the gid as the IP address from which access should be provided. Permission will be denied for anyone not coming from said IP (assuming you've coded it right).
Contact me to contract me for D7 -> D10/11 migrations.