Hi,

I try to use ACL directly in my own module - in my example a user fills in a webform and depending on his selection in this webform he should be granted access to specific nodes. I followed the instructions here (http://symbiotix.net/collab/drupal-access-control-part-2-acl-module-expl...) but the user gets no access. Content access module is installed, users of the role are not allowed to view nodes of the content type in general. Per user setting is disabled for content access module as I want to handle this by my own module.

Here is my code (just the function where the magic should happen, not the _enable(), _enabled() and so on stuff):

function mymodule_webform_submission_insert($node, $submission) {
  if ($node->nid == 9) {  // react on a specific webform

    // access testnode 1
    if ($submission->data[1]['value'][0] == 1) {
      $testnode = 1;      
    }
    if ($submission->data[1]['value'][0] == 2) {
      $testnode = 6;
    }
    
    if (isset($testnode))  {
      global $user;
      $acl_id = acl_create_new_acl('mymodule', 'view_' . $testnode);
      acl_node_add_acl($testnode, $acl_id, 1, 0, 0);
      acl_add_user($acl_id, $user->uid);
    }   
  }
}

I find the entries in all acl database tables after the user filled in the webform - but there is nothing in node_access table where I believe should be found an entry as well. As a result the user gets no access to view the node he should see. Even when I update the node (by hand or by loading it in the function with node_load() and saving it then with node_save() ) nothing changes. Do I miss something to get this working? To be honest I am not very familiar with drupals node access system yet and I hoped ACL would prevend me from beeing forced to go deeper into this - but maybe this missing knowledge is my problem here... I would be very thankful if somebody could give me a hint.

Best,
Tobias

Comments

tobiberlin’s picture

tobiberlin
Primary language German
Location Berlin, Germany
CreditAttribution: tobiberlin commented

Ok... maybe I missed the following: do I have to create the entry with my realm in node access on my own - could it be that this is the problem?

bartlantz’s picture

bartlantz CreditAttribution: bartlantz commented

I was having this same issue. I added a call to hook_node_access_records() and then once a node is saved, the new acl takes effect. 

 
 /**
   * Implements hook_node_access_records().
   */
  function dance_code_node_access_records($node) {
   if(!dance_code_enabled()) {
     return;
   }
   $grants = &drupal_static(__FUNCTION__, array());
   if(!isset($grants[$node->nid])) {
     $result = db_query('SELECT * FROM {acl_node} WHERE nid = :nid', array(
       ':nid' => $node->nid,
     ));
     foreach($result as $grant) {
          $grants[$node->nid][] = array(
            // change realm to your module name
            'realm'        => 'dance_code',
            'gid'          => $grant->acl_id,
            'grant_view'   => $grant->grant_view,
            'grant_update' => $grant->grant_update,
            'grant_delete' => $grant->grant_delete,
            'priority'     => $grant->priority,
          );
     }
   }
   if(isset($grants[$node->nid])) {
     return $grants[$node->nid];
   }
  }

Also I added a call to hook_enable():


  /**
   * Implements hook_enable().
   */
  function dance_code_enable() {
    // rebuild the node access system.
    node_access_rebuild();
  }
salvis’s picture

salvis
he/his
CreditAttribution: salvis commented

ACL implements its own hook_node_access_records(), so this should not be necessary.

Please take a look at the Forum Access module and search for "acl" to find all the pieces that you need.

Also, install the Devel Node Access module to see what is happening.

salvis’s picture

salvis
he/his
CreditAttribution: salvis as a volunteer commented
Status: Active » Closed (fixed)

No follow-up.