Node Access in Drupal 7

Node Access in Drupal 7

tags

Out of the box, Drupal is a great system for creating and managing content. However, there are cases where your needs require additional requirements for which users can create, view, edit and delete content. To solve this problem, Drupal provides its Node Access system.

Node Access provides an API for determining the grants, or permissions, that a user has for each node. By understanding how these grants work, a module developer can create and enforce complex access rules.

We will cover some (or all) of the following topics.

• Node Access compared to user_access() and other permission checks.
• How Drupal grants node permissions.
• The node_access() function.
• hook_node_access() compared to {node_access}.
• Controlling permission to create content.
• Using hook_node_access().
• When to write a Node Access module.
• The {node_access} table and its role.
• Defining your module’s access rules.
• Using hook_node_access_records().
• Using hook_node_grants().
• Rebuilding the {node_access} table.
• Modifying the behavior of other modules.
• Using hook_node_access_records_alter().
• Using hook_node_grants_alter().
• Testing and debugging you module.
• Using Devel Node Access

Ken Rickard is the maintainer of the Domain Access module and wrote several of the patches for Node Access in Drupal 7.

Resources