function hook_node_access_records_alter
Same name in other branches
- 7.x modules/node/node.api.php \hook_node_access_records_alter()
- 9 core/modules/node/node.api.php \hook_node_access_records_alter()
- 8.9.x core/modules/node/node.api.php \hook_node_access_records_alter()
- 10 core/modules/node/node.api.php \hook_node_access_records_alter()
Alter permissions for a node before it is written to the database.
Node access modules establish rules for user access to content. Node access records are stored in the {node_access} table and define which permissions are required to access a node. This hook is invoked after node access modules returned their requirements via hook_node_access_records(); doing so allows modules to modify the $grants array by reference before it is stored, so custom or advanced business logic can be applied.
Upon viewing, editing or deleting a node, hook_node_grants() builds a permissions array that is compared against the stored access records. The user must have one or more matching permissions in order to complete the requested operation.
A module may deny all access to a node by setting $grants to an empty array.
The preferred use of this hook is in a module that bridges multiple node access modules with a configurable behavior, as shown in the example with the 'is_preview' field.
Parameters
array $grants: The $grants array returned by hook_node_access_records().
\Drupal\node\NodeInterface $node: The node for which the grants were acquired.
See also
Related topics
1 function implements hook_node_access_records_alter()
Note: this list is generated by pattern matching, so it may include some functions that are not actually implementations of this hook.
- node_test_node_access_records_alter in core/
modules/ node/ tests/ modules/ node_test/ node_test.module - Implements hook_node_access_records_alter().
File
-
core/
modules/ node/ node.api.php, line 220
Code
function hook_node_access_records_alter(&$grants, NodeInterface $node) {
// Our module allows editors to mark specific articles with the 'is_preview'
// field. If the node being saved has a TRUE value for that field, then only
// our grants are retained, and other grants are removed. Doing so ensures
// that our rules are enforced no matter what priority other grants are given.
if ($node->is_preview) {
// Our module grants are set in $grants['example'].
$temp = $grants['example'];
// Now remove all module grants but our own.
$grants = [
'example' => $temp,
];
}
}
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.