function node_access_write_grants

Writes a list of grants to the database, deleting any previously saved ones.

If a realm is provided, it will only delete grants from that realm, but it will always delete a grant from the 'all' realm. Modules that utilize node_access() can use this function when doing mass updates due to widespread permission changes.

Note: Don't call this function directly from a contributed module. Call node_access_acquire_grants() instead.

Parameters

$node: The node whose grants are being written.

$grants: A list of grants to write. Each grant is an array that must contain the following keys: realm, gid, grant_view, grant_update, grant_delete. The realm is specified by a particular module; the gid is as well, and is a module-defined id to define grant privileges. each grant_* field is a boolean value.

$realm: (optional) If provided, read/write grants for that realm only. Defaults to NULL.

$delete: (optional) If false, does not delete records. This is only for optimization purposes, and assumes the caller has already performed a mass delete of some form. Defaults to TRUE.

See also

node_access_acquire_grants()

Related topics

Node access rights
The node access system determines who can do what to which nodes.
1 call to node_access_write_grants()
node_access_acquire_grants in modules/node/node.module
Gets the list of node access grants and writes them to the database.

File

modules/node/node.module, line 3546

Code

function node_access_write_grants($node, $grants, $realm = NULL, $delete = TRUE) {
    if ($delete) {
        $query = db_delete('node_access')->condition('nid', $node->nid);
        if ($realm) {
            $query->condition('realm', array(
                $realm,
                'all',
            ), 'IN');
        }
        $query->execute();
    }
    // Only perform work when node_access modules are active.
    if (!empty($grants) && count(module_implements('node_grants'))) {
        $query = db_insert('node_access')->fields(array(
            'nid',
            'realm',
            'gid',
            'grant_view',
            'grant_update',
            'grant_delete',
        ));
        foreach ($grants as $grant) {
            if ($realm && $realm != $grant['realm']) {
                continue;
            }
            // Only write grants; denies are implicit.
            if ($grant['grant_view'] || $grant['grant_update'] || $grant['grant_delete']) {
                $grant['nid'] = $node->nid;
                $query->values($grant);
            }
        }
        $query->execute();
    }
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.