翻译:似曾相识 Drupal 用户联盟---DrupalUser.Org
版本
1.14 (checked in on 2008/10/12 at 08:52:36 by davereid)
描述
This is an example illustrating how to restrict access to nodes based on some criterion associated with the user.
This example module will simply set a single flag on a node: 'private'. If the flag is set, only users with the 'view private content' flag can see the node, and all users with 'edit private content' can edit (but not delete) the node.
Additionally we will ensure that the node author can always view, edit, and delete the node by providing an additional access realm that grants privileges to the node's author.
函数
名称 |
描述 |
|---|---|
| node_access_example_form_alter | Implementation of hook_form_alter() |
| node_access_example_nodeapi_delete | |
| node_access_example_nodeapi_insert | Implementation of hook_nodeapi_insert(). |
| node_access_example_nodeapi_load | |
| node_access_example_nodeapi_update | Implementation of hook_nodeapi_update(). |
| node_access_example_node_access_records | Implementation of hook_node_access_records(). |
| node_access_example_node_grants | Implementation of hook_node_grants(). |
| node_access_example_perm | Implementation of hook_perm(). |
代码:
<?php
// $Id: node_access_example.module,v 1.14 2008/10/12 08:52:36 davereid Exp $
/**
* @file
* This is an example illustrating how to restrict access to nodes based on
* some criterion associated with the user.
*
* This example module will simply set a single flag on a node: 'private'. If
* the flag is set, only users with the 'view private content' flag can see
* the node, and all users with 'edit private content' can edit (but not
* delete) the node.
*
* Additionally we will ensure that the node author can always view, edit,
* and delete the node by providing an additional access realm that grants
* privileges to the node's author.
*
*/
/**
* Implementation of hook_perm().
*
* In this example, we will use a simple permission to determine whether a user
* has access to "private" content. This permission is defined here.
*/
function node_access_example_perm() {
return array(
'access private content' => array(
'title' => t('Access private content'),
'description' => t('May view posts that are marked private.'),
),
'edit private content' => array(
'title' => t('Edit private content'),
'description' => t('May edit posts that are marked private.'),
),
);
}
/**
* Implementation of hook_node_grants().
*
* Tell the node access system what GIDs the user belongs to for each realm.
* In this example, we are providing two realms: the example realm, which
* has just one group id (1) and the user is either a member or not depending
* upon the operation and the access permission set.
*
* We are also setting up a realm for the node author, though, to give it
* special privileges. That has 1 GID for every UID, and each user is
* automatically a member of the group where GID == UID.
*
*/
function node_access_example_node_grants($account, $op) {
if ($op == 'view' && user_access('access private content', $account)) {
$grants['example'] = array(1);
}
if (($op == 'update' || $op == 'delete') && user_access('edit private content', $account)) {
$grants['example'] = array(1);
}
$grants['example_author'] = array($account->uid);
return $grants;
}
/**
* Implementation of hook_node_access_records().
*
* All node access modules must implement this hook. If the module is
* interested in the privacy of the node passed in, return a list
* of node access values for each grant ID we offer. Since this
* example module only offers 1 grant ID, we will only ever be
* returning one record.
*/
function node_access_example_node_access_records($node) {
// We only care about the node if it's been marked private. If not, it is
// treated just like any other node and we completely ignore it.
if (!empty($node->private)) {
$grants = array();
$grants[] = array(
'realm' => 'example',
'gid' => TRUE,
'grant_view' => TRUE,
'grant_update' => FALSE,
'grant_delete' => FALSE,
'priority' => 0,
);
// For the example_author array, the GID is equivalent to a UID, which
// means there are many many groups of just 1 user.
$grants[] = array(
'realm' => 'example_author',
'gid' => $node->uid,
'grant_view' => TRUE,
'grant_update' => TRUE,
'grant_delete' => TRUE,
'priority' => 0,
);
return $grants;
}
}
/**
* Implementation of hook_form_alter()
*
* This module adds a simple checkbox to the node form labeled private. If the
* checkbox is labelled, only the node author and users with 'access private content'
* privileges may see it.
*/
function node_access_example_form_alter(&$form, $form_state) {
if ($form['#id'] == 'node-form') {
$form['private'] = array(
'#type' => 'checkbox',
'#title' => t('Private'),
'#description' => t('Check here if this content should be set private and only shown to privileged users.'),
'#default_value' => isset($form['#node']->private) ? $form['#node']->private : FALSE,
);
}
}
/**
* Implementation of hook_nodeapi().
*/
function node_access_example_nodeapi_load(&$node) {
$node->private = db_result(db_query('SELECT private FROM {node_access_example} WHERE nid = :nid', array(':nid' => $node->nid)));
}
/**
* Implementation of hook_nodeapi_delete().
*
* The module must track the access status of the node.
*/
function node_access_example_nodeapi_delete(&$node) {
db_delete('node_access_example')->condition('nid', $node->nid)->execute();
}
/**
* Implementation of hook_nodeapi_insert().
*
* The module must track the access status of the node.
*/
function node_access_example_nodeapi_insert(&$node) {
if (isset($node->private)) {
db_insert('node_access_example')->fields(array('nid' => $node->nid, 'private' => (int)$node->private))->execute();
}
}
/**
* Implementation of hook_nodeapi_update().
*
* The module must track the access status of the node.
*/
function node_access_example_nodeapi_update(&$node) {
db_query('UPDATE {node_access_example} SET private = %d WHERE nid = %d', $node->private, $node->nid);
}
1 周 6 天之前
3 周 4 天之前
3 周 4 天之前
3 周 4 天之前
5 周 3 天之前
5 周 3 天之前
7 周 3 天之前
7 周 3 天之前
7 周 3 天之前
7 周 4 天之前