Automating Drupal Development with Patterns: introducing 7.x-2.x
Drupal node access system & AUL 7.x.-2.x
-
Upload
oleksandr-milkovskyi -
Category
Software
-
view
2.082 -
download
3
description
Transcript of Drupal node access system & AUL 7.x.-2.x
Drupal Node Access System
AUL 7.x.-2.xAlex Milkovskyi
About me: Oleksandr(Alex) Milkovskyi
Drupal Developer & Student at FH Technikum Wien
● Met Drupal in January 2010● 2010-2012: Drupal Frontend Developer,
Themer, Sitebuilder● 2012-2014: Drupal Backend Developer● https://drupal.org/user/1761220 a.
milkovsky
Drupal Node Access System
● hook_node_access● hook_node_access_records● hook_node_grants ● hook_query_TAG_alter
Only node entities will be covered in this presentation
Why not hook_node_accessfunction mymodule_node_access($node, $op, $account) {
return NODE_ACCESS_DENY;
}
Possible options:
● NODE_ACCESS_ALLOW● NODE_ACCESS_DENY● NODE_ACCESS_IGNORE
Disadvantages: ignored by Views, Menus, and other content queries
Better use Locks & Keys
● hook_node_access_records Locks● hook_node_grants Keys“
● Each lock Realm (color) must be opened
to access the node.
● Only one ID (serial number) within the Realm needs
to be unlocked to open that entire Realm.
”
hook_node_access_records($node)if ($node->private) {
$grants[] = array(
'realm' => 'example',
'gid' => 1,
'grant_view' => 1,
'grant_update' => 0,
'grant_delete' => 0,
'priority' => 0,
'#module' => 'example',
);
}
return $grants;
*usage:● called only for the node being saved● manual call with
node_access_acquire_grants($node)
hook_node_grants($account, $op)if (user_access('access private content', $account)) {
$grants['example'] = array(1);
}
return $grants;
*usage:● called dynamically at each page load to
determine what keys the current user has.
node_access
Custom Drupal database API queries$query = db_select('node', 'n');
->fields('n', array('nid', 'title'))
->addTag('node_access');$result = $query->execute();
You can also use EntityFieldQuery.
Example of hook_query_TAG_alter: node_view_permissions_query_node_access_alter()
ACL vs. AUL
● AUL creates grands per user and adds nodes to it.
● ACL creates grands per node and adds users to it.
ACL vs. AUL example
ACL● view_nid_1
○ uid1○ uid2
● view_nid_2○ uid1○ uid2
AUL● view_uid_1
○ nid1○ nid2
● view_uid_2○ nid1○ nid2
hook_node_grants($account, $op)
ACL● view_nid_1 gid 1
○ uid1○ uid2
● view_nid_2 gid 2○ uid1○ uid2
returns: 1,2
AUL● view_uid_1 gid 1
○ nid1○ nid2
● view_uid_2 gid 2○ nid1○ nid2
returns: 1
AUL 7.x-2.x
● aul● aul_ui● aul_vbo● aul_views● aul_roles● aul_relations
‘aul’ table
‘aul_relations’ table
aul_vbo
aul_vbo
Demo time ;)
@todo in AUL 7.x-2.x● access to node revisions● grants priority● add realm help explanations● implement invert entity reference relations.● implement comments to node relations.● implement bulk grants update.● control access on child node add/remove
Vielen Dank!
QUESTIONS?Links:
● https://drupal.org/project/aul● http://www.phase2technology.com/blog/drupal-7-node-access-grants-locks-and-keys/● http://www.brightsolutions.de/blog/drupal-node-access-performance● Topic was presented at http://www.meetup.com/Drupal-Austria/events/181216712/
Drupal Node Access System AUL 2.x.-1.x. by Alex Milkovskyi