W3cubDocs

/Drupal 8

function hook_node_access_records_alter

hook_node_access_records_alter(&$grants, Drupal\node\NodeInterface $node)

Alter permissions for a node before it is written to the database.

Node access modules establish rules for user access to content. Node access records are stored in the {node_access} table and define which permissions are required to access a node. This hook is invoked after node access modules returned their requirements via hook_node_access_records(); doing so allows modules to modify the $grants array by reference before it is stored, so custom or advanced business logic can be applied.

Upon viewing, editing or deleting a node, hook_node_grants() builds a permissions array that is compared against the stored access records. The user must have one or more matching permissions in order to complete the requested operation.

A module may deny all access to a node by setting $grants to an empty array.

The preferred use of this hook is in a module that bridges multiple node access modules with a configurable behavior, as shown in the example with the 'is_preview' field.

Parameters

array $grants: The $grants array returned by hook_node_access_records().

\Drupal\node\NodeInterface $node: The node for which the grants were acquired.

See also

hook_node_access_records()

hook_node_grants()

hook_node_grants_alter()

Related topics

Hooks
Define functions that alter the behavior of Drupal core.
Node access rights
The node access system determines who can do what to which nodes.

File

core/modules/node/node.api.php, line 225
Hooks specific to the Node module.

Code

function hook_node_access_records_alter(&$grants, Drupal\node\NodeInterface $node) {
  // Our module allows editors to mark specific articles with the 'is_preview'
  // field. If the node being saved has a TRUE value for that field, then only
  // our grants are retained, and other grants are removed. Doing so ensures
  // that our rules are enforced no matter what priority other grants are given.
  if ($node->is_preview) {
    // Our module grants are set in $grants['example'].
    $temp = $grants['example'];
    // Now remove all module grants but our own.
    $grants = array('example' => $temp);
  }
}

© 2001–2016 by the original authors
Licensed under the GNU General Public License, version 2 and later.
Drupal is a registered trademark of Dries Buytaert.
https://api.drupal.org/api/drupal/core!modules!node!node.api.php/function/hook_node_access_records_alter/8.1.x