Drupal Node Access
System
AUL 7.x.-2.x
Alex Milkovskyi
About me: Oleksandr(Alex) Milkovskyi
Drupal Developer
& Student at FH Technikum Wien
● Met Drupal in January 2010
● 2010-2...
Drupal Node Access System
● hook_node_access
● hook_node_access_records
● hook_node_grants
● hook_query_TAG_alter
Only nod...
Why not hook_node_access
function mymodule_node_access($node, $op, $account) {
return NODE_ACCESS_DENY;
}
Possible options...
Better use Locks & Keys
● hook_node_access_records Locks
● hook_node_grants Keys
“
● Each lock Realm (color) must be opene...
hook_node_access_records($node)
if ($node->private) {
$grants[] = array(
'realm' => 'example',
'gid' => 1,
'grant_view' =>...
hook_node_grants($account, $op)
if (user_access('access private content', $account)) {
$grants['example'] = array(1);
}
re...
node_access
Custom Drupal database API queries
$query = db_select('node', 'n');
->fields('n', array('nid', 'title'))
->addTag('node_ac...
ACL vs. AUL
● AUL creates grands per user and adds
nodes to it.
● ACL creates grands per node and adds
users to it.
ACL vs. AUL example
ACL
● view_nid_1
○ uid1
○ uid2
● view_nid_2
○ uid1
○ uid2
AUL
● view_uid_1
○ nid1
○ nid2
● view_uid_2
...
hook_node_grants($account, $op)
ACL
● view_nid_1 gid 1
○ uid1
○ uid2
● view_nid_2 gid 2
○ uid1
○ uid2
returns: 1,2
AUL
● v...
AUL 7.x-2.x
● aul
● aul_ui
● aul_vbo
● aul_views
● aul_roles
● aul_relations
‘aul’ table
‘aul_relations’ table
aul_vbo
aul_vbo
Demo time ;)
@todo in AUL 7.x-2.x
● access to node revisions
● grants priority
● add realm help explanations
● implement invert entity ...
Vielen Dank!
QUESTIONS?
Links:
● https://drupal.org/project/aul
● http://www.phase2technology.com/blog/drupal-7-node-acces...
Upcoming SlideShare
Loading in …5
×

Drupal node access system & AUL 7.x.-2.x

2,563 views
2,429 views

Published on

Drupal node access system & AUL 7.x.-2.x.
Topic was presented at Drupal-Austria Vienna Meetup May 2014.
http://www.meetup.com/Drupal-Austria/events/181216712/

Published in: Software, Technology, Education
1 Comment
3 Likes
Statistics
Notes
No Downloads
Views
Total views
2,563
On SlideShare
0
From Embeds
0
Number of Embeds
6
Actions
Shares
0
Downloads
3
Comments
1
Likes
3
Embeds 0
No embeds

No notes for slide

Drupal node access system & AUL 7.x.-2.x

  1. 1. Drupal Node Access System AUL 7.x.-2.x Alex Milkovskyi
  2. 2. About me: Oleksandr(Alex) Milkovskyi Drupal Developer & Student at FH Technikum Wien ● Met Drupal in January 2010 ● 2010-2012: Drupal Frontend Developer, Themer, Sitebuilder ● 2012-2014: Drupal Backend Developer ● https://drupal.org/user/1761220 a. milkovsky
  3. 3. Drupal Node Access System ● hook_node_access ● hook_node_access_records ● hook_node_grants ● hook_query_TAG_alter Only node entities will be covered in this presentation
  4. 4. Why not hook_node_access function mymodule_node_access($node, $op, $account) { return NODE_ACCESS_DENY; } Possible options: ● NODE_ACCESS_ALLOW ● NODE_ACCESS_DENY ● NODE_ACCESS_IGNORE Disadvantages: ignored by Views, Menus, and other content queries
  5. 5. Better use Locks & Keys ● hook_node_access_records Locks ● hook_node_grants Keys “ ● Each lock Realm (color) must be opened to access the node. ● Only one ID (serial number) within the Realm needs to be unlocked to open that entire Realm. ”
  6. 6. hook_node_access_records($node) if ($node->private) { $grants[] = array( 'realm' => 'example', 'gid' => 1, 'grant_view' => 1, 'grant_update' => 0, 'grant_delete' => 0, 'priority' => 0, '#module' => 'example', ); } return $grants; *usage: ● called only for the node being saved ● manual call with node_access_acquire_grants($node)
  7. 7. hook_node_grants($account, $op) if (user_access('access private content', $account)) { $grants['example'] = array(1); } return $grants; *usage: ● called dynamically at each page load to determine what keys the current user has.
  8. 8. node_access
  9. 9. Custom Drupal database API queries $query = db_select('node', 'n'); ->fields('n', array('nid', 'title')) ->addTag('node_access'); $result = $query->execute(); You can also use EntityFieldQuery. Example of hook_query_TAG_alter: node_view_permissions_query_node_access_alter()
  10. 10. ACL vs. AUL ● AUL creates grands per user and adds nodes to it. ● ACL creates grands per node and adds users to it.
  11. 11. ACL vs. AUL example ACL ● view_nid_1 ○ uid1 ○ uid2 ● view_nid_2 ○ uid1 ○ uid2 AUL ● view_uid_1 ○ nid1 ○ nid2 ● view_uid_2 ○ nid1 ○ nid2
  12. 12. hook_node_grants($account, $op) ACL ● view_nid_1 gid 1 ○ uid1 ○ uid2 ● view_nid_2 gid 2 ○ uid1 ○ uid2 returns: 1,2 AUL ● view_uid_1 gid 1 ○ nid1 ○ nid2 ● view_uid_2 gid 2 ○ nid1 ○ nid2 returns: 1
  13. 13. AUL 7.x-2.x ● aul ● aul_ui ● aul_vbo ● aul_views ● aul_roles ● aul_relations
  14. 14. ‘aul’ table
  15. 15. ‘aul_relations’ table
  16. 16. aul_vbo
  17. 17. aul_vbo
  18. 18. Demo time ;)
  19. 19. @todo in AUL 7.x-2.x ● access to node revisions ● grants priority ● add realm help explanations ● implement invert entity reference relations. ● implement comments to node relations. ● implement bulk grants update. ● control access on child node add/remove
  20. 20. Vielen Dank! QUESTIONS? Links: ● https://drupal.org/project/aul ● http://www.phase2technology.com/blog/drupal-7-node-access-grants-locks-and-keys/ ● http://www.brightsolutions.de/blog/drupal-node-access-performance ● Topic was presented at http://www.meetup.com/Drupal-Austria/events/181216712/ Drupal Node Access System AUL 2.x.-1.x. by Alex Milkovskyi

×