drupal node access system & aul 7.x.-2.x
DESCRIPTION
Drupal node access system & AUL 7.x.-2.x. Topic was presented at Drupal-Austria Vienna Meetup May 2014. http://www.meetup.com/Drupal-Austria/events/181216712/TRANSCRIPT
![Page 1: Drupal node access system & AUL 7.x.-2.x](https://reader033.vdocuments.site/reader033/viewer/2022052522/554f442cb4c90572088b551c/html5/thumbnails/1.jpg)
Drupal Node Access System
AUL 7.x.-2.xAlex Milkovskyi
![Page 2: Drupal node access system & AUL 7.x.-2.x](https://reader033.vdocuments.site/reader033/viewer/2022052522/554f442cb4c90572088b551c/html5/thumbnails/2.jpg)
About me: Oleksandr(Alex) Milkovskyi
Drupal Developer & Student at FH Technikum Wien
● Met Drupal in January 2010● 2010-2012: Drupal Frontend Developer,
Themer, Sitebuilder● 2012-2014: Drupal Backend Developer● https://drupal.org/user/1761220 a.
milkovsky
![Page 3: Drupal node access system & AUL 7.x.-2.x](https://reader033.vdocuments.site/reader033/viewer/2022052522/554f442cb4c90572088b551c/html5/thumbnails/3.jpg)
Drupal Node Access System
● hook_node_access● hook_node_access_records● hook_node_grants ● hook_query_TAG_alter
Only node entities will be covered in this presentation
![Page 4: Drupal node access system & AUL 7.x.-2.x](https://reader033.vdocuments.site/reader033/viewer/2022052522/554f442cb4c90572088b551c/html5/thumbnails/4.jpg)
Why not hook_node_accessfunction mymodule_node_access($node, $op, $account) {
return NODE_ACCESS_DENY;
}
Possible options:
● NODE_ACCESS_ALLOW● NODE_ACCESS_DENY● NODE_ACCESS_IGNORE
Disadvantages: ignored by Views, Menus, and other content queries
![Page 5: Drupal node access system & AUL 7.x.-2.x](https://reader033.vdocuments.site/reader033/viewer/2022052522/554f442cb4c90572088b551c/html5/thumbnails/5.jpg)
Better use Locks & Keys
● hook_node_access_records Locks● hook_node_grants Keys“
● Each lock Realm (color) must be opened
to access the node.
● Only one ID (serial number) within the Realm needs
to be unlocked to open that entire Realm.
”
![Page 6: Drupal node access system & AUL 7.x.-2.x](https://reader033.vdocuments.site/reader033/viewer/2022052522/554f442cb4c90572088b551c/html5/thumbnails/6.jpg)
hook_node_access_records($node)if ($node->private) {
$grants[] = array(
'realm' => 'example',
'gid' => 1,
'grant_view' => 1,
'grant_update' => 0,
'grant_delete' => 0,
'priority' => 0,
'#module' => 'example',
);
}
return $grants;
*usage:● called only for the node being saved● manual call with
node_access_acquire_grants($node)
![Page 7: Drupal node access system & AUL 7.x.-2.x](https://reader033.vdocuments.site/reader033/viewer/2022052522/554f442cb4c90572088b551c/html5/thumbnails/7.jpg)
hook_node_grants($account, $op)if (user_access('access private content', $account)) {
$grants['example'] = array(1);
}
return $grants;
*usage:● called dynamically at each page load to
determine what keys the current user has.
![Page 8: Drupal node access system & AUL 7.x.-2.x](https://reader033.vdocuments.site/reader033/viewer/2022052522/554f442cb4c90572088b551c/html5/thumbnails/8.jpg)
node_access
![Page 9: Drupal node access system & AUL 7.x.-2.x](https://reader033.vdocuments.site/reader033/viewer/2022052522/554f442cb4c90572088b551c/html5/thumbnails/9.jpg)
Custom Drupal database API queries$query = db_select('node', 'n');
->fields('n', array('nid', 'title'))
->addTag('node_access');$result = $query->execute();
You can also use EntityFieldQuery.
Example of hook_query_TAG_alter: node_view_permissions_query_node_access_alter()
![Page 10: Drupal node access system & AUL 7.x.-2.x](https://reader033.vdocuments.site/reader033/viewer/2022052522/554f442cb4c90572088b551c/html5/thumbnails/10.jpg)
ACL vs. AUL
● AUL creates grands per user and adds nodes to it.
● ACL creates grands per node and adds users to it.
![Page 11: Drupal node access system & AUL 7.x.-2.x](https://reader033.vdocuments.site/reader033/viewer/2022052522/554f442cb4c90572088b551c/html5/thumbnails/11.jpg)
ACL vs. AUL example
ACL● view_nid_1
○ uid1○ uid2
● view_nid_2○ uid1○ uid2
AUL● view_uid_1
○ nid1○ nid2
● view_uid_2○ nid1○ nid2
![Page 12: Drupal node access system & AUL 7.x.-2.x](https://reader033.vdocuments.site/reader033/viewer/2022052522/554f442cb4c90572088b551c/html5/thumbnails/12.jpg)
hook_node_grants($account, $op)
ACL● view_nid_1 gid 1
○ uid1○ uid2
● view_nid_2 gid 2○ uid1○ uid2
returns: 1,2
AUL● view_uid_1 gid 1
○ nid1○ nid2
● view_uid_2 gid 2○ nid1○ nid2
returns: 1
![Page 13: Drupal node access system & AUL 7.x.-2.x](https://reader033.vdocuments.site/reader033/viewer/2022052522/554f442cb4c90572088b551c/html5/thumbnails/13.jpg)
AUL 7.x-2.x
● aul● aul_ui● aul_vbo● aul_views● aul_roles● aul_relations
![Page 14: Drupal node access system & AUL 7.x.-2.x](https://reader033.vdocuments.site/reader033/viewer/2022052522/554f442cb4c90572088b551c/html5/thumbnails/14.jpg)
‘aul’ table
![Page 15: Drupal node access system & AUL 7.x.-2.x](https://reader033.vdocuments.site/reader033/viewer/2022052522/554f442cb4c90572088b551c/html5/thumbnails/15.jpg)
‘aul_relations’ table
![Page 16: Drupal node access system & AUL 7.x.-2.x](https://reader033.vdocuments.site/reader033/viewer/2022052522/554f442cb4c90572088b551c/html5/thumbnails/16.jpg)
aul_vbo
![Page 17: Drupal node access system & AUL 7.x.-2.x](https://reader033.vdocuments.site/reader033/viewer/2022052522/554f442cb4c90572088b551c/html5/thumbnails/17.jpg)
aul_vbo
![Page 18: Drupal node access system & AUL 7.x.-2.x](https://reader033.vdocuments.site/reader033/viewer/2022052522/554f442cb4c90572088b551c/html5/thumbnails/18.jpg)
Demo time ;)
![Page 19: Drupal node access system & AUL 7.x.-2.x](https://reader033.vdocuments.site/reader033/viewer/2022052522/554f442cb4c90572088b551c/html5/thumbnails/19.jpg)
@todo in AUL 7.x-2.x● access to node revisions● grants priority● add realm help explanations● implement invert entity reference relations.● implement comments to node relations.● implement bulk grants update.● control access on child node add/remove
![Page 20: Drupal node access system & AUL 7.x.-2.x](https://reader033.vdocuments.site/reader033/viewer/2022052522/554f442cb4c90572088b551c/html5/thumbnails/20.jpg)
Vielen Dank!
QUESTIONS?Links:
● https://drupal.org/project/aul● http://www.phase2technology.com/blog/drupal-7-node-access-grants-locks-and-keys/● http://www.brightsolutions.de/blog/drupal-node-access-performance● Topic was presented at http://www.meetup.com/Drupal-Austria/events/181216712/
Drupal Node Access System AUL 2.x.-1.x. by Alex Milkovskyi