Lesson 08: Lesson #08 - Node Access & db_rewrite_sql

Update: Now with VictorKane's awesome Class Notes!

This lesson provides an introduction to Drupal's node access system. Initially, we'll create a basic module that uses hook_db_rewrite_sql() to implement a node access restriction system.

Once the concepts are grasped we'll lift the hood on some other Drupal access control modules and see how these work using Drupal's built-in node_grant abilities.

There were 75 participants in IRC and 50 people in the skypecast today.

Basic Node Access Control

• Create a basic module that restricts access to anonymous users but allows access for authenticated users on certain nodes.
• Our personal access table and pre-populating it (for demonstration purposes).
• hook_form_alter() to add a checkbox to the node edit form.
• hook_nodeapi() to create a flag on the node and apply viewing access control.
• hook_db_rewrite_sql() to implement the list view access control.

Basic Taxonomy Access Control

• Using hook_db_rewrite_sql() to implement the list view access control by taxonomy.
• Working around Drupal Core's update limitation.

Drupal 5's node_access system

• Introducing Drupal's node_access table.
• hook_node_access_records.
• node_access_acquire_grants.
• node_access_example.module.
• Lifting the lid on Simple Access module.
• Lifting the lid on Taxonomy Access Control Lite.

If you'd like to see a really cool implementation of forum_access that restricts a post's view/edit to only one friend, read this post http://groups.drupal.org/node/1688#comment-8582