node_access_grants example

// If the node is published, also take the default grant into account. The     // default is saved with a node ID of 0.     $status = $node->isPublished();
    if ($status) {
      $nids = $query->orConditionGroup()
        ->condition($nids)
        ->condition('nid', 0);
    }
    $query->condition($nids);
    $query->range(0, 1);

    $grants = $this->buildGrantsQueryCondition(node_access_grants($operation$account));

    if (count($grants) > 0) {
      $query->condition($grants);
    }

    // Only the 'view' node grant can currently be cached; the others currently     // don't have any cacheability metadata. Hopefully, we can add that in the     // future, which would allow this access check result to be cacheable in all     // cases. For now, this must remain marked as uncacheable, even when it is     // theoretically cacheable, because we don't have the necessary metadata to     // know it for a fact.
return FALSE;
  }

  /** * See _node_access_where_sql() for a non-views query based implementation. */
  public function query() {
    $account = $this->view->getUser();
    if (!$account->hasPermission('bypass node access')) {
      $table = $this->ensureMyTable();
      $grants = $this->query->getConnection()->condition('OR');
      foreach (node_access_grants('view', $account) as $realm => $gids) {
        foreach ($gids as $gid) {
          $grants->condition(($this->query->getConnection()->condition('AND'))
            ->condition($table . '.gid', $gid)
            ->condition($table . '.realm', $realm)
          );
        }
      }

      $this->query->addWhere('AND', $grants);
      $this->query->addWhere('AND', $table . '.grant_view', 1, '>=');
    }
  }

  protected function checkNodeGrants($operation) {
    // When checking the grants for the 'view' operation and the current user     // has a global view grant (i.e. a view grant for node ID 0) — note that     // this is automatically the case if no node access modules exist (no     // hook_node_grants() implementations) then we don't need to determine the     // exact node view grants for the current user.     if ($operation === 'view' && node_access_view_all_nodes($this->user)) {
      return 'view.all';
    }

    $grants = node_access_grants($operation$this->user);
    $grants_context_parts = [];
    foreach ($grants as $realm => $gids) {
      $grants_context_parts[] = $realm . ':' . implode(',', $gids);
    }
    return $operation . '.' . implode(';', $grants_context_parts);
  }

  /** * {@inheritdoc} */
  public function getCacheableMetadata($operation = NULL) {
    
Home | Imprint | This part of the site doesn't use cookies.