1. class
  2. Drupal
  3. \
  4. node
  5. \
  6. NodeGrantDatabaseStorage

NodeGrantDatabaseStorage

class NodeGrantDatabaseStorage implements NodeGrantDatabaseStorageInterface (View source)

Defines a storage handler class that handles the node grants system.

This is used to build node query access.

Properties

protected Connection $database

The database connection.
protected ModuleHandlerInterface $moduleHandler

The module handler.
protected LanguageManagerInterface $languageManager

The language manager.

Methods

__construct(Connection $database, ModuleHandlerInterface $module_handler, LanguageManagerInterface $language_manager)

Constructs a NodeGrantDatabaseStorage object.

AccessResultInterface
access(NodeInterface $node, string $operation, AccountInterface $account)

Determines access to nodes based on node grants.

int
checkAll(AccountInterface $account)

Checks all grants for a given account.

int
alterQuery(mixed $query, array $tables, string $op, AccountInterface $account, string $base_table)

Alters a query when node access is required.

write(NodeInterface $node, array $grants, string $realm = NULL, bool $delete = TRUE)

Writes a list of grants to the database, deleting previously saved ones.

delete()

Deletes all node access entries.

writeDefault()

Creates the default node access grant entry.

int
count()

Counts available node grants.

deleteNodeRecords(array $nids)

Remove the access records belonging to certain nodes.

static Condition
buildGrantsQueryCondition(array $node_access_grants)

Creates a query condition from an array of node access grants.

Details

at line 53
__construct(Connection $database, ModuleHandlerInterface $module_handler, LanguageManagerInterface $language_manager)

Constructs a NodeGrantDatabaseStorage object.

Parameters

Connection $database

The database connection.
ModuleHandlerInterface $module_handler

The module handler.
LanguageManagerInterface $language_manager

The language manager.

at line 62
AccessResultInterface access(NodeInterface $node, string $operation, AccountInterface $account)

Determines access to nodes based on node grants.

Parameters

NodeInterface $node

The entity for which to check 'create' access.
string $operation

The entity operation. Usually one of 'view', 'edit', 'create' or 'delete'.
AccountInterface $account

The user for which to check access.

Return Value

AccessResultInterface

The access result, either allowed or neutral. If there are no node grants, the default grant defined by writeDefault() is applied.

at line 132
int checkAll(AccountInterface $account)

Checks all grants for a given account.

Parameters

AccountInterface $account

A user object representing the user for whom the operation is to be performed.

Return Value

int

Status of the access check.

at line 150
int alterQuery(mixed $query, array $tables, string $op, AccountInterface $account, string $base_table)

Alters a query when node access is required.

Parameters

mixed $query

Query that is being altered.
array $tables

A list of tables that need to be part of the alter.
string $op

The operation to be performed on the node. Possible values are:

  • "view"
  • "update"
  • "delete"
  • "create"
AccountInterface $account

A user object representing the user for whom the operation is to be performed.
string $base_table

The base table of the query.

Return Value

int

Status of the access check.

at line 203
write(NodeInterface $node, array $grants, string $realm = NULL, bool $delete = TRUE)

Writes a list of grants to the database, deleting previously saved ones.

If a realm is provided, it will only delete grants from that realm, but it will always delete a grant from the 'all' realm. Modules that use node access can use this method when doing mass updates due to widespread permission changes.

Note: Don't call this method directly from a contributed module. Call \Drupal\node\NodeAccessControlHandlerInterface::acquireGrants() instead.

Parameters

NodeInterface $node

The node whose grants are being written.
array $grants

A list of grants to write. Each grant is an array that must contain the following keys: realm, gid, grant_view, grant_update, grantdelete. The realm is specified by a particular module; the gid is as well, and is a module-defined id to define grant privileges. each grant* field is a boolean value.
string $realm

(optional) If provided, read/write grants for that realm only. Defaults to NULL.
bool $delete

(optional) If false, does not delete records. This is only for optimization purposes, and assumes the caller has already performed a mass delete of some form. Defaults to TRUE.

at line 250
delete()

Deletes all node access entries.

at line 257
writeDefault()

Creates the default node access grant entry.

at line 273
int count()

Counts available node grants.

Return Value

int

Returns the amount of node grants.

at line 280
deleteNodeRecords(array $nids)

Remove the access records belonging to certain nodes.

Parameters

array $nids

A list of node IDs. The grant records belonging to these nodes will be deleted.

at line 297
static protected Condition buildGrantsQueryCondition(array $node_access_grants)

Creates a query condition from an array of node access grants.

Parameters

array $node_access_grants

An array of grants, as returned by node_access_grants().

Return Value

Condition

A condition object to be passed to $query->condition().

See also

node_access_grants()