Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Hi,
Just a quick question- how do I grant (using PHP) xyz permissions to a node if I have just the $nid and the $uid to which I want to grant those permissions?
Many thanks,
Chris.
Comments
Comment #1
salvisLook at the code (and comments) in acl.module — it's quite straight-forward...
Comment #2
chrism2671 CreditAttribution: chrism2671 commentedThanks that's a real help. With respect to 'my_module', which module is that? For a content type, would that be 'node'?
Comment #3
chrism2671 CreditAttribution: chrism2671 commentedOK I've actually got my head around this now and it works. The only problem I'm still having is with respect to permissions - when the PHP is run by an admin it works fine, but when it is run by a normal authenticated user, it has no effect.
What do you think I've missed?
Thanks,
Chris.
Comment #4
salvis'my_module' should be the module that contains the code that calls the ACL functions. If you install devel_node_access, you should be able to tell, who is responsible for any given ACL grant.
You may have to [Rebuild permissions]. ACL being a helper module, it defers this to the caller. I very much recommend installing devel_node_access and enabling its debug mode.
Comment #5
chrism2671 CreditAttribution: chrism2671 commentedOK, what I've done is a bit of hack. I've stuck this code into part of a CCK computed field's PHP, which means that it executes 'on submit' of a content type.
I've been using the content access module elsewhere on the site, which is how I learnt about ACL. I adopted a similar syntax to the code I found in the content access module, which lead me to the code above. It performs the exact task I'm looking for when logged in as admin, but sadly won't work if I'm logged in as a normal user.
What do you suppose might be the problem? I'm guessing it's with the use of the 'content_access' module, or does this field not really matter...?
Thanks for all your help!
Comment #6
salvisYou should not be using a realm that's used by an existing module. This will probably confuse that other module, and it will most certainly confuse you when you look at the grants in devel_node_access. Use something like 'chrism' instead!
Or are you trying to cooperate with CA?
Again, enable DNA's debug mode and look at your nodes, then you'll see everything.
Comment #7
chrism2671 CreditAttribution: chrism2671 commentedOK. I've enabled DNA and it's very useful. I've adjusted the module to be something else, not 'content_access'.
Though I can clearly see what grants have taken place (and confirm this looking at the ACL tables in the database), it still refuses to actually perform the grants unless admin is logged - suggesting there maybe be a permissions issue. Clearly there is no 'access control' section for ACL, and the devel tools don't reveal what happens 'on submit' (including the query logger). Any other ideas what might be bottlenecking the grant?
Thanks again!
Chris.
Comment #8
salvisI don't understand what you mean with this. Please post the output from DNA's debug mode of one node, once for the admin and once for a user that doesn't work.
Comment #9
chrism2671 CreditAttribution: chrism2671 commentedSorry I meant 'logged in'.
Despite running the code specified, the DNA output is as follows:
node_access entries for nodes shown on this pagenode realm gid view update delete explained
Job Application content_access_author 10 1 0 0 Content access: author of the content can access
In other words, the code I pasted previously works correctly, but it only works if logged in as admin. It doesn't work for normal users.
Comment #10
chrism2671 CreditAttribution: chrism2671 commentedI've modified the code now to be the following, based on a re-read of the ACL module code:
This appears to do the trick. I have reverted back the module to 'content_access'. I noted your warning with respect to this causing problems, however it did not work when using any other name.
Thanks for all your help!
Comment #11
salvisI still don't really understand what you're doing and you haven't shown convincing DNA output, but if you're sure that it does what you want, then I won't argue.
Comment #12
Anonymous (not verified) CreditAttribution: Anonymous commentedAutomatically closed -- issue fixed for two weeks with no activity.