1 node.module node_node_access($node, $op, $account)

Implements hook_node_access().

Parameters

Node|string $node: The loaded Node object.

string $op: The operation to be performed on the node. Possible values are:

  • create
  • view
  • update
  • delete

User $account: The User account for the person performing the operation.

Return value

string:

Related topics

File

core/modules/node/node.module, line 2667
The core module that allows content to be submitted to the site.

Code

function node_node_access($node, $op, $account) {
  $type = is_string($node) ? $node : $node->type;

  if (in_array($type, node_permissions_get_configured_types())) {
    if ($op == 'create' && user_access('create ' . $type . ' content', $account)) {
      return NODE_ACCESS_ALLOW;
    }

    if ($op == 'update') {
      if (user_access('edit any ' . $type . ' content', $account) || (user_access('edit own ' . $type . ' content', $account) && ($account->uid == $node->uid))) {
        return NODE_ACCESS_ALLOW;
      }
    }

    if ($op == 'delete') {
      if (user_access('delete any ' . $type . ' content', $account) || (user_access('delete own ' . $type . ' content', $account) && ($account->uid == $node->uid))) {
        return NODE_ACCESS_ALLOW;
      }
    }
  }

  return NODE_ACCESS_IGNORE;
}