Sunday, October 18, 2009

drupal access stages

Drupal is built with permission sets in mind.
User may have 1 or more roles.
Content may be limited based on content type, or up to single node level (1record).

When a user is viewing a node / page,
user will have to pass through access "access content".

Next, node may be limited based on content type in:

The type of access names can be declared in:

To overwrite permission, you may edit hook_access within the same node module,
or use hook_nodeapi

  • check for "access content"
  • trigger nodeapi.op = "load"
  • check for hook_access
  • running "hook_view"
  • trigger nodeapi.op = "view"
  • ...
Please advice me if I've missed out or made any mistake here.

No comments: