stackoom
  简体   繁体   中英

php/Drupal - list all nodes that a given user to permission to edit

 原文  2011-03-12 22:46:58       api/ drupal/ module

Question

I have a function that lists all nodes on the system. I would like to refine this to show only nodes that current user is able to edit - either with API or SQL statement. (Drupal 6) 

function fnGetNodeTypes($typeOfNodes) {
    $string = "";
    $types_of_nodes  = array_keys(node_get_types());
    $string .= "<select name='typeOfNodes'>";
    $string .= "<option value=''>Please select</option> ";
    $string .= "<option value='all'>All</option> ";

    foreach($types_of_nodes as $node){      
        if($typeOfNodes == $node ){
            $selected = "selected";
        }
        else{
            $selected = "";
        }       
        $string .= "<option $selected value=\"" . $node . "\">" . $node ;
        $string .= "</option>\n";
    }
    $string .= "</select\n>";
    return $string;
}

Update:

Following @chx suggestion I tried messing around with users, users_roles and permissions. Let me know if there is a more Drupal way of doing this. 

//----------------------------------------------
// Contruct select/option box of node types
//----------------------------------------------
function fnGetNodeTypes($typeOfNodes) {
    $string = "";
    $types_of_nodes  = array_keys(node_get_types());
    $string .= "<select name='typeOfNodes'>";
    $string .= "<option value=''>Please select</option> ";
    //$string .= "<option value='all'>All</option> ";
    foreach($types_of_nodes as $node_type){         
        if (fnInArray($node_type))
        {
            if($typeOfNodes == $node_type ){
                $selected = "selected";
            }
            else{
                $selected = "";
            }       
            $string .= "<option $selected value=\"" . $node_type . "\">" . $node_type ;
            $string .= "</option>\n";
        }
    }
    $string .= "</select\n>";
    return $string;
}

//---------------------------------------------------------------------
//  function fnInArray - see if user is allowed to edit this node type
//---------------------------------------------------------------------

function fnInArray($node_type)
{
    global $user;

    if ($user->name == 'admin') { return TRUE; }

    // get list of all nodes that user is allowed to access
    // 
    $string =   " SELECT permission.perm as permission_perm "  .
        " from users " .
        " join users_roles  on ( users_roles.uid = users.uid ) " .
        " join permission on (permission.rid = users_roles.rid) " .
        " where  users.name = '" . $user->name . "'";

    $result = db_query($string);
    while ($row = db_fetch_object($result)) {           
        $pieces = explode(", " , $row->permission_perm);        
        $node_name = "edit any " . trim($node_type) . " content";
        if (in_array($node_name, $pieces )) 
        {
            return TRUE;        
        }
        return FALSE;
    }
}

4 answers

solution1
 1  2011-03-12 23:38:46

This is fairly impossible to do. Node access can be specified by a hook so the only generic way to do that would be to retrieve every. single. node. and run node_access($node, 'update') on them. That's not too fast. You can mess around with node types, permissions, the node access table etc depending on how your site is set up and modules are used. If we presume that the only thing controlling your nodes are the permissions and understand please this presumption is not always true by far, then in Drupal 6 and below (I suspect from node_get_types() you are not using D7) you would indeed iterate over node_get_types() and check user_access("edit own $type content") || user access("edit any $type content") user_access("edit own $type content") || user access("edit any $type content") but this won't go too far.

solution2
 0  2011-03-12 23:35:51

Not quite sure of the proper method for Drupal 6 (check db_rewrite_sql ) but for Drupal 7, while you are building your query add addTag('node_access') to the query and that will limit it to only nodes that the user has permission to edit. If you go to the link for db_rewrite_sql above make sure to take a look at the comments.

solution3
 0  2011-03-13 15:39:55

db_query + db_rewrite_sql :仅返回允许登录用户查看的行。 

$results = db_query(db_rewrite_sql($query), $args);

solution4
 0  2011-07-20 00:35:31

This is what the Module Grants Monitor module is for http://drupal.org/project/module_grants . From the project page: "Clicking on it reveals a summary of all the content the logged-in user has access to (ie view, edit) after access controls have been applied by the content access modules installed on your site". I installed and tested this today and it seems to work. Does anyone have comments or experience with this module?

It seems like this should also be possible with Views or Rules... but maybe that's just because everything seems possible with them...

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question drupal bootstrap script: how to get list of all nodes of type x? My daily Drupal question: get all nodes in a given vocabulary trough the api Edit Mikrotik User Profile With PHP API SFDC - Query all contacts shared with a given user? Migrating JSON to drupal 8 nodes using Migrate modules How to list all repositories for a given topic with REST API in GitHub? How to list all builds of a given project through Travis API? How to list all +1 of Google+ user List of aliases of an user with gmail API in PHP Bit.ly API: List all links for a user
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM