diff options
Diffstat (limited to 'modules/system/system.api.php')
| -rw-r--r-- | modules/system/system.api.php | 62 |
1 files changed, 62 insertions, 0 deletions
diff --git a/modules/system/system.api.php b/modules/system/system.api.php index 3ac517fd4..e6d3b3038 100644 --- a/modules/system/system.api.php +++ b/modules/system/system.api.php @@ -1375,6 +1375,68 @@ function hook_schema_alter(&$schema) { } /** + * Perform alterations to a structured query. + * + * Structured (aka dynamic) queries that have tags associated may be altered by any module + * before the query is executed. + * + * @see hook_query_TAG_alter() + * @see node_query_node_access_alter() + * + * @param $query + * A Query object describing the composite parts of a SQL query. + * @return + * None. + */ +function hook_query_alter(QueryAlterableInterface $query) { + +} + +/** + * Perform alterations to a structured query for a given tag. + * + * @see hook_query_alter() + * @see node_query_node_access_alter() + * + * @param $query + * An Query object describing the composite parts of a SQL query. + * @return + * None. + */ +function hook_query_TAG_alter(QueryAlterableInterface $query) { + // Skip the extra expensive alterations if site has no node access control modules. + if (!node_access_view_all_nodes()) { + // Prevent duplicates records. + $query->distinct(); + // The recognized operations are 'view', 'update', 'delete'. + if (!$op = $query->getMetaData('op')) { + $op = 'view'; + } + // Skip the extra joins and conditions for node admins. + if (!user_access('bypass node access')) { + // The node_access table has the access grants for any given node. + $access_alias = $query->join('node_access', 'na', 'na.nid = n.nid'); + $or = db_or(); + // If any grant exists for the specified user, then user has access to the node for the specified operation. + foreach (node_access_grants($op, $query->getMetaData('account')) as $realm => $gids) { + foreach ($gids as $gid) { + $or->condition(db_and() + ->condition("{$access_alias}.gid", $gid) + ->condition("{$access_alias}.realm", $realm) + ); + } + } + + if (count($or->conditions())) { + $query->condition($or); + } + + $query->condition("{$access_alias}.grant_$op", 1, '>='); + } + } +} + +/** * Install the current version of the database schema, and any other setup tasks. * * The hook will be called the first time a module is installed, and the |