Mercurial > hg > isophonics-drupal-site

diff core/modules/node/src/NodeGrantDatabaseStorageInterface.php @ 0:4c8ae668cc8c

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Initial import (non-working)
author Chris Cannam
date Wed, 29 Nov 2017 16:09:58 +0000
parents
children
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/core/modules/node/src/NodeGrantDatabaseStorageInterface.php	Wed Nov 29 16:09:58 2017 +0000
@@ -0,0 +1,127 @@
+<?php
+
+namespace Drupal\node;
+
+use Drupal\Core\Session\AccountInterface;
+
+/**
+ * Provides an interface for node access grant storage.
+ *
+ * @ingroup node_access
+ */
+interface NodeGrantDatabaseStorageInterface {
+
+  /**
+   * Checks all grants for a given account.
+   *
+   * @param \Drupal\Core\Session\AccountInterface $account
+   *   A user object representing the user for whom the operation is to be
+   *   performed.
+   *
+   * @return int
+   *   Status of the access check.
+   */
+  public function checkAll(AccountInterface $account);
+
+  /**
+   * Alters a query when node access is required.
+   *
+   * @param mixed $query
+   *   Query that is being altered.
+   * @param array $tables
+   *   A list of tables that need to be part of the alter.
+   * @param string $op
+   *   The operation to be performed on the node. Possible values are:
+   *   - "view"
+   *   - "update"
+   *   - "delete"
+   *   - "create"
+   * @param \Drupal\Core\Session\AccountInterface $account
+   *   A user object representing the user for whom the operation is to be
+   *   performed.
+   * @param string $base_table
+   *   The base table of the query.
+   *
+   * @return int
+   *   Status of the access check.
+   */
+  public function alterQuery($query, array $tables, $op, AccountInterface $account, $base_table);
+
+  /**
+   * Writes a list of grants to the database, deleting previously saved ones.
+   *
+   * If a realm is provided, it will only delete grants from that realm, but
+   * it will always delete a grant from the 'all' realm. Modules that use
+   * node access can use this method when doing mass updates due to widespread
+   * permission changes.
+   *
+   * Note: Don't call this method directly from a contributed module. Call
+   * \Drupal\node\NodeAccessControlHandlerInterface::acquireGrants() instead.
+   *
+   * @param \Drupal\node\NodeInterface $node
+   *   The node whose grants are being written.
+   * @param array $grants
+   *   A list of grants to write. Each grant is an array that must contain the
+   *   following keys: realm, gid, grant_view, grant_update, grant_delete.
+   *   The realm is specified by a particular module; the gid is as well, and
+   *   is a module-defined id to define grant privileges. each grant_* field
+   *   is a boolean value.
+   * @param string $realm
+   *   (optional) If provided, read/write grants for that realm only. Defaults to
+   *   NULL.
+   * @param bool $delete
+   *   (optional) If false, does not delete records. This is only for optimization
+   *   purposes, and assumes the caller has already performed a mass delete of
+   *   some form. Defaults to TRUE.
+   */
+  public function write(NodeInterface $node, array $grants, $realm = NULL, $delete = TRUE);
+
+  /**
+   * Deletes all node access entries.
+   */
+  public function delete();
+
+  /**
+   * Creates the default node access grant entry.
+   */
+  public function writeDefault();
+
+  /**
+   * Determines access to nodes based on node grants.
+   *
+   * @param \Drupal\node\NodeInterface $node
+   *   The entity for which to check 'create' access.
+   * @param string $operation
+   *   The entity operation. Usually one of 'view', 'edit', 'create' or
+   *   'delete'.
+   * @param \Drupal\Core\Session\AccountInterface $account
+   *   The user for which to check access.
+   *
+   * @return \Drupal\Core\Access\AccessResultInterface
+   *   The access result, either allowed or neutral. If there are no node
+   *   grants, the default grant defined by writeDefault() is applied.
+   *
+   * @see hook_node_grants()
+   * @see hook_node_access_records()
+   * @see \Drupal\node\NodeGrantDatabaseStorageInterface::writeDefault()
+   */
+  public function access(NodeInterface $node, $operation, AccountInterface $account);
+
+  /**
+   * Counts available node grants.
+   *
+   * @return int
+   *   Returns the amount of node grants.
+   */
+  public function count();
+
+  /**
+   * Remove the access records belonging to certain nodes.
+   *
+   * @param array $nids
+   *   A list of node IDs. The grant records belonging to these nodes will be
+   *   deleted.
+   */
+  public function deleteNodeRecords(array $nids);
+
+}