function node_access

Access callback: Checks a user's permission for performing a node operation.

Parameters

$op: The operation to be performed on the node. Possible values are:

  • "view"
  • "update"
  • "delete"
  • "create"

Drupal\Core\Entity\EntityInterface|string|stdClass $node: The node entity on which the operation is to be performed, or the node type object, or node type string (e.g., 'forum') for the 'create' operation.

$account: (optional) A user object representing the user for whom the operation is to be performed. Determines access for a user other than the current user. Defaults to NULL.

$langcode: (optional) Language code for the variant of the node. Different language variants might have different permissions associated. If NULL, the original langcode of the node is used. Defaults to NULL.

Return value

TRUE if the operation may be performed, FALSE otherwise.

See also

node_menu()

Related topics

Node access rights
The node access system determines who can do what to which nodes.
27 calls to node_access()
BookNavigationBlock::build in drupal/core/modules/book/lib/Drupal/book/Plugin/Block/BookNavigationBlock.php
Builds and returns the renderable array for this block plugin.
book_export_access in drupal/core/modules/book/book.module
Access callback: Determines if the book export page is accessible.
book_node_view_link in drupal/core/modules/book/book.module
Adds relevant book links to the node's links.
comment_file_download_access in drupal/core/modules/comment/comment.module
Implements hook_file_download_access().
forum_menu_local_tasks in drupal/core/modules/forum/forum.module
Implements hook_menu_local_tasks().

... See full list

33 string references to 'node_access'
BookManager::loadBooks in drupal/core/modules/book/lib/Drupal/book/BookManager.php
Loads Books Array.
BookNavigationBlock::build in drupal/core/modules/book/lib/Drupal/book/Plugin/Block/BookNavigationBlock.php
Builds and returns the renderable array for this block plugin.
CommentSelection::entityQueryAlter in drupal/core/modules/comment/lib/Drupal/comment/Plugin/entity_reference/selection/CommentSelection.php
Overrides SelectionBase::entityQueryAlter().
comment_admin_overview in drupal/core/modules/comment/comment.admin.inc
Form constructor for the comment overview administration form.
comment_get_recent in drupal/core/modules/comment/comment.module
Finds the most recent comments that are available to the current user.

... See full list

File

drupal/core/modules/node/node.module, line 2502
The core module that allows content to be submitted to the site.

Code

function node_access($op, $node, $account = NULL, $langcode = NULL) {
  if (!$node instanceof EntityInterface) {
    $type = is_object($node) ? $node->type : $node;
    $node = entity_create('node', array(
      'type' => $type,
    ));
  }

  // If no language code was provided, default to the node's langcode.
  if (empty($langcode)) {
    $langcode = $node->langcode;

    // If the Language module is enabled, try to use the language from content
    // negotiation.
    if (module_exists('language')) {

      // Load languages the node exists in.
      $node_translations = $node
        ->getTranslationLanguages();

      // Load the language from content negotiation.
      $content_negotiation_langcode = language(Language::TYPE_CONTENT)->langcode;

      // If there is a translation available, use it.
      if (isset($node_translations[$content_negotiation_langcode])) {
        $langcode = $content_negotiation_langcode;
      }
    }
  }

  // Make sure that if an account is passed, that it is a fully loaded user
  // object.
  if ($account && !$account instanceof UserInterface) {
    $account = user_load($account->uid);
  }
  return entity_access_controller('node')
    ->access($node, $op, $langcode, $account);
}