function _node_access_where_sql

6.x node.module _node_access_where_sql($op = 'view', $node_access_alias = 'na', $account = NULL)

Generate an SQL where clause for use in fetching a node listing.

Parameters

$op: The operation that must be allowed to return a node.

$node_access_alias: If the node_access table has been given an SQL alias other than the default "na", that must be passed here.

$account: The user object for the user performing the operation. If omitted, the current user is used.

Return value

An SQL where clause.

Related topics

Node access rights
The node access system determines who can do what to which nodes.
1 call to _node_access_where_sql()
node_db_rewrite_sql in drupal-6.x/modules/node/node.module
Implementation of hook_db_rewrite_sql

File

drupal-6.x/modules/node/node.module, line 2120
The core that allows content to be submitted to the site. Modules and scripts may programmatically submit nodes using the usual form API pattern.

Code

function _node_access_where_sql($op = 'view', $node_access_alias = 'na', $account = NULL) {
  if (user_access('administer nodes')) {
    return;
  }

  $grants = array();
  foreach (node_access_grants($op, $account) as $realm => $gids) {
    foreach ($gids as $gid) {
      $grants[] = "($node_access_alias.gid = $gid AND $node_access_alias.realm = '$realm')";
    }
  }

  $grants_sql = '';
  if (count($grants)) {
    $grants_sql = 'AND (' . implode(' OR ', $grants) . ')';
  }

  $sql = "$node_access_alias.grant_$op >= 1 $grants_sql";
  return $sql;
}