ACL

The ACL (Access Control Lists) project provides an API that can be used by other projects to create lists of users and give them various type of access to nodes.

Table of contents

• Introduction
• Installing and enabling the module
• Final word

Drupal projects discussed in this chapter: ACL.

Introduction

The ACL project is designed to concurrently support multiple client modules. Every ACL record must have a module name. You pass the name of your module when you call acl_create_acl() and certain functions to alter an ACL.

Installing and enabling the module

Install as you would normally install a contributed Drupal module. See: Installing modules in the community documentation for further information.

There is no ACL settings page. The ACL module provides core functionality to handle ACLs, and all settings and other user interaction should be managed by client modules. After downloading and enabling it, it is ready for use.

Schema

ACL maintains three tables:

acl
- acl_id
- module
- name
- number

acl_node
- acl_id
- nid
- grant_view
- grant_update
- grant_delete
- priority

acl_user
- acl_id
- uid

And also interacts with:

node_access
- nid
- gid
- realm
- grant_view
- grant_update
- grant_delete

Never change the {node_access} table directly. Call node_access_acquire_grants($node) instead.

API

Create a new ACL

ACL is designed to concurrently support multiple client modules. Every ACL record must have a module name. You pass the name of your module when you call acl_create_acl() and certain functions to alter am ACL.

The client module may want to keep track of a particular ACL. For that it can assign either a $name or a $number to this ACL.

   acl_create_acl($module, $name = NULL, $number = NULL);

   $module - The name of the client module.
   $name   - An arbitrary name for this ACL, freely defined by the
             client module.
   $number - An arbitrary number for this ACL, freely defined by the
             client module.

   returns - The ID of the newly created ACL.

Clear ACLs from a node

Clear all of a module's ACLs from a node. This is the function you want to use to remove your ACL records.

   acl_node_clear_acls($nid, $module)

   $nid    - The id of the node to clear.
   $module - The name of the client module.

   returns - Nothing.

Clear ACLs from a node

acl_node_remove_acl($nid, $acl_id)

Remove a specific acl_id from a node.

Add or remove user

acl_add_user   ($acl_id, $uid)
acl_remove_user($acl_id, $uid);

This function cab be used to add or remove the specified UID to a specific ACL.

Attach ACL to a node

acl_node_add_acl($nid, $acl_id, $view, $update, $delete, $priority = 0)

Attach access control to a node based upon an ACL id.

Final word

[TBA]

---

Last update: 2015-02-22 [gh].