7.2. Summary
Drupal core provides very simple access control for content: published or not published. Through the use of the Node Access API, it is possible to create much more fine-grained and complex systems to determine whether or not a user should be able to see, edit, and delete content on the site. The database API makes it relatively simple for a module developer to make sure that her module respects the access system.
For module developers who wish to create their own access systems, there are a few additional functions that you must understand and use. Fortunately, even those are not overly complex. Basing your custom module on the Private module will provide an easy way to get up and running quickly with site-specific node access rules.
Get Cracking Drupal®: A Drop in the Bucket now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
