RE: Node access module (based on users listed in userreference fields)
I created a module (attached, in case you're curious) that's a user reference widget. When placed on a node type, it will hide itself and fill itself in from the URL with the person the request is being made of. When a node with the field on it is submitted, it emails the person.
What I need is a way to allow the user in the user reference field the same rights to the node as the author of the node. So for all access control, they should be treated the same.
Do you think that's something you can / want to do?
This took me much longer than expected but then everything does. You can tell your client the World Social Forum was placed in jeopardy. But I desparately needed a completable task for a change!
I've tested the part you need pretty thoroughly, it was so much fun to toggle the options back and forth once it started working.
What I haven't tested that I'd appreciate if you could: multiple value userreference fields.
The other thing you didn't request that I haven't tested is the general access to all nodes under userreference access control.
The module is attached but I'll be putting it in CVS as soon as I can get to it.
Finally, I think it would be good if it did things like automatically recognized the presence of your module and set its userreference field and edit and view privileges accordingly, or provided hooks for your module to do this.
It would be a very simple hook, come to think of it-- a wrapper around the variable_set userreference_access uses. Feel free to add it!
I would appreciate if you could audit the code. Style, optimization, comments, help text, everything.
Which brings me to my last caveat: there's some funky static caching of the node IDs each user has access to. I think I covered every contingincy where this list should be updated, but if at any point the module displays, ah, unexpected behavior, this could be it.
Agaric Design Collective