How preventing editing a node when this node has a specific workflow status

Question

I use Drupal 7 and I would like to prevent the edition of some nodes for specific user roles when the node has a specific workflow status.

For instance, if the node has the workflow status "validated", the user having the role "contributor" is not able to edit it but the user with the role "validator" well.

If the workflow status is "to validate", both user roles can edit it.

Is it possible to implement this kind of process with the modules "Rules" and "Workflow"?

Answer 1

You probably want to use hook_node_access($node, $op, $account). Create this hook in one of your modules. To potentially deny access on edit first add a check for $op == "update" then add your validation logic. To deny access return NODE_ACCESS_DENY otherwise return nothing or NODE_ACCESS_IGNORE.

A simple example would be as follows:

function MYMODULE_node_access($node, $op, $account) {
  if (($op == "update") && ($node->type == "node_type_to_check")) {
    // Add your extra validation checks here
    // ...and if you then want to block access return the following
    return NODE_ACCESS_DENY;
  }
}

You will find more information about hook_node_access() in the Drupal 7 API docs.

WARNING: If you are logged in as the admin user (user 1) then you will be able to edit the node regardless of your hook_node_access() rules, so make sure that you test this with a "normal" user.