access control for periodicals - does my plan make sense?

Looking for some advice and ideas....

A client is publishing a periodical online.  Only paid
subscribers will have 
access to the nodes that are part of the periodical. 
Subscriptions are not 
necessarily continuous.  So for example a user might
subscribe in 2006; not 
subscribe in 2007; then subscribe again in 2008.  In 2008,
such a user should 
be able to view content from 2006 and 2008, but not 2007.

I have a flexible system in mind; in which each subscription
has a start, end 
and expiration.  Whether a node is visible will depend on
whether its 
creation date falls between the start and end of a
subscription.  My question 
is not about this part, but about how best to hide the nodes
that the user 
has not paid for.

I do not plan to use "standard" access control;
that is, the node_access table 
and grants, because I don't see how to cleanly map a
subscription start and 
end date to a grant id.  But that's OK because I don't
need to entirely hide 
the existence of these nodes.  I just need to hide the full
contents of the 
node.

So my plan is to put some logic in hook_nodeapi.  If $op ==
'view', and the 
user has not subscribed to the node in question, I can do
something like:

    $node->body = t('Sorry, you have to subscribe to
view this.');

I'm writing to this group because I think is a reasonable
approach, but I'm 
not sure.  Any thoughts or suggestions?

Thanks,

-Dave
 

Dave Cohen wrote:
> So my plan is to put some logic in hook_nodeapi.  If
$op == 'view', and the 
> user has not subscribed to the node in question, I can
do something like:
> 
>     $node->body = t('Sorry, you have to subscribe
to view this.');

In Drupal 4.7, the Premium module uses a similar approach. I
think 
you'll do pretty well with it. Under Drupal 5.0, it's a
little more 
complicated but follows the same basic pattern. Looking at
the code for 
Premium.module will definitely give you a good start.

-Jeff

On Saturday 23 September 2006 11:54, Jeff Eaton wrote:
> Dave Cohen wrote:
> > So my plan is to put some logic in hook_nodeapi. 
If $op == 'view', and
> > the user has not subscribed to the node in
question, I can do something
> > like:
> >
> >     $node->body = t('Sorry, you have to
subscribe to view this.');
>
> In Drupal 4.7, the Premium module uses a similar
approach. I think
> you'll do pretty well with it. Under Drupal 5.0, it's
a little more
> complicated but follows the same basic pattern. Looking
at the code for
> Premium.module will definitely give you a good start.
>

Thanks for the pointer.  Premium defines a hook so that I
can customize the 
logic that grants permission.  Maybe I can use Premium as
part of my 
solution.