Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.Once again, I love this module!
I'm looking for a way to restrict users from being able to choose any combination of roles to give access permissions when they're creating new forum topics.
For example, I don't want "anonymous users" to have any forum access, so I don't want that check box available for users to select when creating a forum topic.
I'd like to be able to select a subset of roles that can be assigned by users.
Also, until the "bug" that causes forums with multiple-role access to be displayed multiple time is fixed (if this is indeed a bug), I don't want users to be able to choose any roles that are subset of other roles.
| Comment | File | Size | Author |
|---|---|---|---|
| #1 | node_privacy_by_role.restrict_role_display.patch | 6.22 KB | javanaut |
Comments
Comment #1
javanaut commentedI found myself needing similar changes for a project I'm working on. Here's a diff of how I did it.
I made a few changes:
1. Unless you're admin (uid=1), you only see checkboxes for the roles that you're in.
2. If you're only a member of one role, the checkboxes for a node are replaced by hidden form fields, so by default, all content you create is restricted to members of your role, and permissions for content that you edit remain unchanged.
With my application, there's an admin (uid=1), authenticated users (site managers and such) and a separate role for each client (multiple users per client) that accesses the site. Each client has their own role, so they never see the content of any other client. This is only a matter of suppressing the form output, not an additional security measure. If a skilled hacker were determined to allow other roles to see his/her node, then I'm sure it could be done one way or another.
I haven't thoroughly tested this patch out, but it appears to work for me thus far, and looks like it might solve your problem to some degree.
Comment #2
ankur commentedI've heard the request once or twice before to restrict the role selection to the subset of site roles to which the node submitter belongs. However, I don't know if this is what we would want to happen in the case where a user with a certian role wants a node to be viewable by a group that s/he doesn't belong to.
-Ankur
Comment #3
ankur commented