Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.
By gwideman on
Folks:
I'd dearly like a clear overview of drupal's model of users and groups (or roles I guess), and what kind of capabilities are thereby supported.
As a tangible example: suppose I want to use Drupal as an intranet environment in which I have many dozens of users -- and I'd like all to be able to post articles and comments thereon, post and track issues and so on. Seems like basic Drupal functionality.
But what I'd like to understand is how to establish groups/roles and permissions such that each person can only edit or view content (pages, issues etc) that relate to the projects they are involved in. Or correspondingly, how to allow users to set "make this article (or issue) visible to people of projects X and Y but not Z". (And of course more subtle variations -- editable by members of X, but read-only to group Z.)
Where can I find this documented?
Thanks,
Graham
Comments
Fine-grained access control
Drupal's basic configuration supports role-based access control that applies to node types. Comment access control is handled separately.
That's not enough, but rather than try to overload the core by anticipating every possible access-control strategy, that's left as a problem for contributed modules to solve. There are many that implement different access-control strategies. It is important that you do not mix them, as conflicts can get rather ugly.
For your purposes, you might want to use Organic Groups, which is a family of related modules that can enable a rich set of access control features as well as other benefits (email push of new posts, for example).