Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.
By flatcircle on
Hello,
I'm a new Drupal user and just discovered the Taxonomy access possibility.
One odd thing (for me) though. What's the difference between Deny and Ignore in the permissions?
Default all settings are set as 'Ignore'.
This means that nothing is Allowed. For me this is the same as 'Deny', not?
Am I missing something here? If Ignore doesn't give access, in which case should I use Deny?
Can somebody give me a clear example to show the practical use of the 'Deny' and 'Ignore' setting?
Thanks!
P.
Comments
Dunno about taxonomy_access
specifically, but with other systems there is a difference.
Ignore just means skip over this setting and rely on the others. Generally most systems default to deny in the absence of any rights being given (ie all ignore). Also a single deny setting will override all others.
So while having all ignores produces the same effect as all deny or a mix of denies and ignores due to the default deny setting - they behave differently when you add some allows into the mix. Some allows and the rest ignores will combine to allow, but some allows and the rest denies will combine to deny.
Having ignore available is very important in keeping the configuration manageable - you don't need to explicitly set permissions on everything, just the things that matter.
--
Anton
New to Drupal? | Troubleshooting FAQ
Example knowledge base built with Drupal
Figured it out
I think I figured it out by trial-and-error. The difference is that if you select "Ignore", then the access depends on any other access mechanism you've set up. For example, if you set up permission for a user w/ specific role to be able to edit a content type, then using "Ignore" will defer to that mechanism. If you had set "Deny," then it'll deny access regardless of what other access mechanisms allow it.