TAC_Lite default access for new taxonomy terms
| Project: | Taxonomy Access Control Lite |
| Version: | 5.x-1.2 |
| Component: | Code |
| Category: | support request |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | active |
Jump to:
Hello,
I am using TAC_Lite to provide access control for an Intranet/Extranet project.
- I use NAT to automatically create a term in the taxonomy for every new customer node I create.
- All document nodes for each customer are then associated to the customer taxonomy term.
- Then I use TAC_Lite to restrict access for the customer user to his documents only.
This works really well. The issue comes when I want to have a role (Secretary) that has access to all customers, and hence to all taxonomy terms.
TAC_Lite provides for a way to give access for a role to all existing terms by manually selecting them all, but when I create new customers, and new terms are added, they are not automatically added to the TAC_Lite list for the Secretary role.
Is there a way for a role to be asssociated by default to all (existing/new) terms in a vocabulary? So that the Secretary role is automatically given access to new terms in this vocabulary.
#1
The quick solution is to grant Secretary the administer_tac_lite permission. Then that role will not be restricted by tac_lite in any way. But also they will be able to change tac_lite settings, which may not be good.
Other than that, I have no good suggestion. I don't know of a clean way to support what you're asking for. I'll think about it.
#2
The quick solution is to grant Secretary the administer_tac_lite permission. Then that role will not be restricted by tac_lite in any way. But also they will be able to change tac_lite settings, which may not be good.
Other than that, I have no good suggestion. I don't know of a clean way to support what you're asking for. I'll think about it.
#3
Thanks a lot Dave. That is a good quick fix for this case, and I can proceed with this project, but it would be great to have that functionality in TAC_Lite.
Please consider my suggestion to improve this fantastic module.
#4
From an interface standpoint, I think the logical way to implement this would be to have an < all > option on the page for access control by taxonomy.
I'm not saying that implementing that would be easy, but to me, that would be the logical way to add it.
+1 for this feature, I'd find it useful too.
#5
I have a similar issue where I have sites
Site A
-- Site A1
-- Site A2
---- Site A2a
-- Site A3
Site B
-- Site B1
Where the sites constantly change. I would like to be able to set a user to see site A and everything underneath it. So if a Site A2b was added, they would have access to it.
I was thinking the easiest way might be to add an permissions option "can view/edit/delete term children" -- certain roles could then automatically see nodes tagged with terms that had been added underneath a site they already have access to view.
Great Module!
#6
That sounds rather complicated for tac_lite. But if you provide a patch I'll look it over.
You might be better off with a module which automatically tags a node with parent terms whenever it is tagged with a child term. That is, if someone selects Site A2a, the node is also tagged as Site A2 and Site A. This would lead to the behavior you want in access control, and probably what you want when viewing nodes by taxonomy and other taxonomy-related behaviors. I don't know of a module that does this, but I think it would be useful and perhaps it already exists.
Another option to consider is adding another vocabulary with terms like "Site administrators" or "Site A Administrators" and configure tac_lite to grant permission based on those terms. You could even use hook_form_alter to hide such a taxonomy from end users.
#7
#5 is not quite a similar issue. Probably better related to:
#213267: Allow access on children items
But maybe the "All" option feature request I've just opened for surge_martin's #4 suggestion might solve Digital Deployment's problem too:
#333320: "All" option per vocab for by default access to All terms (and new ones automatically).