Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.
By Walsodar on
Hi. I have started to adventure with Drupal for several days and the following question have come to ask: is some area of my web site allowed for defined users only or not? Of course - menu which directs to the area is permitted to defined users but if some wisegay types the final address of protected site "by finger" - he is entering with no problem. Have I missed anything or (God save!)there is no solution for it?
Regards -
Radoslaw Buchta
[Polish original version of the post]
Tak sobie od paru dni edukacyjnie dłubię w drupalu i nadszedł czas na zadanie pytania: jak to jest właściwie z ograniczaniem dostępu do określonych obszarów witryny? Oczywiście menu, które umożliwia dotarcie do danego obszaru można udostępnić zdefiniowanej grupie użytkowników, ale jeśli jakiś spryciarz wpisze "z palca" w przeglądarce adres chronionej strony, to wchodzi jak w masło. Coś przeoczyłem czy (co nie daj Boże!) nie ma na to rady?
Pozdrawiam i smacznego jajka -
Radosław Buchta
Comments
Access Control
You as the site administrator has access to all areas of the site, if you create a new user you would have to grant access rights to access certain section and types of content in the site. You can define user roles so you can assign different access levels to different types of users. eg.: Admin, guest, power user, super user, anonymous user
"I would rule the world - If only I had the source code"
R.A.Smith -- "ƒrÅzRâ§"
http://www.exterbox.com
Thanks Frazas but could you
Thanks Frazas but could you extend "different access levels"? The structure of site is made almost all of "page" content type. I still can't define areas with restricted access. It would be great to define access to types of users during "add content" process...
Regards -
Radoslaw Buchta
Workflow
The workflow is entirely up to you. If you want a writer that can't publish content then you'd want to make it so the pages content type has published unchecked by default. Then you can give the writers access to create pages and edit their own pages. That way they can see their own stuff, but they can't publish it. The next step would be an editor which you could give them access to all content, but you can keep it so they can't publish or they can depending on how you want your workflow to go. If they can't publish then you either need to create another role where they can publish it or you can leave that up to the admin. Hope that makes sense...
=-=-=-=-=-=-=-
Miles
I see that
Protitude, thanx, it is clear for me from your answer but what about the visitors? Registered visitors from some defined group who shouldn't create any content and who could see some restricted part (not visible for anonymous or members of other groups)? How to define the area of site which can be seen by users from defined group only?
Thanks in advance -
R. Buchta
Organic groups
Chech out the organic groups module
"I would rule the world - If only I had the source code"
R.A.Smith -- "ƒrÅzRâ§"
http://www.exterbox.com
"I would rule the world - If only I had the source code"
R.A.Smith -- "ƒrÅzRâ§"
http://www.exterbox.com
Organic modules also do not solve the poblem
Thank all helpers for patience.
Role access to Content Types
I'd suggest creating content types. Then only give a certain role access to that content type...
=-=-=-=-=-=-=-
Miles