Hi all.

Apologies - I'm sure this has been asked many times but I just can't seem to find the answer I'm looking for.

I'm using Drupal for a school website. It's looking fantastic and the features are incredible. I have some small issues I need to address.

Rather than give parents an individual login (there are lots of reasons why I don't want to do this), we've decided to give them a shared login name of "parent" and a common password.

Therefore the "parent" user account needs to be treated differently from normal accounts:

1. Disable the ability for parents to edit the account. I've done this through menu options no problem but the /user/x/edit page is still available secretly. Would like to remove this ability completely.

2. If the parent can't remember the login, it gives them a password reset option (the email for this goes to the webmaster so it's not the end of the world) but I'd like to switch this off just for the "parent" user.

Does anybody know how I'd go about doing this?

Thanks very much in advance,

Sigol.

Comments

missym’s picture

There is a module that gives permissions based on a path. I can't remember the name but you might give that a shot.

sigol’s picture

Thanks MissyM - will have a look through the modules.

Will this also disable the password reset option for specific users?

Best wishes,

simon.

esllou’s picture

can't you just create a role for "Parent" and use access control to prevent all of that role from doing X, Y and Z??

sigol’s picture

hi esllou. that's what I thought I could do but I can't see a permission for "edit own profile".

Do you know how to do this?

Thanks,

Sigol.

siliconvalley1’s picture

He's right, it doesn't seem to show up under access control, not under user settings either, maybe there's a module for this? Not sure but it might require some editing of the code as it seems this feature was left out.

mr.morton’s picture

I'm having the exact same problem...

I've been googling - but cant find a solution. It just doesn't make sense
that you can not disable edit profile pr. user or role.

Anyone have a solution for this problem ?

Kind Regards
Mr.Morton

annalina614’s picture

I'm having the same problem.

But I think removing it from the profile page would be enough.
Sigol - How did you remove it from the Menu options? I can't find that option.

Thanks!

tommyk’s picture

http://drupal.org/project/path_access

I installed the 6.x-1.x-dev version and it works perfectly. I created a role and blocked the paths:

user
user/*

Now when a user of that role is logged in, the user will see the predicted Access Denied message when trying to get to either the View or Edit areas of a profile, including the user's own.

ressa’s picture

I haven't tried the path_access module, but this module will both hide the "View" and "Edit" tabs and block the paths, based on role permissions: http://drupal.org/node/483324#comment-2257606
EDIT: I just found out it will mess with the admin's edit button also. I think I will use the above Path access module after all 8o)

ressa’s picture

I found a snippet that will remove the tab. How to both remove a tab and blocking the path:
http://drupal.org/node/68792#comment-2538536

webadpro’s picture

I couldn't find it either so I made my own:

function mymodule_perm(){
	 return array('edit my user account');
}

function mymodule_menu_alter(&$items) {
  $items['user/%user_category/edit']['access callback'] = 'mymodule_user_edit_access';
}

/**
 * Access callback for user account editing.
 * OVERRIGHT DEFAULT FUNCTION
 */
function mymodule_user_edit_access($account) {
  return (($GLOBALS['user']->uid == $account->uid && user_access('edit my user account')) || user_access('administer users')) && $account->uid > 0;
}

If this Could help anyone.

mikekelly’s picture

This is really useful... thanks.

DevSerg’s picture


function mymodule_permission() { 
  return array(
    'edit my user account' => array(
       'title' => t('Edit own account'),
       'restrict access' => true,
    ),
  );
}

function mymodule_menu_alter(&$items) {
  $items['user/%user/edit']['access callback'] = 'mymodule_user_edit_access';
}

/**
 * Access callback for user account editing. 
 * OVERRIGHT DEFAULT FUNCTION 
*/
function mymodule_user_edit_access($account) {
  return (user_access('edit my user account') ||
    user_access('administer users')) && $account->uid > 0;
} 
inversed’s picture

This may be an old thread but considering I found my way here, others may benefit, too. I believe the way to do this is with the user protect module.

jay.lee.bio’s picture

Nice module. Thanks!

____________________

https://jay.lee.bio