Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.
By jjjames on
I have searched and not found a solution for this. Is it possible to grant view node permissions per user? Example: I want Joe to be able to see "Arm Excercises" "Shoulder Exercises" "Back Exercises". I do not want Joe to be able to see "Leg Exercises" "Knee Exercises" "Foot Exercises". This way each node permission is unique per user. I need to be able to customize node permissions on a user basis rather than role basis because permissions will be unique per user rather than per role.
The site admin will manually grant node permissions on a per user basis. Role permissions are not specific enough for what I want to do so I need a per user solution. Can anybody help me with a solution?
Thanks!
Comments
"Back up on that ass with a resurrection"
Hi. I'm resurrecting this unanswered question from August 14, 2008. If the answer is simply, "no", then could somebody say it please and I'll stop searching. If the answer is yes, then please enlighten me how this can be done. I've asked this question a few different ways and haven't gotten anything definitive either way.
Thanks.
As far as I know (without a
As far as I know (without a module) it is not possible because Drupal is working with a role based access control.
There are however some modules that implement this functionality:
- http://drupal.org/project/nodeaccess
- http://drupal.org/project/content_access
- http://drupal.org/project/node_access
They all more or less do the same. If you choose one of these modules I would be glad if you post your experience.
-
Hey. None of those modules seemed to be granular enough to do what I wanted. I ended up mixing the backend behavior of
http://drupal.org/project/nodeaccess_userreference with some tweaked organic groups functionality. Group Admins decide exactly who sees what. Thanks for the feedback.
_
I'd be curious to know how you tweaked og as when I tried to do something similar, the og grants were always overriding the nodeaccess_userreference permissions.
-
Well, unfortunately the tweaking did involve breaking the cardinal rule for modifying the module directly, but I wasn't sure how else to do it.
Normally, when a new Group is created, the row with og_subscriber as the realm is inserted into node_access. I simply modified so ALL grants are set to 0. Doing so means NO row gets inserted. So the group gets created, but none of the members can see any group nodes by default. This might seem unusual but is exactly what I needed.
I then created a module/form to allow group admins to manage access to individual group nodes for individual group members. This is done by updating the realm field in the node_access table as nodeaccess_userreference does.
Works great. But this was my first go-around. So if anybody sees any potential gotchas, please share. I was already informed that writing to node_access was a no-no. But couldn't get any further info as to exactly why. I'm still unsure of what happens when sometimes permissions need to be "rebuilt" and how this might affect what I'm doing.
_
ahh.... interesting. I don't see any obvious gotchas but it does strike me as a bit hacky-- i tend to think there must be a 'drupal' way to allow og to work this. Sounds like a very useful feature request-- there's a new maintainer, so maybe he'd have some ideas. You might want to open an issue for it.
-
I agree. I felt the ickyness of hackyness as I was doing it. But the OG mods were very minimal (literally under 10 characters), and like I said it was my first attempt at trying to be clever with Drupal. Actually, I searched long and hard for this kind of functionality for months, including a number of posts here (a couple you were helping me out with). And the verdict seemed to be there's nothing that currently does this. The closest is the OG Roles module (name?). But that doesn't quite fit and isn't granular enough.
_
duh-- i should have realized it was your issue again, lol. I played with this a couple of times and never did get it to work right without hacks. Though I've been meaning to try and see if i can get it working right with the http://drupal.org/project/module_grants module, I haven't had a chance yet.
Of course you're right to avoid hacks whenever possible, but sometimes there's no reasonable way to avoid it. As long as you got it working, that's all that really matters.