By ac on

Hi there. New to drupal. Loving it so far. I have a question that I hope someone can help me with. I can't seem to figure out how to protect content. Is there a way to define what content can be seen and by whom. For example I would like a number of articles to be visible only to registered users. Furthermore I would like certain menu items only available to registered users. For the integration of a intranet/website this functionality is impertive but i can not seem to find it. Am I blind or is this not possible?
Thank you
Alex

Comments

ac’s picture

ac
Primary language English
Location Perth
commented

Ive found out how to control blocks and content on a user basis but i am still struggling with controlling menus for users. Any help?

lycka’s picture

lycka commented

I just want that just some roles have access to some pages. I din't find out how to do...

Would be nice, if you could give me a short hint.

Thanks

lycka

crac’s picture

crac commented

this can be achieved with the module node_privacy_byrole:

http://drupal.org/project/node_privacy_byrole

--
my httpclient for uploading whole directories to drupal image galleries (image.module)

crac’s picture

crac commented

menu items cannot be restricted to roles, therefore I would create an own block with php, where you decide whether or not the user can see the entry or not depending on its role:

  $roles = array(); 
  $result = db_query("
    SELECT r.* FROM {role} r 
      INNER JOIN {users_roles} ur ON r.rid = ur.rid
      WHERE ur.uid = %d", $user->uid);
      
  $output .= '<ul>';
  while ($role = db_fetch_object($result)) {
    switch ($role->name) {
      case 'Team Admin':
        $output .=  '<li><a href="/?q=node/xx">Team Admin</a></li>';
        break;
      case 'Reporter':
        $output .= '<li><a href="/?q=node/xx">Reporter</a></li>';
        break;
      case 'Editor':
         '<li><a href="/?q=node/xx">Editor</a></li>';
        break;
    }
  }
  
  $output .= '</ul>';
  print $output;

Not sure if it realy works, but it should ... ;-)

--
my httpclient for uploading whole directories to drupal image galleries (image.module)

Andrzej7’s picture

Andrzej7 commented

Such a block is very useful and I'm looking for such.

Sorry, but this doesn't work (I'm not a programmer - I can't tell why)

Andrzej

Dublin Drupaller’s picture

Dublin Drupaller commented

Hi Andrzej7

here's a block snippet that works:

http://drupal.org/node/13266#comment-29543

Dub

Currently in Switzerland working as an Application Developer with UBS Investment Bank...using Drupal 7 and lots of swiss chocolate

crac’s picture

crac commented

right, probably its the missing

global $user;

which has to come at the beginning of the code ... sorry for that!

futhermore it could be that you have to return the output instead of printing it directly. change the last line as follows:

// print $output;
return $output;

--
my httpclient for uploading whole directories to drupal image galleries (image.module)

Andrzej7’s picture

Andrzej7 commented

My code looks like that: 

<?php
  global $user;
  $roles = array();
  $result = db_query("
    SELECT r.* FROM {role} r
      INNER JOIN {users_roles} ur ON r.rid = ur.rid
      WHERE ur.uid = %d", $user->uid);
  $output .= '<ul>';
  while ($role = db_fetch_object($result)) {
    switch ($role->name) {
      case 'reporter':
        $output .=  '<li><a href="/?q=node/1">Reporter</a></li>';
        break;
      case 'autor':
        $output .= '<li><a href="/?q=node/1">Autor</a></li>';
        break;
      case 'Editor':
         '<li><a href="/?q=node/xx">Editor</a></li>';
        break;
    }
  }
  $output .= '</ul>';
// print $output;
return $output;
?>

I'm not a coder - sorry (maybe I made a mistake), but it still doesn't work.

Andrzej

crac’s picture

crac commented

Make sure the following things apply:

1) The role names in the switch-statement are case-sensitive, so make sure your role names really equal the ones in the code.

2) You have to save the block with content-filter php code.

Do both things apply to your environment? Because I tried the code now and it works for me ...

--
my httpclient for uploading whole directories to drupal image galleries (image.module)

Andrzej7’s picture

Andrzej7 commented

Thanks

I checked all and the problem was: Admin didn't see anything, he wasn't in this roles. I'm used to see everyting as an admin.

The block works. It's very helpfull. Thanks !

Andrzej

dkaragiozov’s picture

dkaragiozov commented

Hi, I had a similar questions/problems as yours - the DRUPAL is an open community system and thus the access rights are not very granural...

I've installed the node_privary_byrole module (from the CVS) and there you can define that a given node is visible/editable only to specific roles.

Hope this helps...

Diman Karagiozov
Tetracom IS Ltd.
http://www.tetracom.com

Bèr Kessels’s picture

Bèr Kessels commented

They are EXTREMELY granular. taxonomy_access, node_priivacy_by_role are just examples of that. It is a bit baud to just make a statement like that. Esp since it is not true.

Drupal, out of the box, is simple, yes, but it allows you to develop or install modules that have extreme power over access. I have never seen a platform/CMS that gives such access granularity as drupal.

---
if you don't like the choices being made for you, you should start making your own.
---
[Bèr Kessels | Drupal services www.webschuur.com]

designanddraft’s picture

designanddraft commented

drupal 6.x, v6 transparent admin
I am looking for transparent administration, open, visible and sometimes editable admin settings with security. based on permissions, locked individually (as a node?), password protected, view and/or edit choice for admin inserted at the top or bottom of all admin/settings pages. even better, password or radio button next to every settings choice as viewable and/or editable similar to form field protect. a prominent notification to the user, “you can view this page of administration settings, if they require edit, please email administration with your request link”. Possibly even attached comment or site note section, ability to insert instruction or voting widget.
I gather this is the approach taken by adding access control to the core and maybe it is similar to drupal core building. I have been looking at everything I can find and I’m not a programmer yet, so I need to pass what I’ve found on to someone else here. If someone can put these pieces together or have experience with something similar with any version 4,5,6,7. i'm listing this at all of these locations aswell. Rsvp, elisa

http://drupal.org/node/109157 access control
http://drupal.org/node/131101#comment-735943 Add disabled attribute to protected fields
http://drupal.org/node/245900 How to Protect Nodes From Editing on Demand
http://drupal.org/node/31143#comment-796152 Node Privacy by Role not working
http://drupal.org/project/nodeaccess nodeaccess
http://drupal.org/node/126129#comment-703933 password protect a page
http://drupal.org/node/222263#comment-902378 Port of Content access for D6
http://drupal.org/node/29991#comment-51352 Protected content
http://drupal.org/node/13266 Show block to certain users or roles only- Drupal 4.6
http://drupal.org/project/simple_access simple access
http://drupal.org/node/118404#comment-735895 View, but not edit, field at node/xxx/edit