Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.We had a need to protect nodes that are not in any group, while allowing the organic groups access control module to protect nodes that are in groups.
A fairly simple change does the trick: this checks to see if a node is in a group; if so, it lets OG's grants take precedence. If the node is not in a group, then the private module sets access grants.
A patch is attached.
| Comment | File | Size | Author |
|---|---|---|---|
| #1 | private.module.og_.patch | 671 bytes | jshuster@drupal.org |
| private.module.og_.patch | 658 bytes | jshuster@drupal.org |
Comments
Comment #1
jshuster@drupal.org commentedWhoops ... we can improve the patch by making it so that it works if OG is not installed. This should do the trick, somewhat more gracefully.
Comment #2
Apfel007 commentedHi jshuster,
did I understand you right ..
you use the module with og? What should your patch do exactly?
I tried it.. but I saw no result - what should happen? I made a private group-post and mark it as private.
User there are not member of the group are not able to see the post ( happens without private too) and members of the group are able to see the post ... ( this I would like to avoid..)
Could you explain me a little bit?
Cheers Apfel007
Comment #3
jshuster@drupal.org commentedHi, Apfel007,
In Drupal, nodes are accessible to anyone by default. The Private module lets users mark nodes as private, and private nodes are visible only to the node author (and site administrators, of course).
Organic Groups can also control access to nodes, limiting access to nodes that are in groups to group members.
But what about nodes that aren't in any groups? By default, they're open to anyone.
We needed to let users create nodes which aren't in groups, yet which only they can access. Private works perfectly for this. But we also needed Organic Groups to control access to nodes that are in groups.
Using two access control modules at the same time doesn't normally work in Drupal (this is pretty well documented). One module will restrict access to a node, and the other will open access back up again. Not good.
This patch lets Private work along with Organic Groups' access control. If a node is in a group, Organic Groups controls node access. If a node is not in a group, Private controls node access.
With both Organic Groups Access Control and Private activated:
- nodes in groups should be accessible exactly according to how OG Access Control is configured. If OG is configured so that nodes in groups are visible only to group members, then non-members cannot view the node.
- nodes that are not in groups, but which are marked private, should be accessible only to the node author.
- nodes that are not in groups, but which are *not* marked private, should be accessible to anyone, whether logged on or not.
This lets our users can create nodes that stay private within their user accounts, yet which can be submitted into groups for review by others.
Does that help?
Cheers!
- jshuster
Comment #4
gregglesComment #5
adamps commentedClosing ancient D6 issue that doesn't seem to apply any more.
In D7 I think you can use hook_node_grants_alter to fix the priority as desired.