By bjaspan on

My site offers anonymous access, free authenicated user access, and fee-based monthly subscriber access. I have access control roles for anonymous, authenticated, and subscriber. All subscribers also have the authenticated role.

I want to have forums that anonymous can read but only authenticated can post to *AND* forums that only authenticated users read and only subscriber can post to. For the latter, I could accept the situation in which the subscriber-only forums are only readable by subscribers as well. It appears I can set up either approach globally for all forums using access control but do not see how to do it on a per-forum basis.

Is this currently doable, or do I need to write a new module? I'm already using node_privacy_byrole.module specifically to make certain nodes authenicated-only or subscriber-only. However, for those nodes I have an "edit" tab on which I can specify the roles. For forums, I have no edit tab. (I do have an edit tab on forum posts and can control their access by role because those are normal nodes but that is not a workable solution.)

Thanks,

Barry

Categories: Drupal 4.6.x

Comments

cog.rusty’s picture

cog.rusty commented

Have you tried a role access control module based on taxonomy rather than on individual nodes? Forums are based on a taxonomy vocabulary called 'Forums'.

With the 'taxonomy access control' module, for example, you could set up who does what with the nodes of a forum and with the forum names themselves. Here is an example of 'category permissions' for special forum categories with the TAC module:

anonymous user
---------------------
for normal forums:
View      Allow  (can read the nodes themselves)
Update    Deny   (for moderating *anyone's* posts
Delete    Deny   (same as above)
Create    No     (can't post in these forums)
List      Yes    (can see the forum names)

for subscriber forums:
View      Deny
Update    Deny
Delete    Deny
Create    No
List      No     (not even aware that these forums exist)
authenticated user
------------------------
for normal forums:
View      Allow
Update    Ignore  (defaults to Deny, but overrided by other Allow permissions)
Delete    Ignore  (same as above)
Create    Yes
List      Yes

for subscriber forums:
View      Allow
Update    Ignore
Delete    Ignore
Create    No      (can't post there)
List      Yes     (can see the forum names)

This role should also have 'create forum posts' and 'edit own forum posts' permissions in the regular permissions tab.

subscriber
--------------------
for normal forums:
View      Allow
Update    Ignore
Delete    Ignore
Create    Yes
List      Yes

for subscriber forums:
View      Allow
Update    Ignore
Delete    Ignore
Create    Yes
List      Yes

This role should also have 'create forum posts' and 'edit own forum posts' permissions in the regular permissions tab.

With the Update and Delete permissions of TAC you can even create moderator roles for specific forums.

Another way is to use the organic groups (og) module to put the users into groups, but I am not very familiar with that. In any case, It is safer to use *only one* access control module, except if you study and test their behavior and interaction carefully.

sime’s picture

sime
any/any
Location Melbourne
commented

I'm just a bit confused about the configuration examples you've put there. Is that essentially what the data looks like in the database? Or are these config files of some sort.

cog.rusty’s picture

cog.rusty commented

These are the settings in TAC module's "category permissions" tab. This tab appears in 'admin>access control' when you have TAC installed.

Mok’s picture

Mok commented

I find that although the "list" is set to "no" if the user knows the url, they can still see the forum title...is there a way to prevent this?

coupet’s picture

coupet commented

Taxonomy Access Control
http://drupal.org/project/taxonomy_access

Apache is bandwidth limited, PHP is CPU limited, and MySQL is memory limited.

kae’s picture

kae commented

Barry, what are you using to manage the paid monthly membership fees? We are sponsoring development of the paypal subscription module, and so are very interested in any thing that does this.

bjaspan’s picture

bjaspan commented

I have not set up the membership fees yet. I have looked at the ecommerce module and may work with that. I use Authorize.Net which has recurring-billing support so all I really need is a module which will interact with that at start/stop time, not one that actually performs monthly charges (though that would be fine too).

Contact me at bjaspan at straightaces dot com and we can work together on this.

Thanks,

Barry

abqaria’s picture

abqaria commented

what module do you use to make subscription based site ?