Control Anonymous Content Access

By magnusprime on 5 Jun 2006 at 15:17 UTC

Hi all. I have done alot fo searching and test of the different node privacy/access systems. So far, none seem to do exactly what I need to do.

On the front page of the site, I want anonymous users to be able to see all the items that have been promoted. New Pages/Stories/Forum topics, etc. I want them to see the titles and teasers of these items. However, when they click on the item, I want them to get an access denied message, or re-directed to the login page.

The last requirement, is that I can set this up as the administrator, and the people who create the content can not change it. So in Content Types->Configure, I can specify all my settings (Promote to Front, Published, etc) including security. And then no one can override it.

Seems fairly easy to me, except I cant get it to work yet. If I uncheck "Access Content" on the node option in access control, they dont see anything at all on the front page. Not the titles or the teaser at all.

I have looked at TAC_Lite. This is ok, but I dont want to restrict access based on Taxonomy. Once the user is in the site, they can read everything. (Edit is still only by admin and original poster.)

Simple_Access. I dont quite understand this one. Why cant it use the roles I have already created in Access Control? Why do I have to create new groups for this? Also, it still doesnt allow for the setup I want.

Node Privacy by Role. Again, quite complex, and still doesnt allow for the type of setup I want.

The closest I have seen so far is this: http://drupal.org/node/62582. I am going to try this out and see if it works for me, but I dont think it will.

Comments

Access Control?

benofsky commented 5 June 2006 at 17:18

I think you could do exactly what you want from the Access Control Module in the admin panel. Not sure though, Good Luck.
Ben
Benofsky Park.com

I dont think so

magnusprime commented 6 June 2006 at 19:22

The thing about access control, is that everything is a node. Pages, Stories, forums, etc. All nodes. So the Access Content permission applies to them all. Therefore, if I turn it off for anonymous, then nothing shows up on the front page, other than "Access Denied", since teasers are just part of the node.

One idea

sepeck commented 6 June 2006 at 19:31

Use the front page module.

Create a page for anonymous content and use db SQL queries to call the various teaser nodes from recent content, etc. Then when the anonymous user clicks on the content link, they will need to have access conten trights so will need to log on. This way you avoid the access content permission as the SQL queries on the front page are direct pulls.

-Steven Peck
---------
Test site, always start with a test site.
Drupal Best Practices Guide -|- Black Mountain

-Steven Peck
---------
Test site, always start with a test site.
_{Drupal Best Practices Guide}

Possible

magnusprime commented 6 June 2006 at 23:53

Thats an idea. But I dont really want to mess with PHP and stuff to get my front page to look right. I think this should be something could/should be handled by a module or in the core itself.

It should? Cool. I look

sepeck commented 7 June 2006 at 05:02

It should? Cool. I look forward to your patches.

Try the front page module. I think it will surprise you with it's capabilities. Look at the php snippets section. Drupal is designed to help you build your site. It is not every site out of the box but with a bit of effort, it is your site not like anyone else's. :)

-Steven Peck
---------
Test site, always start with a test site.
Drupal Best Practices Guide -|- Black Mountain

-Steven Peck
---------
Test site, always start with a test site.
_{Drupal Best Practices Guide}

Hee Hee

magnusprime commented 7 June 2006 at 18:38

I know. Its always easier said than done. I can dream cant I?! :)

I am going to check out the front page stuff, just been busy the last few days. Hopefully later this week.

Something working

magnusprime commented 9 June 2006 at 13:32

I have it mostly working now. I am using the front_page module to show my anon users something different than my registered user.

I am using a php snippet to show them the nodes that should appear on the front page, so they see the title and teaser, but when they click on the item to see the full node, they get a login screen/access denied message. (LogginTobbagon!!!)

Right now I am just looking for the proper php snippet that would show exactly the same items (number/type) that the default node would, based on the setting in the admin area.

Better late than never

wmarkwilkinson commented 20 June 2006 at 02:32

Sorry about the late timing on my response, but I ran across this node while trying to find a similar solution. I wanted a simple method of controlling access to nodes by type and role. ie: anonymous users can view announcements, authenticated users can view news, stories, etc. I've only been using drupal for a week, so excuse me if this doesn't work for anyone else...

Here is my .02:

All of my types were "stories", so I installed the contento module and made a slight change in the module to create a "view" access control. The lines I changed in contento.module are:

/**
 * Implementation of hook_perm().
 */
function contento_perm() {
  $perms = array('administer content types');
  foreach (contento_type_list() as $name => $type) {
    $perms[] = "create $name content";
    $perms[] = "edit own $name content";
    $perms[] = "administer $name content";
// Added by Mark
    $perms[] = "view $name content";
// End of Add
  }
  return $perms;
}

/**
 * Implementation of hook_access().
 */
function contento_access($op, $node) {
  global $user;
  $type = is_string($node) ? $node : (is_array($node) ? $node['type'] : $node->type);
  
  if(user_access("administer $type content")){
    return TRUE;
  } elseif ($op == 'create') {
    return user_access("create $type content");
// Added by Mark
  } elseif ($op == 'view') {
// End of Add
    return user_access("view $type content");
    
  } elseif ($op == 'update' || $op == 'delete') {
    if (user_access("edit own $type content") && ($user->uid == $node->uid)) {
      return TRUE;
    }
  }
}

This creates a "view" permission for the defined node under administer->access control->contento module

Then, I created a few new node types using the contento module: (announcements, news, etc). Since I wanted announcements on the main page, I adjusted the "administer->settings->General Settings->Default Front Page" to announcements.

Then under administer->access control->contento module:
uncheck node module->access content
check contento->view announcement content

These settings worked for me, but I've only been using drupal about a week. I'm willing to bet there are much better ways to implement node access control in a simple way. This was what worked in my particular situation, since I didn't like any of the existing methods I've tried.

FrontPage Nodes

mkabot68 commented 21 June 2006 at 00:43

Here is a PHP snippet that I place in my Anonymous Users section of FrontPage settings to get the same "nodes" on the home page.

<?php

$result = db_query(db_rewrite_sql("SELECT n.nid, n.created FROM {node} n WHERE n.status = 1 AND n.promote = 1 ORDER BY n.sticky DESC, n.created DESC"), variable_get('default_nodes_main', 6));

while ($node = db_fetch_object($result)) {
  $output .= node_view(node_load(array('nid' => $node->nid)), 1);
}

print $output;

?>

This ties into the variable used in the settings page for # of nodes on home page. This grabs sticky nodes and puts them at the top. It themes the nodes as well.

Premium module?

pwolanin commented 21 June 2006 at 01:57

Did you look at this module: http://drupal.org/project/premium

The description seems to match your requirments:

Premium nodes appear in listings with full title and teaser available to anyone. If a user does not have adequate privileges, the body is replaced with an administrator-defined message (for example, an invitation to join the site).

---
Work: BioRAFT

The best way I have found so far

magnusprime commented 27 June 2006 at 01:54

You need the loggintobagin module and the front page module and the views module.

Configure loggintobaggin to be the way users login, and to display a login page when an anon user tries to access protected content.

Configure front_page for anonymous users to be re-direct to the frontpage page instead of node. (Redirect to the node 'frontpage'. )

Then, go to access control, and remove all permissions for anonymous users.

Now, when they are not logged in, they will still see the same front page, but will not be able to access anything until they log in, and will get a login page if they try to access anything.

This doesn't work. I set it

freehunter commented 25 July 2006 at 09:26

This doesn't work. I set it to work like that, and when front_page redirects the anonymous user to site.com/closed_registration as the front page, it says access denied, since that content is blocked based on role.

Further Explained

magnusprime commented 27 July 2006 at 18:07

OK. You need the Views Module, Front Page Module and Loggintoboggin module.

First look at the views module settings. One of the default views if called 'frontpage'. This mimics your front page settings. Its URL is frontpage, and can be accessed by host.com/frontpage.

Then go to the front_page settings.
For Anonymous users, select redirect, and frontpage is the node to redirect to.
I have it redirect to 'node' for authenticated (non anon) users.
Then in the 'Default Front Page' box, I type in front_page, which means the main drupal page will use the settings you just set on this page.

Now go to LogginToboggin and set it as you want. I have it set to show the registration/login page when they try to access content they are unable to.

Hope this helps.