By kylehase on

I have a node type 'FAQ' which will only be used on a views page and views block. The node content should only be viewable as shown on the page and block. How do I prevent the full nodes from being directly reached via search or node path?

So far the only method I've found was to unpublish each FAQ node and use a "published=no" filter in views. While this works, I'm not sure if it will have other unintended consequences.

Does anyone else have better suggestions? I've searched the forum and web but was not able to find anything. Perhaps I was searching with the wrong keywords.

Categories: Drupal 6.x

Comments

johnpitcairn’s picture

johnpitcairn commented

The "search restrict" module will let you exclude a content-type from searches.

Having the nodes unpublished sounds is an interesting approach, if your filtered view is the only way they will ever be accessed AND the node author is the only user who will ever need to edit them. But make sure this works while you are logged out!

kylehase’s picture

kylehase commented

Thanks John. I'll look into that search restrict module.

Yes, I realized that the views may not display unpublished content while logged out. Fortunately it worked as expected. Whether or not this is a bug or by design (since I used the filter published=no) is questionable.

johnpitcairn’s picture

johnpitcairn commented

From what I remember, search indexing shouldn't include non-published nodes anyway. So you might be good as-is.

kylehase’s picture

kylehase commented

I wasn't pleased with the "published=no" kludge so I tried another method.

I Installed the "Content Access" module and denied access to the FAQ content type to anon but it turns out that views respects access permissions so the FAQ page view contains no content.

kylehase’s picture

kylehase commented

Tried other node access control modules
* simple_access
* node_privacy_byrole
* node_access_control
but all of them use the same permission system which blocks access to the node but also blocks views from accessing the node at the same time. I understand how this design decision is a good one for most cases since it prevents access to protected data no matter how it's accessed, be it direct node URL or through a view.

kylehase’s picture

kylehase commented

I wasn't pleased with the publish=no kludge because of the confusion it would cause as it produces the opposite effect outcome.

Since it appears to be the only workable solution I searched for and found a way to reduce the confusion by setting the content default to publish=no and hiding the "publish" checkbox using the formfilter module. Still not the best solution but it should be usable.

cloneofsnake’s picture

cloneofsnake commented

http://drupal.org/project/content_access

I think Content Access should accomplish what u need here

kylehase’s picture

kylehase commented

Thanks for the response but unfortunately, as stated above, the content access module adds role permissions by content type but not by view.

mpdonadio’s picture

mpdonadio
he/him
Primary language English
Location Philadelphia/PA/USA (UTC-5)
commented

I have been experimenting with setting the path-alias for these content types to be

no-view/[nid]

and then using 


function MYMODULE_init ()
{
	$path = drupal_get_path_alias(request_uri());
	
	if (strpos($path, "no-view/") !== false) {
		drupal_not_found();
		exit;
	}
}

This is not highly tested, but I have not run into any side effects yet.

greenbeans’s picture

greenbeans commented

Brilliant. Thanks for this.

Patroclas’s picture

Patroclas commented

I do something like this with the Finder module which can be set to take its results from a view. That view can have filters and permissions set to do what I need.