Modules: User access/authentication

Account Types

Use 1.4 version.

If you have a ton of users and a ton of roles on your site this module aims to eliminate errors in assigning roles and simply make it easier to keep track of who should be able to do what.

The site admin -

1. defines account types
2. assigns roles to each account type via checkboxes

Either the site admin or user admin -

1. assigns account types to users
2. assigns roles to users based on the limits of the account type

The user -

1. can't tell the difference

Permissions and roles behave as they always have. Account types pretty much just disable the role checkboxes on the user edit page so that the wrong role can't be assigned the user. This is important if you have a person that is a little technically challenged helping to administer users or who doesn't understand that a particular person isn't supposed to be assigned a role just because they requested it.

NEW FEATURE! You can now select roles that will be auto-assigned when the user gets the Account Type assigned to them.

Version	Date	Links	Status
5.x-1.4	2007-Nov-28	Download · Release notes	Recommended for 5.x

Admin Role

This module is a little helper to maintain an admin role which has full perms. First, simply select a role which will be a "admin" role from the settings page, then when you submit the modules page, it will automatically assign all perms available to that role.

Warning:

Rumored to conlict with User Protect module
http://drupal.org/node/143420

Version	Date	Links	Status
5.x-1.4	2007-Jun-23	Download · Release notes	Recommended for 5.x

AES encryption

In short, here's what this module does:

For site owners:
This module can provide you with readable passwords. Some users will be able to see other users passwords in plain text if they have a role with the permission to do so.

For developers:
This module can provide you with a very simple and easy to use encryption API. Just check out the aes_encrypt and aes_decrypt functions. It really can't get any simpler.

Note: This module requires the PHP mcrypt extension! It will not work without it.

Version	Date	Links	Status
6.x-1.3	2008-Apr-01	Download · Release notes	Recommended for 6.x
5.x-1.2	2007-Dec-06	Download · Release notes	Recommended for 5.x

Apply for role

Allows users to apply for a role and administrators to approve their application. The role will be automatically assigned to the user on approval.

Version	Date	Links	Status
6.x-1.3	2008-May-07	Download · Release notes	Recommended for 6.x
5.x-1.3	2008-May-07	Download · Release notes	Recommended for 5.x

Auto username

This module disables the "Username" field on user registration and user edit forms and generates a username automatically using a token.module-provided pattern. That allows for usernames that are, for instance, forced to be "Lastname, Firstname", "Firstname Last-initial", etc.

auto_username depends on token.module.

Status

There is one show-stopper bug in the 5.x-1.x-dev release: #254422: Using old data for tokens. A stable release of this module will be tagged after that has been fixed (and hopefully any other bugs, too). If you want to see a stable release, please fix that bug! :-)

Version	Date	Links	Status
5.x-1.x-dev	2008-Apr-14	Download · Release notes	Development snapshot

CAPTCHA Pack

The CAPTCHA Pack module contains several CAPTCHA types for use with the CAPTCHA module. The CAPTCHA Pack module is meant to provide lightweight, yet effective alternatives for the traditional image CAPTCHA, which is undesirable in certain situation (e.g. bandwidth restrictions, cpu restrictions, accessibility constraints, etc).

Version	Date	Links	Status
6.x-1.0-beta1	2008-Feb-13	Download · Release notes	Recommended for 6.x
5.x-1.1	2007-Dec-22	Download · Release notes	Recommended for 5.x

CCK groups

CCK groups provides a minimal set of groups functionality using CCK features.

Emphasis on minimal approach, anyone wanting a full groups solution should use Organic Groups (og) instead.

Example Use:

Limit access to a Case Tracker project and its cases to selected individuals.

Version	Date	Links	Status
5.x-1.x-dev	2008-Apr-25	Download · Release notes	Development snapshot

Content Access

Yet another node access module.
So this module allows you to manage permissions for content types by role and author. It allows
you to specifiy custom view, edit and delete permissions for each content type. Optionally you
can also enable per node access settings, so you can customize the access for each node.

In particular

• it comes with sensible defaults, so you need not configure anything and everything stays working
• it is as flexible as you want. It can work with per content type settings, per node settings as well as with flexible Access Control Lists.
• it trys to reuse existing functionality instead of reimplementing it. So one can install the ACL module and set per user access control settings per node.
• it optimizes the written node grants, so that only really necessary grants are written.

So the module is simple to use, but can be configured to provide really fine-grained permissions!

Version	Date	Links	Status
5.x-1.3	2008-Jan-08	Download · Release notes	Recommended for 5.x

Content Type Administration by Organic Group

USE THE 1.5 VERSION. Since the permission system only lets the admin allow/disallow creation of content types and can't specify WHERE they can be used, this module tries to solve that problem. This module allows the admin to limit content types available site-wide and by group. Group owners can then choose which types to use within their group. Group owners can use ALL content types ALLOWED to that group, even if that owner only ACTIVATES a subset of those types for use by his members. All regular permissions and roles are still valid and this module will not override your settings there. So, given that a user has permission to create a content type SOMEWHERE, this module will limit where exactly they can do that. You can limit or even forbid creation of content at the site level, at the overall group level, or at individual groups.

This module keeps track of which content types are available, where they are allowed, and where you, as the site admin, require they be used. See the README file for a detailed explanation of features. You may also be interested in the og_user_roles module which allows group owners to assign its users to roles. The REALLY COOL thing is that those roles only apply to that user while in that particular group; the role assignment is not global in scope!

Version	Date	Links	Status
5.x-1.5	2008-Jan-14	Download · Release notes	Recommended for 5.x

cosign

CoSign is an open-source project originally designed to provide the University of Michigan with a secure single sign-on web authentication system.

CoSign authenticates users on the web server and then provides an environment variable for the users' name. When the users access a part of the site that requires authentication, the presence of that variable allows access without having to sign-on again.

This module depends on the webserver auth module.

Version	Date	Links	Status
5.x-1.3	2007-Sep-06	Download · Release notes	Recommended for 5.x

dot_disclaimer

This module adds custom disclaimers to registration and content creation forms.

Version	Date	Links	Status
5.x-1.4	2007-Sep-12	Download · Release notes	Recommended for 5.x
4.7.x-1.1	2007-Sep-12	Download · Release notes	Recommended for 4.7.x

duplicate_role

Duplicate/copy an existing role with the same permissions for Access Control
and taxonomies, if exist taxonomy access control module, as the
original ones.

Version	Date	Links	Status
5.x-1.x-dev	2008-Apr-23	Download · Release notes	Development snapshot

Edit Authoring Information

This tiny module adds more granular permissions in order to let users edit a node's Authored by and/or Authored on field (without them being granted the all-powerful administer nodes permission).

Version	Date	Links	Status
5.x-1.0	2007-Sep-08	Download · Release notes	Recommended for 5.x
4.7.x-1.0	2007-Sep-08	Download · Release notes	Recommended for 4.7.x

Email Verification

This module provides advanced email address checking. The core of Drupal, through the user module, only performs syntactical checking of user-entered email addresses, both during registration and account edition. This creates loads of problems when users incorrectly enter their address. First, they don't get any email from the site. If it happened during registration, they will not get their password. They will either bug the site admin or give up on the site altogether, both cases being a bad thing. Second, the site admin will get email bounces, which soon gets annoying if you have a moderately busy site.

This module tries to solve this problem by checking that the address really exists when it is entered by the user. First, it checks if the domain/host part exists at all, and reports an error if it does not. I found that this step alone catches between 1/2 and 2/3 of typos. Second, it tries to validate the user name too, by sending a HELO/MAIL FROM/RCPT TO chain of commands to the SMTP servers for the found host. Some hosts will not reveal if the user name is valid ("catch-all policy") while others might refuse the check for some reason (for instance, some hosts refuse deliveries from IPs delivered to home users by Internet access providers). When in doub, we try to play it safe and rather accept some invalid addresses than to refuse valid ones.

Version	Date	Links	Status
5.x-2.0	2007-Jun-23	Download · Release notes	Recommended for 5.x
4.7.x-1.0	2007-Jan-07	Download · Release notes	Recommended for 4.7.x