Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.This project is not covered by Drupal’s security advisory policy.
Overview
This module is useful for sites that share a guest account by more than one person. For example, if you have a conference website and want to provide a special download area to conference participants, you may consider creating a role "guest" and one user "Guest user" that only belongs to that role. At the conference you provide the username and password of that Guest user to all participants.
Like the Anonymous user, the Guest user should not be able to edit anything on the site, but just have additional view (download) access. Drupal core lacks to support this situation. It only offers you disallowing the Guest to edit her username, via the "change own username" permission, but may still allow the Guest to edit other profile items such like password, e-mail address, upload photo, custom profile fields and other settings. This module closes this gap.
Details
This module adds a permission called "edit own user profile". If you ensure the roles "anonymous user", "authenticated user" and "guest" all do NOT have granted that permission, while all other roles do have it granted, the Guest won't be able to change anything on her profile, while all other authenticated users will still be able to do so.
The Guest will not see any tabs on her profile page (at "user/[UID]", where [UID] is the Guest user's actual user ID number) to edit it. If she directly calls any path below her profile page "user/[UID]/X" (eg. "user/[UID]/edit" or "user/[UID]/edit/password") she will be redirected back to the profile view page.
Similar modules
The Comparison of user edit protection modules gives a compact overview of similar modules and their differences. From these modules, only "Guest" (this module) allows restricting changing of custom fields of the user's own profile. This module ensures that Guest users may only view their profile, but at no circumstances may edit anything.
Drupal 6 EOL
Since Drupal 6 has reached its official End of Life (EOL) on 24 February 2016, this module has been unsupported since that day as well.
Drupal 7 and higher
I will not release this module for a Drupal version higher than 6. For Drupal 7, I recommend using the "User Read-Only" module with the following Default settings for all fields:
Restrictions mode: Only ALLOW changes to users with these roles.
Roles: Select all EXCEPT authenticated user and guest roles.
When restrictions apply: Hide the fields.
Project information
Unsupported
Not supported (i.e. abandoned), and no longer being developed. Learn more about dealing with unsupported (abandoned) projects- No further development
No longer developed by its maintainers. - Module categories: Access Control
2 sites report using this module- Created by roball on , updated
This project is not covered by the security advisory policy.
Use at your own risk! It may have publicly disclosed vulnerabilities.
