Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Hi, I really like this module. Thanks for your work.
I wonder is it possible to set permissions based access on a per Custom Contextual Link basis?
Usage example, I have a view, and I'd like to display a CCL for the author of the node in which this view is being displayed (or indeed, anyone with editing rights on that node).
Could this be possible?
(currently on dev from 2012-01-08)
Comments
Comment #1
bkoether CreditAttribution: bkoether commentedHi ddunn,
Possible, yes, but the question is how far you want to go.
Should this access control based purely on roles or would you like to see go down to the 'per user' level?
I thought about implementing this beforehand but would like to get some more input about what people exactly would like to see.
Comment #2
circuscowboy CreditAttribution: circuscowboy commentedI am quite happy how the permissions already work. If you put a link to add content it will only show up to people who have that privilege. CCL checks page access before displaying. If the author of the node had edit own and only people needing access had edit any CCL should work out of the box - Please correct me if I am missing something.
Comment #3
mikeybusiness CreditAttribution: mikeybusiness commentedI think I would be happy with something similar to the block system. While creating a new custom link, I would love to select a role that can see the custom link.
A common thing that I am using CCL for is adding content (node/add) from a view.
When I turn on Contextual links for a role, they can see the custom contextual links for all views that have them. This occurs even if they don't have access rights to add content that the view is listing.
That being said, I am sure that there are more granular needs. I could see some way of hooking ccl into to the context module for more powerful applications.
Thanks for the module. It's handy-dandy!
Comment #4
bkoether CreditAttribution: bkoether commentedHi mikeybusiness,
As circuscowboy pointed out, every link goes through access control, meaning if you create a CCL that points to 'node/add/news' only roles who can actually create this content type will be able to see this link. So even if you attach a CCL to view, your basic permission setup will determine if a user with a certain role can see the link, which means that what you describe here
should not be possible.
The one thing that I want to avoid is that CCL would open up the opportunity to bypass the core access control system.
Comment #5
bkoether CreditAttribution: bkoether commentedNo activity for over 3 months. Closing.