To control access to group content it is necessary to add another field to a group content type. From the Organic Group configuration page, click on OG field settings.

This next page requires some careful study. If you have already added a field for Group roles and permissions or Group visibility this should be easier to understand. The goal is to add a field to the group content type that will allow the control of access to group content.

  • First, select the group content type from the select list labelled Bundles.
  • Next select the Group content visibility option in the Fields list.
  • Third, click the Add field button.
  • Lastly, the new field will appear in the 'manage fields' table of the group content type.

To confirm this field has been added, navigate to the Manage Fields tab on the content type (e.g. /admin/structure/types/manage/group/fields). There you will see the new field with the machine name of group_content_access.

Note: adding an OG visibility field to a group content type, automatically results in a visibility field in the content types that provide posts for groups.

Next, go to a post in a group and click on the Edit tab. Alternatively create a new post that can be added to a group. You will see the new field in the edit content form. Select Private - accessible only to group members and save the group.

Notice the group content page now indicates this new setting.

Now, if you view the Group content page as an anonymous user (or a user who is not a member of the group or who does not have administrator permissions) you will get an Access Denied message.

Comments

adiliaalves’s picture

adiliaalves commented

I did all these steps but I can not resolve a critical problem. All works well except that I can not create content public to anonymous users. Anonymous users can not see any pages. Urgent help would be apreciate. Thanks in advance.

roald’s picture

roald commented

Good tutorial!
I'm left with one question though:
The group_content_access field generates apparently by default the following dropdown-list:
0|Use group defaults
1|Public - accessible to all site users
2|Private - accessible only to group members

The two latter options are pretty obvious, but the first is unclear to me. Where are the "group defaults" defined?

Harry Slaughter’s picture

Harry Slaughter
Location Omaha NE USA
commented

roald, check out admin/config/group/permissions

--
Devbee - http://devbee.net/

nrackleff’s picture

nrackleff commented

It appears that this field is added by default on node entities. It that true for the current 2.7 version? When I went to the field settings screen, it was already there. I can delete it, but I am having trouble figuring out what to export in a feature that would pick up the fact that it was removed. Any suggestions? I do still want the visibility setting to remain in place at the group level, just not on the individual pieces of content.

bertstruik’s picture

bertstruik commented

Please supply an example of how a content posting is assigned to a group, where the posting is meant to be private to the group? In the example above, the content appears to be posted by default to the group to which the poster is a member. If the poster is a member of more than one group, how is the posting assigned to one of those groups? I used the field "Group audience" in the content type, along with the field "Group content visibility". When I assign the content to a particular group using the Group audience field, and, choose "Private - accessible only to group members" using the Group content visibility field, then the content is not visible to anyone but the administrator; not even the poster. Choosing "Public..." or "Group default" from the Group content visibility field makes the posting visible to the group members and does not appear to make it public to those not part of the group.

nerdoc’s picture

nerdoc commented

I have the opposite problem. I have exactly the same settings as here in the tutorial, but it seems to have absolutely no effect on content privacy. Despite having "private" as group default, AND having "private" in the group content visibility field of the node, anyone, including anonymous users can view the node.

Is there a possibility to debug where in the code this access grant was given? I struggle with this problem for days now.

ejanus’s picture

ejanus commented

Do you have content_access or another content access module allowing access to the node? If one grant is given and no grant_alter runs to prevent the view on page load, then that node will be visible regardless of what other modules permit for grants. You also may want to make sure you rebuild permissions.

- Erek J

And then there was Drupal
pslcbs’s picture

pslcbs commented

I found the solution in this post where you can find this comment:

I was able to get the two access modules to play nicely by lowering the priority for the Content Access module. While editing access for a node type (admin/structure/types/manage/TYPE/access), there is an Advanced fieldset near the bottom of the page. Inside that fieldset is the option Give content node grants priority. Setting that below the priority of the OG Access grants will solve the problem (setting it to -1 worked for me). The Devel node access module was helpful in debugging the issue.

Hope this helps, it worked for me.