Extend and customize Drupal functionality with contributed modules.
If a module doesn't quite do what you want it to do, if you find a bug or have a suggestion, then join forces and help the module maintainer. Or, share your own by starting a new module.
This module enables access control based on (and so requires) the Node Relativity module. It propagates the grants from a node to its descendants. You should use another module like content_access to provide the grant to the ancestors.
Just enable the module and select the content types that will inherit the grants at /admin/settings/relativity/access.
Allows overriding page nodes on a domain-specific basis.
Provides an "Override" tab on node pages that removes the current domain from the node's domain access, clones the node, and publishes the clone to only the current domain.
Copies translations of the node being overridden (if any), too, so they're considered translations of the newly created node.
Sidesteps need to use multiple url_alias tables (with Domain Prefix). Makes Drupal interpret the URL alias for a node that's been overridden as a path to this domain's version of the node. Example: node 1 (the node at node/1) is published to all domains with the URL alias contact-us. You visit the node from the subdomain "cats" and select the "Override" tab. Now a new node has been created (node 2), that's published only to the "cats" subdomain, and node 1 is no longer published to the "cats" subdomain. When you visit http://site/contact-us you'll see the content of node 1. However, when you visit http://cats.site/contact-us, you'll see the content of node 2 -- node 1's override.
This small module provides a redirection feature instead of providing the default domain contents in the Domain Access suite.
In a nutshell, subdomain redirection handling will be shifted from your domain's DNS settings to your Drupal installation, redirecting all subdomains to the specified URL while still serving Drupal content to the subdomains set in Domain Access.
The Mode module is a utility module that allows administrators to manage different permission sets and switch between them conveniently. It works by manipulating the permissions table during each switch.
Example scenarios where this module will prove useful:
File access by node type allows website administrators to select which roles can access files belonging to nodes of a certain node type. This goes beyond simple field permission, since there can be situations where users might embed an uploaded file into a Body textarea, or a WYSIWYG editor.
This module allows the restriction to work even in those cases by intercepting the file download before it happens. It also respects other access control mechanisms, since it defaults to either restricting access, or delegating it further. If the file download is not denied, and no other module is there to make a second decision, then it will download it. This allows for future integration with other modules and should be consistent in how Drupal handles access control.
Sometimes you want to be able to give simple URL access to content that would not normally be available to a particular user (or perhaps someone not even registered with the site).
Deep link module allows the direct access to a specific item of content under certain circumstances and limitations. Such as one-off or time-limited deeplinks.
The deeplink module provides a framework for generating special URLs which can be inserted into emails that allow access to a content item or page, and tracks the uses of that link.
The controls that go with deeplink provide the means by which users are selected, one allows selection by user - so only users will receive the deeplink and only those users will be able to use it; and by email: this allows you to enter a set of email addresses that will be sent the deeplink URL. Obviously this one is more limited in that unregistered users can look at the content.
Other controls, for example to select by role, could be built.
The Custom Listing Pages module provides the ability to create custom pages with data from existing content types.
- Display data from an existing content type with various options including:
- View Mode to display.
- Filter by one or more taxonomy vocabularies linked to the content type selected.
- Filter further by the tags for each selected taxonomy vocabularies.
- Sort by (title, last updated date, created date)
- Sort order (ascending, descending)
- Entries to display per page (pagination)
This module differs from Views as one of its main goals is to allow a content editor to publish listings of content without requiring administrative rights to the Views module. In a larger environment, you may need site builders or delegated site section owners, to create a listing of selected content. Using this module, this can be done and it's as simple as "Create new content" of type Custom Listing .. select the content type "profiles" , filter the output by selecting any assigned taxonomy terms and then select one of the pre-defined view modes. The Site Administrators will have created standard entity view modes for the selected content type, which can be themed with the necessary fields.
Secure Notes helps solve the problem of exchanging sensitive information with people who do not have the same tool-set or skill-set. It provides a system, similar to password reset links in which a one-time node creation link can be sent to a person's email address. This is meant to solve the problem of exchanging sensitive passwords via email.
TAC Redirect 403 extends the Taxonomy Access Control module by allowing you to specify a redirect URL for each taxonomy term. When a site visitor navigates to a content page that is restricted by a taxonomy access control rule, instead of Drupal's standard 403 (Access Denied) page being displayed, the visitor is redirected to the URL entered for the restricting term. This can be used to send people to custom "upsell" pages.
For example, if your site has the taxonomy terms Basic and Premium, and these are used to designate content as only available to members at the corresponding membership tier, this module lets you redirect visitors attempting to access restricted content to a signup form for purchasing the necessary membership level.
This module allow administrators of an ubercart store to allow access to view / edit / delete / change status of orders only to certain roles and based on current order status.
View orders by status and role.
(This feature replace 'view all orders' from Ubercart with view orders by status. For example you can now select for "role1" to view only New orders but not Completed ones. Also the user can search only orders that he has view access. Be careful that when you have 'view all orders' selected for that role this function is disabled and the user can see all the orders no matter of order's state.)
Edit order by role and status.
Delete order by role and status.
Change orders status by role and current order status.
This is useful when you are running a store, powered by Ubercart and you have certain users that handle the orders. For example if a group "shipping" only has to put orders in "Processing" or "Shipped" but NOT in "Complete" or "Payment Received" this module allow you to achieve this goal.
Field Access API provide an wrapper to let other modules easily implement any access criteria for fields, both for view and edit mode.
It let developers define any custom rule for granting or not access to a specific field.
It is an API module, so doesn't provide any end-user feature on its own, and is intended for developers. Install it only if another module requires it or you want to make your own implementation.
The predelete module hooks into the deletion process of nodes. By default it is not possible to react on a deleteion attempt before the deletion of a node. This is cured by providing the hook_predelete_node(). Other modules may implement the hook and add custom checks on the node that is about to be deleted.
The module ships with an API documentation and an example module that provides a single checkbox field. Nodes that contain the field could only be deleted if the checkbox is checked.
The IP List module allows administrators to maintain and search list of IP addresses and IP address ranges, and associate each address or range with an arbitrary organization (string). The module doesn't do anything with this list, but the list can be integrated into other systems.
This module was written to be integrated with a Varnish ACL (access control list) and thereby allow non-technical administrators to manage a list of IP addresses and ranges that can bypass a content paywall.
Reduced node edit lets users edit a node even if they don't have access to the body's input format: in that situation, the body field will be hidden, but the user will have their normal edit access to the rest of the node. A good description of the problem is in issue #91663:
Users lose (or don't have) edit access to nodes that they should be able to edit, given their roles and associated access control settings.
The node.module node_access() function denies 'update' access to a user, if a node has an input filter assigned that the user cannot access.
This can be a problem because a user can create a node, the administrator may alter input filter permissions so that the input filter used to create the node is no longer accessible to the user (or edit the node and assign a restricted input filter to the node) - and the original user can no longer edit a node (the edit tab disappears from the node menu, and if the user tries to access the edit function via /node/x/edit URL, the users receives an access denied message.)
This module will hide the body textarea in those cases where the user doesn't have access to the input format; they can still edit the title and other fields that they do have access to.
Remember: There is no way to completely stop someone who knows their stuff from copying your content!
This module isn't useful in most cases, but can be helpful if you're trying to deter people from copying your content.
The Open Semantic Framework (OSF) for Drupal is a middleware layer that allows structured data (RDF) and associated vocabularies (ontologies) to "drive" tailored tools and data displays within Drupal. The basic OSF for Drupal modules provide two types of capabilities. First, there are a series of connector modules such as OSF Entities, OSF SearchAPI, OSF Field Storage and OSF Views to integrate an OSF instance into Drupal's core APIs. Second, there is a series of module tools used to administer all of these capabilities.
By using OSF for Drupal, you may create, read, update and delete any kind of content in a OSF instance. You may also search, browse, import and export structured datasets from an OSF instance.
OSF for Drupal connects to the underlying structured (RDF) data via the separately available OSF Web services. OSF Web Services is a mostly RESTful Web services layer that also allows multiple Drupal installations to share and collaborate structured data with one another via user access rights and privileges to registered datasets. Collaboration networks may be established directly to distributed OSF Web Services servers, also allowing non-Drupal installations to participate in the network.
Have you ever encountered a scenario when you have content for which you are setting view permissions and you find you would love to require your users to have two of your existing roles to view it? By default Drupal will allow users with either of those two roles to view the content, and your only recourse is to find a module like Taxonomy Access Control to control your access from a separate location, or to create a 3rd role and require it to view the content (and then assign that 3rd role to untold numbers of users).
Access Join solves that problem! With either blocks or nodes (node usage requires the Content Access module) you can select a group of roles and with the flip of a radio selector change that content to require all the selected roles for access!
Access Join essentially allows the 'AND-ing' of roles together when setting which roles can view content. Drupal's default behavior is to use OR when looking up which roles have access to content. The module works for blocks and (with a very small core hack) nodes.
This is a proof-of-concept module. Don't use it on a production site. This is an API module, and it does very little by itself. You probably shouldn't install it unless another module tells you to do so.
The original purpose of the module was to create a user-level access system for all entities. The high-level goal was to make it easy for a module to get an answer to the question "does User A have access to view the comment with ID 37?" The low-level goal was to create a system that allows simple granting/revoking of access to perform certain actions on entities, and this system should work with minimal changes across the rest of the Drupal site. For example, if User A does not have access to view node 42, then that node should not appear in Views listings for that user.
However, the reason this module was written was to make it easier to build a system for user-controlled privacy settings. That architecture has gone down a different route, and the code in this repository currently doesn't reflect that effort and won't be continued. I may still end up putting the user privacy effort at this namespace, but it will look very different than what is here now.
The goal of this project is to provide a method for users to easily configure access settings to their own entities. The interface for configuring access will come from a shared access field attached to the entity.
Implement field hooks to define the new shared_access field type.
Define formatters and formatter settings.
Implement an extendible access controller class structure for defining access realms and their underlying functionality.
Define several default access realms (user, organic groups ... perhaps a few more).
Implement field hooks so that a form shows up on the entity content page.
Implement a standard sharing settings form that can hook into the access controller classes and be used to control access to the entity.
Provide autocomplete functions and hooks for displaying user name/og suggestions as the user types
Implement access hooks and query/query_HOOK alter functions to control access
Implement field access hooks so that the form only shows when the owner or configured admins view the page.
This module does nothing on its own, other than to attempt to make harmony out of multiple node-related "access callback" changes made in the hook_menu_alter() implementations of various modules. It does this by ensuring that its own "access callback" handler is called for each of several node-related menu paths ('node/%node', 'node/%node/edit', etc.). This handler then calls all other "access callback" handlers for the given path, returning TRUE if any handler grants access.