I need to create a website for a client using Drupal 7, the only problem is that I don't know how to handle multiples login forms and permissions.
The goal is that A type of user must be allowed to browse and do some stuff on the website but they can't post offers, however B type of users can only post their offers and manage their contents, the system is just as Upwork.
How can I achieve this ? I'm not good at PHP but I know how to use Drupal, so are there modules that can help me to do what I want?
This is exactly how Drupal works by default using role based permissions. You won't need to install a module or have different login forms.
Start by creating different roles. RoleA can view certain content types and maybe post comments. RoleB can do everything RoleA can do plus post offers and manage their own content. You can control create/edit/delete permissions by content type. It can all be done using the point and click admin interface.
On admin page /admin/user (root relative path to admin page) you can see your site users. There's also link "+ Add user" for creating new user. So if you edit/create an user, on user edit page there is a section "Roles" where you can set what roles that user can use. One role may be "Browse some stuff" and other "Edit some stuff".. You can add/edit roles at admin page /admin/people/permissions/roles. So create the roles you need there.
And to precisely set what role can do what there is admin page: /admin/people/permissions. So when you create all the roles you need, go to that page to set permissions and after that you can assign roles to your users.
Related
I have a Wordpress site that the client wants to set a couple of users up on, purely for creating, editing and deleting blogs. They want to assign these users the 'author' role and when they log into the admin area, they only want them to see the post type 'posts'. They do not want them to have access to media or any other custom post types. Does anyone have any ideas on this please?
User Role Editor plugin (https://wordpress.org/plugins/user-role-editor/) has always served me well in cases like that.
As the description says: User Role Editor WordPress plugin makes user roles and capabilities changing easy. Edit/add/delete WordPress user roles and capabilities.
Sounds like the Groups plugin is what you're looking for here. I don't think that functionality is possible within stock Wordpress.
This allows you to further segregate users and permissions, restricting to posts, etc.
I have written a plugin, where pre-created users can log in to the system and configure the application. Problem is when I give them higher roles they can view other content on the back-end of the site.Such as creating posts, pages and etc. If I give law level role such as subscriber, user can not view the pluging page. They can't do any configuration.
What I need is only give permission to view my admin panel.
This is the code I create admin panel in wordpress.
function oscimp_admin_actions() {
add_management_page("Pages", "My Pages", "activate_plugins", "Skill-Pages", "skills_list_admin");
}
I would like to create a user from subscriber and allow only to this plugin's admin panel. Can we do it?
You can resolve this with add_cap() method of Wordpress. http://codex.wordpress.org/Function_Reference/add_cap
Also you would like to read those articles about roles and caps: http://www.garyc40.com/2010/04/ultimate-guide-to-roles-and-capabilities/ and http://wp.tutsplus.com/articles/quick-tip-user-permissions-and-your-plugin/, no doubt they will help you
django 1.5.1
django cms 2.4.2
i am just learning django-cms and am working on my first test site. I searched this site and googled for these questions but can't find any answers which is why I am posting here.... Any help would be appreciated!
Through the admin page (as superuser) i added a group with permission to add/change/delete pages in addition to other permissions.
I create a user and assign the user to this group.
First of all, if i don't specify that user as staff then they can't access the admin site to login to begin with - this just doesn't make sense to me: what's the point of a user who never has the option to log in? Or is there something I'm missing - is there another way to log in besides the admin site itself.
Second, after marking that user as staff, and keeping in mind that the user is a member of group with permission to add/edit/delete pages, when the user logs in he can perform other admin tasks that he was given permissions for but still can't add/edit/delete pages. Although pages shows up as an object there is no link to the page list.
The Staff setting is to differentiate between users who are allowed to access the Django admin and users who aren't i.e. regular users who have signed up to your website via a registration form.
I had the same problem as you creating a new non-superuser user and not being able to add or edit pages as that user. It turned out that I needed to set CMS_PERMISSION = False in my settings.py.
If CMS_PERMISSION == True, you get a more fine-grained permissions framework where each page has its own list of users who are allowed to view and edit it, so permission to edit is done on a page-by-page basis (unless you're a superuser). If you don't need that functionality, I suggest you turn it off.
If you do want the more fine-grained permissions system, but you also want some users to be able to edit any page on the site, log in to django admin as a superuser and look at Cms -> Pages global permissions. From there you can give blanket edit rights to any user or group.
My website doesn't need the user login functionality. Only some users need to post new nodes.
How do I remove the user registration and the login forms in Drupal?
While it's technically possible to remove the login functionality, you shouldn't, because then your administrator could never log onto the site.
In order to remove the register functionality, you simply need to browse to admin/user/settings (for Drupal 6) or admin/config/people/accounts (for Drupal 7) and select the the "Only site administrators can create new user accounts" option.
While jhedstrom answer does work, I particuarly find that it doesn't fully address the issue.
Here's a simple way to remove the login form from the site on Drupal 7.
First, let's create a new simple page called Admin. Simply go to Content - Add Content - Basic Page. Enter whatever details you'd like such as title, body, etc. just make sure that under URL path settings you specify a common alias for adminstration, I used admin.
Second step, let's make sure that the login form only shows on the admin page we just created. Navigate to Structure - Blocks - User login (note tat the block name may vary from installation to installation), and hit Configure. Under Visibility settings select the option Only the listed pages so that the block only shows for the pages you specify on the input, and enter the alias you set on the step above (admin).
Finally, let's ensure that only administrators can create accounts, by following jhedstrom's suggestion. Go to Configuration - People - Account settings, then under Registration and cancellation, ensure that the box for Administrators Only is selected for the Who can register accounts? option.
I think this is a much nicer and detailed approach to ensure that the login form isn't displayed, considering you don't need people creating accounts on your site.
You can override it using hook_menu(), move login page in any other suitable for administrative needs place
You can disable the forms all together. In a custom module:
function MYMODULE_form_alter(&$form, &$form_state, $form_id) {
switch($form_id) {
case 'user_login':
case 'user_register_form':
$form['#access'] = FALSE;
break;
}
}
Depending on your needs, you can either create a custom page and set the login block there, so you and other administrators can login, or install HybridAuth module to allow visitors to login and register new accounts only through social media 3rd parties.
You can use the Disable Login Page module to disable the login page completely for the general public. Only the webmaster or site admins who have access to a secret key/value pair will be able to access the login page. Everybody else will get access denied at user/login page. This will work in Drupal 8 and Drupal 9.
I am developing a asp.net web site, having folders student, admin..i both student and admin folder have registration and login page, i want to know how can i access limit of admin folder pages by any user. Basically i want that the admin folder registered ppl should have access to all the pages of student section if they can login using Id, Password...but i don't want any of student to access even the login page of admin section irrespective of even any student know URl for the admin login page, registration page(because i don't want him to register at all) also i want to know ho can i again sub divide the a few limits for the some other admin. Basically i want to set roles that admin can access all web site pages but student even cant access that admin folders pages and again some different kind of admin cant access a few pages from the same admin section page please elaborate me on this how can i achieve this ?
I would recommend looking at the Role Manager that is built into ASP.Net starting with version 2.0. Rather than attempting to explain all the details I am providing the following How To from MSDN that will show you How To: Use Role Manager in ASP.NET 2.0.
Once you start using it you can then come back and post some more specific questions if you have any problems.