I'm quite new with drupal, and i didn't manage to find an answer in forums or searching the web with google.
I'm trying to forbid access to users of specific roles to nodes of specific content type witch are in a specific workflow state...
I manage to make the nodes disappear from wiews but using the link to the content in the navigator address bar still gives access to it.
Is there a way to really deny access instead of just make it disappear from views ?
Thank you.
Although you hide the node from views, this users can access the nodes via url.
You can use the nodeaccess module to hide its nodes.
Also you can use content_access to restric entire content types.
https://drupal.org/project/content_access
https://drupal.org/project/nodeaccess
I hope it's useful.
Regards.
Related
I'm working on a site which is going to be used by different schools my company that is working with. A school will have a specific user account and I want to be able to provide school specific content that will only be visible for the logged in school (pdf:s etc).
I've been looking around but haven't found a straightforward solution for this yet (is there even one?). So, what is the best way of doing this?
First of all you have to create a custom role with certain capabilities with the add_role() function and then show content based on the capabilities the current user has with the function current_user_can() you didn't mention if the content will be in the backend or frontend but the principle is the same.
Edit:
Also this plugin seems to cover what you need link
I am using SDL Tridion 2011 and need to take the permissions off from the user to localize a structure group so that he does not make any changes in the name of the structure group by localizing it. However, even after removing the rights and permissions and making the structure group ‘read only’, the user is still able to localize the structure group by right clicking on it and going to properties. Please help if there's any resolution for it.
Also, is there any way we can restrict the user from unpublising or updating a page?
Permissions on a structure group control what you can do to the things it contains. Remove the localize permission in the parent structure group instead.
To prevent unpublishing you can do any of the following:
Remove the Read permission.
Go to the Security tab in the properties of the relevant publication, and remove the right to Publish to Content Distributor
Go to the Security tab of the relevant Target Type, and remove the Use Target Type permission
To prevent them updating a page, remove the Write permission, although be aware that editing the page allows them to modify the page composition, and that controlling this doesn't prevent changes to the content if the person has permission to modify the relevant components.
If none of these is sufficient, then you will need to implement a custom solution with either the events system, or workflow.
Inspect the properties for your Structure Group and go to the Security tab. Check which users/groups have the localize right and then see if your user is a member of any of those groups. Groups can be members of other groups, so you may need to check recursively to find where this ability is being allowed from.
Also make sure that the user is not an Administrator.
To prevent a user from unpublishing a page then you need to make sure they do not have "Publish to Content Distributor" rights at the Publication level. If they need to be able to publish pages, but not unpublish, you will need to take care of that by writing an Event System.
To prevent them from updating a page, you need to consider the Write permissions on the containing Structure Group.
I have come across this problem in the past but never solved it.
I am on the verge of finishing a Drupal site for a client. I created two content types and gave him the permissions necessary to edit any occurrence of these node types.
The strange problem is the client can edit any node of type product_type except for one particular node of the same type.
So in other words, all nodes of type product_type are editable except node/3.
Do you have a node access module installed, like Content Access or Taxonomy Access Control? If you do, it could be that there are per-node permissions set and your client's role doesn't have permission to edit that node, or it could be that it is tagged with a particular taxonomy term which prevents him from editing it.
If you don't have any extra node access modules installed, is it just that the link to "Edit" is missing in the tabs section of the page? Can the client type in "http://example.com/node/3/edit" and reach the edit screen that way?
If you supply an answer to these questions in the comments, I'll edit this answer as best I can.
Check the author of the node. If it's different than the client's user account that may account for the problem. If that does not work you may need to "rebuild permissions."
I found out what the issue was. The client account could not edit anything with full-html input format.
I enabled that at /admin/settings/filters and it works just fine now.
Thanks for looking in.
I'm currently working on an ASP.NET 3.5 intranet that uses role-based security, both on the page level and the page content level in some cases. I'd like to implement a site-wide search, but restrict results according to what the current user would normally see when they visit a given page. I suppose it would have to index the site separately for each user?
I've searched the ASP.NET community control gallery as well as Google, and have not found anything that can index in such a specific way. Can anyone offer a link to a pre-built control/solution that will handle this scenario, or a custom technique that I could try?
Thanks.
Basically, for each URL you retrieve you could have extra attributes to map the user to the resource as follows:
<a href="~/somepage.aspx" id="someLink" RoleAuth="xxx" RoleArgs="yyy" runat="server" />
Then you could use a Web Part, control, etc., to display each result link based on the user's logged-in credentials :-)
If you store somewhere that what content is accessible to what roles then it is only matter of another join in your query.
Another but expensive option is to get the search results and then filter them based on the accessibility of requesting user.
Right now, when I create a media item, I can view it as admin by going through the Media then clicking on view, eventually I end up at [mysite]/blog/?attachment_id=31 which is a nice reduced version of the image (which can be clicked to appear large), and which has the nice feature that there is a place to leave comments at the bottom.
This is great for administrators. But I want anonymous users to be able to look at 5 different, fairly similar images, and make comments on the pages separately. So I'd like for the anonymous users who navigate to [mysite]/blog/?attachment_id=31 to find the same page the way it looks to admins.
But when going to that URL as an anonymous user instead of the image with comment form I get:
Sorry, no posts matched your criteria
So, how can I enable this permission for anonymous users?
If this is not possible, please rephrase the question as, "What is the best way to use Wordpress to get a bunch of anonymous people to vote on 5 different layouts and also to be able to comment on each of them separately, as I am trying to do at http://christian-filipina.com/blog/ ? (None of these are public URLs, please don't link to them.)
Do I need to create a page for each of those separate layouts and then use HTML to link to the variously-sized versions of the images?
When adding an image to the post make sure that "attachment page" is checked instead of "image file" This should fix your problem. See: http://codex.wordpress.org/Using_Image_and_File_Attachments