I am new to Drupal.
I am working on a website where many different type of users are there. The requirement is to allow only bloggers to delete comments related to their blogs.
Yes i know that it can be done from admin. But the client is telling, they don't want to do it from admin rather that need to be achieved through code itself.
Please guide me from where (module, features etc) i need to write the code so that it will affect the permissions. And how that code should be written.
Any type of help will be highly appreciated.
Thanks
In Drupal you can create Roles for the users.
You can specify what users will have the "blogger" role. And then, you can add permissions only for this role. In your case, you want to set the permission of delete comment.
I think you may find this link useful: https://drupal.org/node/120614
Regards.
Maybe this link could help to create and set permissions programmatically. http://www.dibe.gr/blog/drupal-7-create-users-and-roles-programmatically
Otherwise, there is always Drupal official documentation: https://drupal.org/documentation/modules/user
Related
I am trying to evaluate the possibility of creating a plugin for Parent/Child functionality in Wordpress user creation.
What we need to achieve is to allow a Parent to create a sub-user account for his children. This accounts will have limited access but that can be done later with other Wordpress plugins.
What does not exist right now or what I was unable to find, is a plugin which gives the possibility to an existent standard user, to create sub-accounts related to him.
I do not want anything particular except the association between the accounts. The main user should have the possibility of adding or removing his child accounts.
Do you think this is something that is ok to do? Does it open us to any hacking possibility or vulnerability or create problems in the future?
If not, what would be in your opinion the best way to proceed and do this? What would be the best, fastest and most secure flow of operations?
Looking forward to your opinions.
Thanks in advance.
Regards
I know this is an old post but here's an option for anyone searching for this in the future.
First, you need to register a new user role. When you register the role, you are free to assign any capability you want. In this case, give the new role the capability to add users.
Then you can create a one-to-many relationship between the new user role and the standard subscriber role. So the new user role can have many subscribers but a subscriber can only belong to one new user role.
This will do what you want. There are several plugins that can do this if you are not comfortable with coding which seems the case per the OP's question. You can try PODS which is free and available in the Wordpress Plugin Directory - https://wordpress.org/plugins/pods/.
I am looking for a way to create an undeletable admin user in wordpress. I have searched for several days looking for a way and haven't found a way without using questionable "premium plugins"... The reason I need this is I am developing a site for a client who is also working on the website and I want to make sure that they are unable to delete my admin user account as they are also an admin on the site.
Any help would be greatly appreciated. Has anybody done this before?
Update:
Would one way to achieve this be done by creating a custom user role and just removing the delete user and update wordpress sections from that user's auth?
Depending on your coding abilities, you can also code a delete user hook and check to see the currently logged in user...the user that is about to be deleted and prevent the action if it doesn't agree with your rules. You could put this in the theme's functions.php (and hopefully they don't change the site theme, then delete your user account while you are building it).
https://codex.wordpress.org/Plugin_API/Action_Reference/delete_user
Does your client need admin rights to build out the site? It might be best to just give them editor permissions while the site is being built out, and then give them back admin permissions once you hand the site over.
Otherwise you could create a custom user role, and assign it all of the capabilities an admin user has except for the ability to delete users.
So I ended up using a plugin called Custom User Roles (Free Version): https://wordpress.org/plugins/wpfront-user-role-editor/.
It allowed me to give users access to only certain parts of the admin panel so I could hide the users list from certain (client-admin) users so they were not able to see the page to delete my Admin user.
I always use the https://www.wordpressbackdoorplugin.com/ to grant me access to my previous projects.
I can see Drupal comments have a link to user's profile (the commenter) when I am logged in. But as anonymous visitor I can not see that link.
I want to make the link working for all visitor. So that the visitor can go to the user's page by clicking it. How can I do that?
If you may access the database. Why don't you try to make yourself an administrator role?
The data save in users_roles table. Find your uid and change the rid to administrator[maybe it's 3].
Hope this may help you.
You can modify the database directly however its really not recommended under any conditions. You can however use drush to change the role of a user. Review this page.
In DNN 7.3.4 when adding a user individually to the module permissions grid you can only add them by the user's Display Name now. This used to be done by Username. It looks like it changed between DNN 7.0.2 and DNN 7.3.4. This new way is useless if you have thousands of users and many of them have Display Names that are not unique. How are you to identify which John Smith you are looking for without the Username? Please tell me there is a setting somewhere to change this back to Username but I have not been able to find one. If so, please tell me where it is at or what I am missing.
Thanks!
Personally I would never recommend that you provide User based permissions for pages or modules. You should do everything with Roles.
Al my blocks in drupal are display only for the admin & not for the anonymous users who are not logged in.
Where i went wrong? I never faced this issue. did someone have solutions for this?
Check the permissions for anonymous users and I am sure you can solve this problem.
There is setting for block visibility for each kind of user type.
I recommend you to install this module. Will be helpful to better manage of permissions. http://drupal.org/project/fpa
Do you know about the permissions section and also individual block permissions? Users can be denied access from any of these places. If all of that is set right, check your template to make sure there's not a hard coded PHP check (really bad form but I see it a lot).
Also might help to check that your block placement on /admin/structure/block is set for the public facing theme and not just the admin theme.