I am trying to restrict access to a particular node (NOT node type) in Drupal.
I'm not finding a good module to be able to do this (or I am not understanding how to).
It seems like Content Access might be a good one - but I see no way to make access to a specific node not be granted.
How is the best way to restrict access to one particular node in Drupal 6?
Node Access should do the trick
Provides global and node specific security permissions by role and user account.
Global security for all content types and nodes (default).
Per content type and all nodes for the content type.
Per node security scheme
Emphasis mine.
The Content Access module is indeed a good one.
After installing and enabling, go to Home › Administer › Content management and select the content type you're interested in. Click Edit and then the Access control tab. Look at the bottom of the page at the panel Per content node access control settings.
When you enable this a new tab for the content access settings appears when viewing content, allowing controlling access for each individual node.
If you're looking for even more fine-grained per node access control, take a look at Flexi Access (however it is currently for Drupal 7 only). It is set up to control access per node by default, and also let you create and maintain access control lists, breaking access control down to both per user and per node.
I am using both of these myself, and they work.
For more options, see the page: Overview of Node Access modules # Drupal.org.
Related
I wanted to give sulu a try and so far it looks nice. So installed a minimal version via composer, defined some page templates and everything worked so far. Then i added a new localization as described in http://docs.sulu.io/en/latest/book/webspaces.html and http://docs.sulu.io/en/latest/book/localization.html. Which is not working.
As described i simply added <localization language="de" default="false"/> to the list. But i cannot access the content of the new locale and moreover the starting page content.
The error i retrieve is a permission error:
Operation forbidden The available permissions are not sufficient for this operation
I've checked the permissions and every available permission is granted to the user. Now i am stuck.
That's because you don't have these permissions in the correct locale. The User Role only describes what the user is allowed to do, but it doesn't describe in which language. That's because we don't want to have uncontrolled of user roles. Imagine you have a big homepage, with english, german and french content, then you would have to create three roles: Content Manager EN, Content Manager DE and Content Manager FR. We have chosen a different way.
In a user role you don't describe in which language these permissions apply, you do that on the user instead. Go to Contacts, select the contact with your user, and choose the permissions tab.
In the permissions section on this page you see a table with all the roles, the one being assigned are checked. The dropdown on the right describes to which language this applies. You probably haven't assigned the language to your new user here.
Want to make alfresco site read only in alfresco community 5.0 so that no one can make any changes or edit that during migration.
I already tried changing the user/group permissions but that method doesn't work properly. Is there any other way to make the sites read only?
You need to make all sites in read only mode and so entire Repository should be in read-only mode for migration!
Try this property in your alfresco-global.prop file
server.allowWrite=false
Please check this for reference
The best way to make a site read only would probably be to modify all members of that site to have the consumer role (this would prevent them for creating new content or editing any existing content).
Unfortunately there is no bulk capability built into the UI to do this, however it should be a relatively straightforward exercise to create an admin only custom WebScript to achieve this. It would necessary for the Admin to become the site manager of each site before attempting to change the role of each site member, but there is an API for doing this.
Alternatively (if you have only a few sites) then you could do this manually through the UI using the Site Management Admin Console page. Again, the Admin would need to become the Site Manager for each Site and then visit the site and change the role of every member.
As suggested by #DaveDraper in a former answer, you could setup site memberships to the consumer role. However, this won't take into account any special permission given on a particular node (folder/document) in that site either with or without inheritance of permission.
So, if you intend to block any writes on the entire alfresco repo/site you could simply setup an extra security interceptor on your NodeService to block any write access using the NodeService.
PS : You could get some inspiration from the "NodeService_security" bean and implementation !
I can think of a turn-around or two, but those would be really sloppy so I won't be including them in this response
Not sure if this is stackoverflow typically question (I'll remove it if suggested), still may help me understand the possible options here.
I would like to know if it's somehow possible beside core, master and web instances to append new content database (let say for some form's filled with data by web users with CRUD repository using existing sitecore api). Editable/readonly from CMS, visible for exports, reports or charts via CMS using custom modules.
Somehow this DB should be located on the same level with Web Database, it's important to follow templates and functionality from sitecore legacy functionality.
This entire shebang will be used in as Sitecore Custom Module (installation, integration customization, management, blah, blah blah). Important: Items stored in this database are pure data items.
I found vague information on John west Sitecore blog, so what I asking more then the direct solution in front of my eyes references or examples how to, or signals if it's against the policy.
Best reference until now: http://intothecore.cassidy.dk/2009/05/working-with-multiple-content-databases.html article written by Mark Cassidy.
The reason you don't find much information on this is because its very uncommon to add another database which is accessible to Sitecore as per the john west blog. Note the data of that post also. I'm not aware of your requirements but I have never seen it done or found a need for it.
With user input data such as forms, comments etc. You have three data considerations storage, access and reporting. In a scenario where you would like to store this data and access it in Sitecore. I would approach it as follows:
Storage of that data should be in the master database inside a bucket. From version 7.0+ buckets were introduced so you can add virtually unlimited data to a Sitecore database. There was a buckets module which supported 6.3+ but appears to not be downloadable anymore: https://marketplace.sitecore.net/en/modules/sitecore_item_buckets.aspx. The code is out there though and possibly Sitecore support would even provide it.
The master database in a standard production environment (split content management and content delivery environments) if not accessible directly via connection string is made accessible by calling the Sitecore web API or creating a custom web service.
Requirements such as reporting and/or shared access to the data for other applications could possibly provide reasons to create a custom database but otherwise there is no reason not to store it in the master database.
You have to save the information filled by the user in Master database so that you can modify or use it using SItecore API.
Since the users filling the form may not have access to modify Sitecore Master DB. You would have to either switch the user to a user with least permissions required to make those changes(safer) or You would have to disable the security for a while and perform those tasks(not recommended). Both of these are explained in http://www.nehemiahj.com/2012/03/how-to-use-securitydisabler-and_15.html
And then add the form as an item in master db. If the number of form items created using this is more then use Sitecore Buckets.
I have two drupal 7 sites and I want them to share content of a certain content type. I want to have this content stored in an external database. How could I make this happen with a custom module?
You can setup a Rest server.
Then you can use views to share the information you want.
Module: https://drupal.org/project/services
Maybe have a closer look on these modules:
Drupal Sync
Drupal Deploy
I didn't try out one of these so far, but I think it's what you are looking for.
Contents (ie. nodes) on a Drupal site are not stored in a single tables. The same tables are used to store content of different content type. Some of the tables are created dynamically when you add fields to a content type, or when you change their settings. So you cannot share some contents between two sites by simply sharing the table(s) used to store them.
As a rule of thumb, you cannot achieve anything complexe in Drupal by simply doing stuff at the database level. There is too much storage logic implemented in (PHP) code that cannot be ignored when accessing the DB. You should always base your solution on Drupal's API (and most of the time, not the DB layer API, but the high-level API such as the Node and Fields APIs).
That said, there is no core API to communicate between sites. I would use one of the site as the canonical source of the shared contents and the only site where they can be edited. Then somehow replicate these content on the second site. This can be done with the Services or RESTful Web Services module on the second site, and a custom module on the first site, used to push new contents and the updated contents to the second through a REST service.
I'm using umbraco CMS and creating a site like blog. Including me there are 10 members involved in
writing article's but i'm the one who needs to check the article.
All 10 members are not in a single place. The thing I want to know is if a person other than me is putting a content, I only want to decide whether to publish or not. Is there a option to set this kind of permission.
would somebody say can we done this in umbraco CMS.
Yes, this can be done.
Within the Users section, there's a node called User Types and from your description it sounds like Writer is best suited for your members. Just make sure they are set as this user type when creating/updating their respective user nodes. Most notably, they'll have the following permissions amongst others:
Create
Update
Send to Publish
There's a bunch of other permissions there that you can choose from if Writer doesn't precisely match your requirements or you could create your own user type from scratch.