I am working in Drupal 7. I am looking for access control module which provides view, edit and delete access to nodes based on user rather than role, which is almost similar to Nodeaccess . Nodeaccess is in alpha stage, not recommended for production site.
Along with add/edit/view permission, two most important permissions like "grant node permissions" and "grant own node permissions" is must, almost similar to Google app sharing feature "Is owner/can view/can edit/can delete".
Could you please suggest some alternative module or hint?
Check out http://drupal.org/project/user_permissions this module should do the trick for you. Here you can give access to the user based on each user and not role.
Also check out http://drupal.org/project/content_access here besides role you can use the author id to set access.
Hope it helps.
Cheers,
vishal
Related
A new user has logged into Alfresco, and joined the new site that we created. I can see that user as a member of that site, but can't find him in People Finder and can't add him to a site from the Administrator dashboard.Is it a indexing problem ?.we are using 4.2.2 version.If its a indexing problem what we need to do?it happened in prod.
try to invoke the people's webscript "api/people" by your browser and check the user's properties.
Want to make alfresco site read only in alfresco community 5.0 so that no one can make any changes or edit that during migration.
I already tried changing the user/group permissions but that method doesn't work properly. Is there any other way to make the sites read only?
You need to make all sites in read only mode and so entire Repository should be in read-only mode for migration!
Try this property in your alfresco-global.prop file
server.allowWrite=false
Please check this for reference
The best way to make a site read only would probably be to modify all members of that site to have the consumer role (this would prevent them for creating new content or editing any existing content).
Unfortunately there is no bulk capability built into the UI to do this, however it should be a relatively straightforward exercise to create an admin only custom WebScript to achieve this. It would necessary for the Admin to become the site manager of each site before attempting to change the role of each site member, but there is an API for doing this.
Alternatively (if you have only a few sites) then you could do this manually through the UI using the Site Management Admin Console page. Again, the Admin would need to become the Site Manager for each Site and then visit the site and change the role of every member.
As suggested by #DaveDraper in a former answer, you could setup site memberships to the consumer role. However, this won't take into account any special permission given on a particular node (folder/document) in that site either with or without inheritance of permission.
So, if you intend to block any writes on the entire alfresco repo/site you could simply setup an extra security interceptor on your NodeService to block any write access using the NodeService.
PS : You could get some inspiration from the "NodeService_security" bean and implementation !
I can think of a turn-around or two, but those would be really sloppy so I won't be including them in this response
I am trying to restrict access to a particular node (NOT node type) in Drupal.
I'm not finding a good module to be able to do this (or I am not understanding how to).
It seems like Content Access might be a good one - but I see no way to make access to a specific node not be granted.
How is the best way to restrict access to one particular node in Drupal 6?
Node Access should do the trick
Provides global and node specific security permissions by role and user account.
Global security for all content types and nodes (default).
Per content type and all nodes for the content type.
Per node security scheme
Emphasis mine.
The Content Access module is indeed a good one.
After installing and enabling, go to Home › Administer › Content management and select the content type you're interested in. Click Edit and then the Access control tab. Look at the bottom of the page at the panel Per content node access control settings.
When you enable this a new tab for the content access settings appears when viewing content, allowing controlling access for each individual node.
If you're looking for even more fine-grained per node access control, take a look at Flexi Access (however it is currently for Drupal 7 only). It is set up to control access per node by default, and also let you create and maintain access control lists, breaking access control down to both per user and per node.
I am using both of these myself, and they work.
For more options, see the page: Overview of Node Access modules # Drupal.org.
I need to implement a workflow in my Drupal website. I have a simple workflow:
contributer: Who create nodes in draft status saves new versions of a node
publisher: Do the same as the contributer and change the state of the draft node to published status.
I'm confused between Maestro, Workbench and Workflow modules.
Does anyone know which one is the most appropriate in my case?
Thank you very much.
Regards.
For this approach no need any Contributor module.Login as admin give the create permission to the normal user(may be fall under some roles) expect "administer nodes".If we disable this permission to the particular role who will not get a option to publish the content.
I usually use Workflow module http://drupal.org/project/workflow.
1) What you need is to create workflow.
2) Create workflow states
3) Give required state change roles to the roles
4) Go to the Permissions, remove all permissions from the Node, for you will give them in the workflow settings page
I'm designing an ASP.NET application that must support 'SubSites'.
The idea is to have a super admin manage all users, global application settings and SubSites. Each Subsite has a few of its own settings (such as a local admin, logo and welcome message) and each SubSite has its own list of registered users.
This is very similar with what you get using a CMS such as Joomla, SharePoint or DotNetNuke. In fact, I'm tempted to use such a platform, but other project requirements prevent me from doing that.
My questions are very general at this point:
Using ASP.NET 2.0 Membership, how would I designate a super admin and classify users based on the SubSite in which they have registered?
How would I implement SubSites (what patterns should be used, etc)? I'm especially interested in articles that explain how others have done this. I would like to learn the best practices that others have acquired, without spending days digging into the source code of a large open source project like DotNetNuke.
I'm implementing this in ASP.NET MVC 1.0, so similar examples will be most helpful.
UPDATE:
I like how Mike Hadlow implemented multi-tenancy and I've decided to use his work as a starting point. See this post for info on how I'm using SqlMembershipProvider with each tenant having their own isolated database. That solves my membership "based on subsite" problem.
What you're attempting is more commonly referred to as "multitenancy", not "subsites"
There was a similar question to this, and the accepted answer sounds plausible.
Forgive me if I do not understand what "subsite" means, are you using that term to refer to the idea of creating mini-sites within a grand master site? If so, I think I understand what you want to do but I'd have to say that the Membership system in asp.net 2.0 is very much a framework which you would need to operate within to create what you want.
Anyway, how I would do it (and this is based on .net Membership being used out-of-the-box):
ASP.NET allows you attach 'roles' to users and 'profile' attributes to those users too. Profiles are used to attach things such as "Telephone Number" and other meta-data to users but you could just as well use it to attach their home 'subsite' to them as well.
I would create a role called 'globaladmin', create yourself as a user and then assign you (and only you) to that role. I would then create a 'siteadmin' role and assign each subsite's admin user to that role but being very careful to assign them a 'site' profile entry which has the value that corresponds to the site they are admin for.
For example, 'user123' would be assigned to the 'siteadmin' role and their 'site' profile attribute could be 'subsitexyz'. They would then be identified as the administrator for that site.
The above is workable but if you really want to make this as slick as possible, create your own MembershipProvider (SubsiteMembershipProvider) and create a new SubsiteMembershipUser class that inherits from MembershipUser that your new provider returns. You could then add your own properties to SubsiteMembershipUser that your app can query to find out which site the user belongs to:
//get current logged on user - cast it to our custom membership user object
SubsiteMembershipUser thisUser = (SubsiteMembershipUser)GetUser();
if(thisUser.SubsiteName == SiteUserIsBrowsingString
&& Roles.IsUserInRole(thisUser.UserName, "siteadmin"))
//user is admin for this site so do something