I am building a DMS for our intranet and use a taxonomy hierarchy because we need access control that way. All company locations manage (upload,edit) their own documents but should be able to access all. This is inherited to the child terms and works fine.
Additionally we want simple 3-step workflow (draft,published,archived). So i introduced roles for editor, publisher and docadmin and set permissions for the transitions. Also triggers to effectivly (un)publish documents.
But (of course) a user of role publisher can do the transition for ALL documents. But we want publisher for each company location (top taxonomy level, see above).
Could this be achieved? Do i have to set it up by myself (i guess "rules" is appropriate to do this) or is there another module helping.
role inheritance was a guess, but that is only about roles (naturally).
"module grants" i use and checked first option. That way my thoughts are going. I hope you get my idea resp. problem.
drupal 6.16 current
edit:
I reread the docs and found ie. http://drupal.org/node/408018 Revisioning for categorized content. Will reread that.
It seems you're running into a know issue in Drupal 6's node access api. Grants only work as an approval, so if any access module says a user can perform an action no other module can take it away. The only other solution I can think of would be a mash of the modules to calculate based on both criteria, obviously a potentially complex task.
Certainly not recommended, but you could apply your own logic to scan the grants tables to remove entries for users that don't match up with both criteria. You would have to find the right hook to have it perform its work after both other modules have calculated their values and saved them to the database.
Good news: this is fixed in D7. Bad news: D7 will be a while.
Drupal 7 will allow modules to approve, deny, or abstain from node access decisions. As such, your taxonomy module could say the users are approved for these terms, denied for others. As well, workflow could approve for some stages and deny for others. A user would require at least one approval and no denials.
Related
I am trying to evaluate the possibility of creating a plugin for Parent/Child functionality in Wordpress user creation.
What we need to achieve is to allow a Parent to create a sub-user account for his children. This accounts will have limited access but that can be done later with other Wordpress plugins.
What does not exist right now or what I was unable to find, is a plugin which gives the possibility to an existent standard user, to create sub-accounts related to him.
I do not want anything particular except the association between the accounts. The main user should have the possibility of adding or removing his child accounts.
Do you think this is something that is ok to do? Does it open us to any hacking possibility or vulnerability or create problems in the future?
If not, what would be in your opinion the best way to proceed and do this? What would be the best, fastest and most secure flow of operations?
Looking forward to your opinions.
Thanks in advance.
Regards
I know this is an old post but here's an option for anyone searching for this in the future.
First, you need to register a new user role. When you register the role, you are free to assign any capability you want. In this case, give the new role the capability to add users.
Then you can create a one-to-many relationship between the new user role and the standard subscriber role. So the new user role can have many subscribers but a subscriber can only belong to one new user role.
This will do what you want. There are several plugins that can do this if you are not comfortable with coding which seems the case per the OP's question. You can try PODS which is free and available in the Wordpress Plugin Directory - https://wordpress.org/plugins/pods/.
In Wordpress, there's a number of role permissions who's functions change the moment a post is published. These can effect whether or not a contributor can edit, or even delete one of those posts.
I need to change it so that the these permissions change behavior as soon as a scheduled publication-time is set -- rather than the moment of publication.
Is there an easy-to-understand way to do this? (By "easy-to-understand" I mean that cryptic explanations how to do something that will confuse and possibly require a ton of delicate development might not be sufficient.)
If the solution involves a plug-in, the requirements are that the plugin be current and well-rated.
Is there an alternative module or way that I can query a drupal database to return results from a table for example, the users table, and have the search results visible even for anonymous users? I have tried using the views module but only a logged in user is able to see the results. I have changed the access permissions to no avail. I am working with Drupal 6. Please help!!!
There is no reason a view should only show up to logged out users, unless the data being loaded in the view is not available to logged out users. The view itself has permissions. Assuming you're in Views 3 (though 2 is similar) and depending whether it is a page or a block, the middle column will have "Block Settings" or "Page Settings" under which one of the options is "Access". You can tie the view to a specific permission, use custom PHP, or specifically enable it for certain roles. You can also choose "none" here and completely bypass permissions -- then the view will be available to everyone to see the data in, regardless of their permission to the data itself. However, be careful with that if there's any sensitive data on your site.
Views is definitely the best way to create an advanced search in Drupal. I'm sure there are alternatives, but this is exactly what Views is for, and Views is the #1 tool and #1 reason people use Drupal. What I recommend is opening a new issue for help figuring out why your view does not show to anonymous users.
My Drupal / ubercart install has a bizarre issue. Anonymous users can access an edit page /node/44/edit for s SINGLE node only - an ubercart product. I have created a new version of the node, which does not have the issue. The tabs (view / edit) are also available on the product page to anonymous users. The issue became clear when the page was edited by a spam bot.
Is there any way I can output the decision making process which Drupal makes to the screen? For example can I output the variables to the screen which Drupal uses to make the decision about whether the user has access to a given URL or not?
Thanks in advance.
There may be a better way, but to start, you could create a custom module that implements hook_menu_alter, then dump the contents of the $items array, to see the access callback associated with /node/44/edit or /node/%/edit.
One thing to try would be to "rebuild node permissions" You do this from the admin/content/node-settings page. It might be as simple as the permissions being jacked up, which is rare but does happen sometimes.
I am a php developer using mostly CakePHP, magento, and wordpress. I want to create a community driven website aimed at the volunteering community that will let users sign up, create profiles, add previous voluntary positions, let organisations sign up and post jobs, etc. Is this something that drupal can handle? Is this what drupal was built to do?
I'm just wondering how drupal deals with custom methods. Say I wanted to have a user request a reference from someone, I'd have to write methods that did this. Would that be possible in drupal?
I'd love to hear from anyone doing something similar!
Thanks,
Jonesy
Can Drupal do this?
Yes.
You may want to take a look at drupal commons a distribution of drupal with a lot of community features built in.
My answer is exactly the same as Jeremy... I have never done a project that has not benefited from drupal and its highly extendible nature.
It sounds like your project is quite large and is going to require a fair few modules to get going. I would have an extensive google for the different spec points you need to meet (for example: "drupal user profile module") and be sure to look at the related modules down the side.
I'm just wondering how drupal deals
with custom methods. Say I wanted to
have a user request a reference from
someone, I'd have to write methods
that did this. Would that be possible
in drupal?in drupal?
Drupal provides hooks which allow you to interact with most aspects of it. Custom functionality goes into modules and pretty much everything you will deal with is a module.
Lastly I can't find any examples, but I know that projects like yours have successfully been done using drupal!
Yes.
And If you are going to use the drupal 7 then it can be done very easily. You just have to manage some fields and just to assign a proper permissions to the users.
These tasks can be done with drupal. There are already module exists for User Profile, User Relationships, Groups etc. All post can be handled as node concept. User registration, user sign up all are available at the installation of Drupal. And it is extensible.
Thanks
-Rinku