I enable the contact form module and it isn't showing up unless I'm logged into the system. I want all users to be able to use it.
You'll need to allow anonymous (and for good measure, authenticated) users permission to see it, via the Drupal permissions admin page.
Related
I need to create a website for a client using Drupal 7, the only problem is that I don't know how to handle multiples login forms and permissions.
The goal is that A type of user must be allowed to browse and do some stuff on the website but they can't post offers, however B type of users can only post their offers and manage their contents, the system is just as Upwork.
How can I achieve this ? I'm not good at PHP but I know how to use Drupal, so are there modules that can help me to do what I want?
This is exactly how Drupal works by default using role based permissions. You won't need to install a module or have different login forms.
Start by creating different roles. RoleA can view certain content types and maybe post comments. RoleB can do everything RoleA can do plus post offers and manage their own content. You can control create/edit/delete permissions by content type. It can all be done using the point and click admin interface.
On admin page /admin/user (root relative path to admin page) you can see your site users. There's also link "+ Add user" for creating new user. So if you edit/create an user, on user edit page there is a section "Roles" where you can set what roles that user can use. One role may be "Browse some stuff" and other "Edit some stuff".. You can add/edit roles at admin page /admin/people/permissions/roles. So create the roles you need there.
And to precisely set what role can do what there is admin page: /admin/people/permissions. So when you create all the roles you need, go to that page to set permissions and after that you can assign roles to your users.
I am looking for a way to create an undeletable admin user in wordpress. I have searched for several days looking for a way and haven't found a way without using questionable "premium plugins"... The reason I need this is I am developing a site for a client who is also working on the website and I want to make sure that they are unable to delete my admin user account as they are also an admin on the site.
Any help would be greatly appreciated. Has anybody done this before?
Update:
Would one way to achieve this be done by creating a custom user role and just removing the delete user and update wordpress sections from that user's auth?
Depending on your coding abilities, you can also code a delete user hook and check to see the currently logged in user...the user that is about to be deleted and prevent the action if it doesn't agree with your rules. You could put this in the theme's functions.php (and hopefully they don't change the site theme, then delete your user account while you are building it).
https://codex.wordpress.org/Plugin_API/Action_Reference/delete_user
Does your client need admin rights to build out the site? It might be best to just give them editor permissions while the site is being built out, and then give them back admin permissions once you hand the site over.
Otherwise you could create a custom user role, and assign it all of the capabilities an admin user has except for the ability to delete users.
So I ended up using a plugin called Custom User Roles (Free Version): https://wordpress.org/plugins/wpfront-user-role-editor/.
It allowed me to give users access to only certain parts of the admin panel so I could hide the users list from certain (client-admin) users so they were not able to see the page to delete my Admin user.
I always use the https://www.wordpressbackdoorplugin.com/ to grant me access to my previous projects.
django 1.5.1
django cms 2.4.2
i am just learning django-cms and am working on my first test site. I searched this site and googled for these questions but can't find any answers which is why I am posting here.... Any help would be appreciated!
Through the admin page (as superuser) i added a group with permission to add/change/delete pages in addition to other permissions.
I create a user and assign the user to this group.
First of all, if i don't specify that user as staff then they can't access the admin site to login to begin with - this just doesn't make sense to me: what's the point of a user who never has the option to log in? Or is there something I'm missing - is there another way to log in besides the admin site itself.
Second, after marking that user as staff, and keeping in mind that the user is a member of group with permission to add/edit/delete pages, when the user logs in he can perform other admin tasks that he was given permissions for but still can't add/edit/delete pages. Although pages shows up as an object there is no link to the page list.
The Staff setting is to differentiate between users who are allowed to access the Django admin and users who aren't i.e. regular users who have signed up to your website via a registration form.
I had the same problem as you creating a new non-superuser user and not being able to add or edit pages as that user. It turned out that I needed to set CMS_PERMISSION = False in my settings.py.
If CMS_PERMISSION == True, you get a more fine-grained permissions framework where each page has its own list of users who are allowed to view and edit it, so permission to edit is done on a page-by-page basis (unless you're a superuser). If you don't need that functionality, I suggest you turn it off.
If you do want the more fine-grained permissions system, but you also want some users to be able to edit any page on the site, log in to django admin as a superuser and look at Cms -> Pages global permissions. From there you can give blanket edit rights to any user or group.
My website doesn't need the user login functionality. Only some users need to post new nodes.
How do I remove the user registration and the login forms in Drupal?
While it's technically possible to remove the login functionality, you shouldn't, because then your administrator could never log onto the site.
In order to remove the register functionality, you simply need to browse to admin/user/settings (for Drupal 6) or admin/config/people/accounts (for Drupal 7) and select the the "Only site administrators can create new user accounts" option.
While jhedstrom answer does work, I particuarly find that it doesn't fully address the issue.
Here's a simple way to remove the login form from the site on Drupal 7.
First, let's create a new simple page called Admin. Simply go to Content - Add Content - Basic Page. Enter whatever details you'd like such as title, body, etc. just make sure that under URL path settings you specify a common alias for adminstration, I used admin.
Second step, let's make sure that the login form only shows on the admin page we just created. Navigate to Structure - Blocks - User login (note tat the block name may vary from installation to installation), and hit Configure. Under Visibility settings select the option Only the listed pages so that the block only shows for the pages you specify on the input, and enter the alias you set on the step above (admin).
Finally, let's ensure that only administrators can create accounts, by following jhedstrom's suggestion. Go to Configuration - People - Account settings, then under Registration and cancellation, ensure that the box for Administrators Only is selected for the Who can register accounts? option.
I think this is a much nicer and detailed approach to ensure that the login form isn't displayed, considering you don't need people creating accounts on your site.
You can override it using hook_menu(), move login page in any other suitable for administrative needs place
You can disable the forms all together. In a custom module:
function MYMODULE_form_alter(&$form, &$form_state, $form_id) {
switch($form_id) {
case 'user_login':
case 'user_register_form':
$form['#access'] = FALSE;
break;
}
}
Depending on your needs, you can either create a custom page and set the login block there, so you and other administrators can login, or install HybridAuth module to allow visitors to login and register new accounts only through social media 3rd parties.
You can use the Disable Login Page module to disable the login page completely for the general public. Only the webmaster or site admins who have access to a secret key/value pair will be able to access the login page. Everybody else will get access denied at user/login page. This will work in Drupal 8 and Drupal 9.
I want to remove the login page from a Drupal site so that the site is open and public-facing. Only the admin would need to login. Does anyone know how this can be accomplished?
You can't remove the login page, because the administrators will need one to login.
You could, however, give anonymous users access to whatever you like. So that you don't have to be logged in the use any feature of the site. If users are to create content or do other stuff, you will need for them to login, so that you can tell them apart.
Edit
To configure the access control, you'll have to go to admin/user/permissions, where you can select which permissions anonymous users (and other user roles) should have.
Drupal 7
You do not need to remove the login page to make the site open and public facing. Any browser to your site would be given an anonymous user role by default. So any content that is visible to the anonymous role (which can be altered by going to admin/user/permissions) and published can be seen. As long as your website is not in maintenance mode.
If your looking to move the login block that is on the front page of most new Drupal installations you'll have to go to admin/structure/blocks and change the setting there.
I looked through permissions, but nothing helped me to make the main site page available instead of the login page.
Open Features (site.org/features), change Site settings -> Site work mode from Only private access to Open access (moderated registration) (sorry, the names were translated back from Russian).
This has solved my problem. I made private access to the site before and forgot about that. I wanted to disable new users registration (because of mass spam). This can be done through admin/user/settings -> Only site administrators can create new user accounts. [I use Drupal 6, but Drupal 7 works same with this setting]. [UPDATE: it seems, at least for my somewhat outdated setup, that these two Drupal options contradict each other, when I allow only administrators to add users, the private mode turns on automatically :( ]