By BKWill on

Alright, I've installed Drupal on my local machine, and everthing is running smooth. I understand the modules and I understand taxonomy. For the life of me I can't solve what seems to be a simple problem. I'm building a site where clients can log in and view content that only they are allowed to see. The majority of the content on the site is public. However I've filled my site will content, created roles, and have used privacy by role on the node level. No matter what, people can still see content they are not suppose to.

Ideally I don't want anyone who is not a client to see any client material (let alone even see it listed anywhere), I don't want clients to see other client's material ( let alone see it listed anywhere). I'm trying to create private client galleries, along with private client pages.

Possible Problem:
"Taxonomy Access" cancels out "Privacy By Role", maybe I should use only one and not both? What is the difference anyhow?

Possible Solutions:
-Does a working Groups Module exist for 4.5.2, or would someone want to be hired to create one?

-Is there a way have Private Client Blocks Appear on log in with links to client content?

I'd like to open this up to a discussion if possible. I've dying to build this site myself, and I feel very frustrated that I can't get around this problem. It's hard for me to ask for help, when it seems like so many other people have already solved this same issue. Any thoughts, or suggestions?

Will

Comments

nsk’s picture

nsk commented

in my site I have solved this problem by moving all nonpublic material to phpCollab.

So I use Drupal for the public site and phpCollab for the privatised content.

But it depends on what kind of content you want to privatise. If it is for project planning then Collab is good, but if it is for articles etc then better create another Drupal site for the privileged users.

--
NSK, Admin of Drupal-based site http://www.wikinerds.org

BKWill’s picture

BKWill commented

Do you mean creat another Drupal site inside of a Sub-Directory of the existing site?

What I need specificaly is the ability to create and maintain private client galleries, and articles and/or pages. I only want the client content to be visible to that client, and not even listed to other clients and public users.

I was really confident that Drupal could do this on it's own without having to install another CMS, is this not the case?

Kieran Huggins’s picture

Kieran Huggins commented

Just checking... for taxonomy access to work, you need to enable the module, THEN go into settings -> administer -> taxonomy_access and click Enable the taxonomy_access module and save.

It's a superfluous step that everyone misses... worth double checking before you go looking elsewhere.

media girl’s picture

media girl commented

I do exactly what you're requesting on a corporate site, with the module right out of the box. I do not use privacy by role, as I think it's almost too easy to mess up by missing a checkbox on a post.

With taxonomy access, the key is to be sure to go immeiately to the user configurations and check off the appropriate access permissions. I've had no problems -- except for questions about RSS feeds being accessible to people who should have receive them.

--
mediagirl.org

ec’s picture

ec commented

Hello, I've got the same requirement here, and by this time I'm using organic group, here http://drupal.org/project/og . This module let create groups witch can be public (registred users can subscribe freely) or private (registred users can subscribe after an approval). Then each group admin can decide if the content made inside that group is only for that group or can be made public.
If you use then TA you can therefore decide to keep vocabularies and terms specific to a given group. Of course this need to sync people in the given group to a given role. But that way, you can keep completely private contents and taxonomy if needed.
Regards,

phasenorth@civicspacelabs.org’s picture

phasenorth@civicspacelabs.org commented

I originally used just OG, but then needed to have some permissions by role in the forum. When I added TA, the OG module stopped working correctly. Users could see all content, not just the content for their subscribed group(s).

Anyone know how to use these 2 modules together?

BKWill’s picture

BKWill commented

I still cannot get Taxomony Access to work at all. I have Drupal installed on my local machine and testing it that way. Does anyone know if that is why it's not responding to Taxonomy Access?

media girl’s picture

media girl commented

They are not under settings but under user/configure/access permissions. There you can grant an array of access permissions by role and taxonomy. (You need to set up the roles and taxonomy first.)

Also, the feature is on the permissive logic side -- if you have two terms associated with a node, people with permissions for either term will be able to see it.
--
mediagirl.org

Jaza’s picture

Jaza commented

Although the problem in question on this thread (getting TA to work) has been solved, I just thought I should stress this point for anyone that browses this thread in the future.

With taxonomy_access, say you have a node associated to 5 different terms: if a user is then barred from 4 out of 5 terms, but is granted access to just ONE of them, they will be able to view the node!!! Beware... I have had problems with this in the past. Make sure you TEST any rules that you configure using TA, unless you don't mind people looking at things that they shouldn't be able to look at! This 'permissive logic' system can get a bit annoying... perhaps there should be a different version (or a patch/hack) for TA that uses opposite logic to this.

Also, if a user is denied access to a node because of TA, then they won't see a preview of the node, or (hopefully) any reference to it at all. There is no way to change this behaviour, short of hacking TA.

Jeremy Epstein - GreenAsh

Jeremy Epstein - GreenAsh

netlynx’s picture

netlynx commented

a

BKWill’s picture

BKWill commented

Alright, as I overlooked the obvious, it came down to simple problem solving and ruling out the obivious. My last installation of Taxonomy Access was an onlder version before there was a patch. Although I don't know if that was the direct correlation to my problem, but I realized:

1.) Under my Administer> Settings> that there was no option for Taxonomy Access.

**While it did appear under Administer> Users> Configure it was not under the previous.

Solution: I dropped the table, and reinstalled with the current version of the module, followed the directions, and the advise from "Media Girl", and presto, I have a working module.

Part of me wants to think that, I had replaced the the actual Taxonomy Access folder with the current version ( but that I didn't drop the old table), and it didn't work, which is why I posted the "NO Luck" comment. Starting over fresh cleared up my probelm.

Thanks, to everyone for their input and advise. I'm going to attempt to use the Organic groups module as well again.

I want to NOTE, that my first attempt to privitize content, I was using Taxonomy Access, and Privacy By Role at the same time, and that I ran into a bunch of issues, either on the admin side, or the user side. I agree with Media Girl, Taxonomy Access is much less confusing then Privacy By Role, espeically for non-computer savy users.

Thanks again for all the help, I really believe in Drupal. I should have my site public by March 1st. I'm very excited, and want't everyone to know that I couldn't have done it with out the help from this community.

Peace,

Will

media girl’s picture

media girl commented

I have discovered that taxonomy_access has an Achilles heel: the RSS feeds will offer up all nodes for aggregation. So if you have, for example, a blog node assigned a restricted category, nobody without permissions will see the post, but anyone who has bookmarked or pulled the RSS feed will see everything, including the restricted posts.

I posted a bug here: http://drupal.org/node/19404

I also posted a forum query here ( http://drupal.org/node/19408 ) to see if anyone has found a workaround or patch. As it is, I have had to unpublish confidential material on two business sites so far. People should be aware of this security gap if they are intending to keep some nodes "private."

--
mediagirl.org