Disable password changing for a user

By offal on 27 Jan 2007 at 03:15 UTC

I want to set up one user that members of my organization can use to access certain parts of my site (specifically adding/editing events), but I don't want that user to be able to change the password. It's one account for all my organizations' members (and I will tell them the un and pw). Setting up the user is no problem, but how to I stop folks from changing the password on that account once they are logged in? How can I make this an administrator-only function and hide the 'my account' page' from users?

Furthermore, is it possible to hide the "request new password" button for anonymous users (and the one user account set up by me)?

Comments

User Protect

Christefano-oldaccount commented 27 January 2007 at 04:00

Check out the User Protect module. It will prevent specific users (or users that are assigned a specific role) from editing their account.

I don't know about removing the "request new password" link. You could edit the user.module but there are better ways to override the login block. Check http://drupal.org/node/69506 for an example.

Excellent Module

offal commented 27 January 2007 at 07:28

Thanks so much christefano - this is exactly what I needed. Works like a charm. I'll be using it because it's nice and easy.

It also removed the 'request new password' link for the one created user, but I'll have to try the other suggestion you made for anon users (http://drupal.org/node/69506).

I've found another way also that does a very good job by removing the whole 'My account' link for specific roles, but it requires editing of module/user/user.module. I found this at:

http://drupal.org/node/38562

I guess it's nice and tidy not to even show the 'My account' button. It's not hard, but not as simple as using the User Protect module. And then there are quite a few people who advise against changing the guts of modules too.

I disable the "my account" link

Christefano-oldaccount commented 27 January 2007 at 08:31

I disable the "my account" link on some sites by unlocking it and moving it into a new menu I create called "Disabled". The link is locked at first and is hard to move, but I just wrote at http://drupal.org/node/112588 about how to move it so I'll just copy that here.

If you create a new menu item and assign user as the path, Drupal will defer to it and the "my account" menu item will disappear from the Navigation block. As usual, clicking a link that points to user will prompt a user to login, or redirect to his or her account if the user is already logged in. In this case, we're just putting this link into the Disabled menu which is never displayed.

Hopefully that makes sense.

Yet another method

offal commented 28 January 2007 at 04:11

That's also a good suggestion although I'll have to spend some time reading it carefully and trying it out to understand it fully - I don't quite follow it at present.

For now I'm content with the solution you talked about earlier (User Protect Module).

I've also found a way of disabling the "Request new password" link at http://drupal.org/node/79131

It says:

Open the style.css file located in your default theme directory and add the following:

#user-login-form .item-list ul {
display: none;
}

It works.

My apologies for the

Christefano-oldaccount commented 29 January 2007 at 02:05

My apologies for the confusion. Here's the step-by-step:

Create a new menu called "Disabled"
Begin creating a new menu item called "My Account"
Before submitting (and thus creating the menu item), assign the new menu item's path to user
Finally, move the "My Account" menu to the Disabled menu and click "Submit"

Drupal will defer to this new menu item and remove "my account" from the Navigation block.

Thanks for the link to 79131. That looks like the most elegant solution to me.