Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.
By CalonDdraig on
Hello,
I have a couple of questions about how I can limit which user role has access to node types and vocabularies...
I'd like to have several different roles in use on my site so delimit which people can do what... An example is that I have a custom content type (CCK) that I'd only like one role to be able to see/moderate. How easy is this?
Another is that I'd like to limit certain vocabularies to certain user roles... Is this doable?
Please bear with me as I did try searching, but am unsure of the language to use for this...
Many thanks,
~Calon
Comments
Access control modules
You have to use one or more access control modules (preferably only one). Take a look here (make sure to select "Drupal 5"):
http://drupal.org/project/Modules/category/74
For taxonomy categories:
Taxonomy Access Control (http://drupal.org/taxonomy_access) is good for setting up which roles can do what (view, list, create, moderate (update and delete) with nodes of some categories. There is also the TAC Lite (http://drupal.org/tac_lite) module which does not provide moderation but provides permissions to individual users (not only roles).
For content types:
The Content Access module (http://drupal.org/project/content_access)
If you use more than one, you must be very careful with interactions. If one module forbids access and another one allows access, then allowing wins. So, you must follow a correct strategy. For example:
- Avoid using categories for content that you want to control by node type.
- If you don't want to do the above, then create "small allowing roles". This means that, for a very specific kind of content, neither access control module should allows access to anyone else except that role. So, that role alone can grant access, and you can assign it as an additional role to the users you want, so that you can also remove it easily.
Another option is to use the Organic Groups module (http://drupal.org/project/og) to create subscriber groups, if that fits your model. This is also an access control module, so the same limitations apply.
Thanks for that,
Thanks for that, very useful info.
I installed Content Access, but although the module shows up, havn't got any extra features on my admin panel... Certainly none pertaining to customising what content types are viewed, only what can be modified or administrated.
I think I'll contact the author of Content Access and ask his advice.
Thanks again,
~Calon
(no title)
In Administer › Content management › Content types (/admin/content/types), when you edit a content type, you should have a new "Access control" tab which includes "View" permissions for different user roles.
True, it is a little scattered... For example taxonomy access modules put their settings page under the "user management" menu and not under "content management, categories", while this one puts its settings under the "content management, content types" menu.