Last updated 6 October 2013. Created on 16 February 2013.
Edited by edvanleeuwen. Log in to edit this page.

This page aims at describing setting up a site which uses OG and needs public nodes with public files and private nodes with private files.


  • OG (7.x-1.x or later)
    • Organic Groups
    • Organic Groups access control
  • File (Field) Paths (latest dev)

Adding the appropriate fields

  • Add the Group Visibility field (group_content_access) to the content type (e.g. story)
  • Set the Allowed values list to a private and public entry only
  • Add a File field to the content type (e.g. story)
  • Open the File (Field) Path Settings
  • In the File path field, enter [node:group_content_access]/[node:nid]
  • Set Active updating
  • . This is necessary to move a file from public to private or back, when the visibility changes.

  • Set the Upload destination to Private files

Setting up the file system

  • Set the file system to private
  • Create folders on your file system with the exact names used in the textual section of the Allowed values list
  • In the private folder, if not already there: put an .htaccess file with only the line
    SetHandler This_is_a_Drupal_security_line_do_not_remove
    Deny from all


Looking for support? Visit the forums, or join #drupal-support in IRC.


swfindlay’s picture

Is there a 7.x-2.x solution to this problem?

[node:group_content_access] doesn't appear to be recognised

edvanleeuwen’s picture

I have the same setup running on 7.x-2.x.

Is the module Organic Groups access control enabled?

Best regards,