I have read the various issues about forum access and am aware about modules such as Forum Access or Taxonomy Access. However, I am confused about a very simply use case. I have multiple roles, but only want one role (e.g. forum user) to be able to view/access the forum. I do not require granular access rights per forum, e.g. group A can access forum A and group B can access forum B and both groups can access forum C. Instead, I just want this one role to be able see the /forum link in the menu, forum containers and its posts and be able to post etc.
My site uses panels, an SSO module which replaces standard Drupal logins and content access for some basic access control. I have set the content type "forum topic" to be restricted to the role "forum user". Furthermore, I have adjusted all the advanced forum views in the views UI to use access restrictions by role and limited new topic list, active topic list etc. to role "forum user".
The result is that I got it 95% working without the need for any of the additional forum access modules. However, there are two outstanding items:
- Users with roles other than "forum user", including anonymous, can see the forum menu item in the menu. When they click on it the overview shows all names of the forum containers with 0 topics in it. The desired behaviour would be for them to see an Access Denied error.
- Furthermore, all users can click on a forum container and will see a statement reading "No posts in this forum", simply because they do not have access to any posts based on content access. AF adds a link on top and bottom stating "Log in to post new content in the forum." which does not work with SSO because it links back to the standard Drupal login mechanism. Again, the desired behaviour would simply be to display an access denied error.
If they happen to have a link to a particular forum post, they would correctly see an Access Denied error (restriction by content access). Both of these issues would disappear with a very simple permission implemented by default like "view forum" (separated from "view published content") which would be applied to the built-in views to display the forums. This would eliminate the need to use additional access modules that provide overkill otherwise for a use case which I don't think is that uncommon.
If that is not planned, how do I change the default views (e.g. at /forum) to limit forum access to a specific role? Can I do this programmatically in a custom module? I believe these views by default use "view published content" permission, but for various reasons anonymous as well as all authenticated users have that permission in my site. I would like to change this to role access instead of being based on that permission, but don't know how because that view is not exposed to me in the views UI.