I understand from https://www.drupal.org/node/2368039#comment-9306213 that it is not possible to "control Create permission on a per-section-type basis. That would require custom code."

My question is if it is possible to limit a section type to a specific Space?

Current case: I have created a custome content type "Report" for a specific Space/Group "Coordination", no other space/group needs the content type. I can control permissions for "Report" content type, and give creation permissions only to users in "Coordination" Space/Group. How ever any Space/Group Administrator Member can create a "Report Section" in any other space, although no Report content can be created.

Use case: Only "Coordination" Space/Group Administrator Members can see the "Report Section" creation option. Other Space/Group Administrator Members do not see this section and do not get confused.

Non permission solution: 1) Create "Report Section" will only show in a specific Space because of context, or access in Section Template? 2) It will never show as Create "Report Section" in any Space, and needs to be added manually?

I cannot find a 1 or 2 solution... or any other... yet.

Comments

huizache created an issue. See original summary.

huizache’s picture

huizache CreditAttribution: huizache commented
Issue summary: View changes
huizache’s picture

huizache CreditAttribution: huizache commented

The solution I came up with:

  1. Delete: Taxonomy - Section Type - Report Section
  2. Delete: Section Template - Report Section
  3. Edit the target Space: Override default space options - Node Type: select "Report"
  4. Create a default Section and customize it as needed to show "Report content"
  5. Remove Space/Group default permission (system wide) to Administrator Member to "Administer Group". (optional*)
  6. Give target Space/Group Administrator Member permission to create/edit/delete "Report content" as needed. (optional*)
  7. Give target Space/Group Members permission to create/edit/delete "Report content" as needed

Results:

  • Target Space has a Report Section
  • Only target Space members can create Report content using +Create button
  • No user in the site has a "Create Report Section" as an option
  • If optional* configuration was applied no other Administrator Member in any Space/Group will be able to add Node Type: Report in Override default space options. The down side is they will also not be able to add Groups to "inheritance - Parent" to target Space, unless Administrator Member has permission to "Administer Group" in desired Group to be added as parent to target space.

Conclusion:

  • Not using the optional configuration is enough considering no regular user, even if Space/Group Administrator Member will need/want to "Override default options" unless instructed otherwise.
  • Using the optional configuration needs more testing. At first glance it seems to invert OA Space/Group permission best practices, where groups members are given permission over a space.
ugintl’s picture

ugintl CreditAttribution: ugintl commented

After creating a space, the menu and the banner of the latest space created shows on every page, even the admin pages. How can I restrict the context to that space so that the menu and the banner only show when the user is within the space context? Any ideas?