I have been playing with the various access modules, and having some difficulties doing what I want to do (and having it semi-intuitive for my users). I'm basically trying to put together a very basic intranet type site where employees can create/edit content and maintain/share some knowledge. I'd like some help if people could explain how'd they would setup this type of situation or maybe could point me in the right direction. Below are the basic requirements
All pages are protected from public view by default (but a few pages, like the front page, can be made public)
All pages have view and edit priviledges by default to all users (wiki style if you will, and i've got add revisions enabled by default)
Should be able to restrict edit priviledges to certain roles/users for specific pages or groups of pages (only view access)
Should be able to restrict view (and edit) priviledges to certain roles/users for specific pages or groups of pages. (no access)
here is a list of what I've tried and issues I've come across -
Taxonomy_access - This module seemed like the way to go initially, and at this point is probably my best bet, but it seems really un-intuitive for users to deal with. Plus, I want to be able to use taxonomy (and have the employees use it) to classify the pages without worrying about it affecting access.
Simple Access - the biggest problem here is that by default it leaves all nodes viewable. Plus, it requires me to setup additional access groups instead of using the groups that are already setup, which seems to lead to an additional layer of complexity and might make it un-intuitive for users
TAC_lite - This module is also nice, and at first glance seems like it could work too. It seems more tied to existing user roles, but I'm afraid this still isn't quite right. It doesn't seem to offer the flexibility of specifying read only or read/edit to different sections. Plus, it has the same issue as taxonomy access in that i don't want other taxonomies causing access conflicts.
Other access modules that don't seem to apply, but for completeness I've also investigated
Node privacy byrole - Doesn't seem to be ready for 4.7 and it doesn't really show any signs of being updated.
Node Access Arbitrator - Am hoping to only need one access module, so hopefully won't need this
Nodeperm_role - this sounded really promising, and even suggests that it will be upgraded to 4.7, but a request asking about the upgrade has been unanswered for quite awhile now.
Are they any other modules that I should invesitgate? Could someone please explain how you would setup a site's access to achive this?
To give a little more background, consider it being used for documenting the computer systems.... I don't want the public to know how the network and system is setup. I also want the employees to be able to contribute "how tos" and "tips" about the way they do things and have those tips edited by other people as the system changes. I also need to create some things that people can read but shouldn't change. Plus, there will be server setups and potentially some other sensitive material that should only be accessible to upper management or sys admins. I've also decided to go with drupal for this because 1, i like drupal and wanted to use it and 2, because this might need to grow and expand over time to include other features like a CRM package or group calendars - so if that factors into the access solution i choose now please tell me. Also, I have played with groups and am aware of its access features, but this is a very small company without different departments, so it wouldn't make sense to use that either.