This project is not covered by Drupal’s security advisory policy.

Swipht technologies developed a set of security modules with sponsorship from Portland State University. The modules provide roles and user specific security permissions for menus, menu items, nodes, and security integration into the administration and help systems. We would like to provide this suite of modules back to the community to share the usefulness of the suite and involve the community to provide additional support, testing, and moderation. Special care was taken to ensure the usability of permission management was consistent across all sections of the system (nodes, menus, menu items). Also each security module uses a cascading security scheme to allow global security and the option to override or define exceptions to the security model for individual items.

For example, defining global node access rights by role will dynamically apply the security scheme to all content types and nodes created. However the user can override the global security scheme for an individual content type, and override the permissions for a given content type by setting permissions on an individual node.

Please Note!!
Please be advised that there may be issues with the modules if you are attempting to run them on a platform or application version not used in the development and testing. I will do my best to trouble shoot issues with environments that are not setup exactly like that which was used to develop the modules.

Operating System: Linux
HTTP Server: Apache 1 or 2
Database Server: Mysql 5.0
PHP application server: 5.0

Please apply permissions to your roles before submitting issues to the bug tracker

To take advantage of Menu Access
Menu Access provides new menu blocks located within block management. The new blocks have a prefix of "Menu Access" - menu name and are available for the navigation, primary, and secondary menus. You must use the blocks with the Menu Access prefix in your theme. The default Drupal menus do not call the correct security settings to enforce it. This strategy removes the requirement to patch the core of Drupal to enforce security.

If you have a custom theme you can integrate the menu by calling menu_access_menu_tree('primary-links') where the unique computer name of the menu is your custom menu.

Modules in the suite:

Provides global and menu specific security permissions by role and user account.
  • Global security for all menus (default)
  • Per menu security
Provides global and menu item specific security permissions by role and user account.
  • Inherits security from the parent menu
  • Global security for all menu items (default)
  • Per menu item security

Module Code:
** Please note menu_access and menu_item_access are included as a single package.

Provides global and node specific security permissions by role and user account.
  • Global security for all content types and nodes (default).
  • Per content type and all nodes for the content type.
  • Per node security scheme

Module Code:

Provides security check integration for all administration index pages and help index pages to only display links to modules, functions, and content based on the user's permissions and access rights. This module relies on the three modules detailed above. Exclusion from items in the administration and help sections are based on security rules defined in the module permissions and can be overriden using rules defined in the navigation menu (main admin menu).
  • all admin index pages
  • add content index
  • help index/details

Module Code:

Drupal 7 Development Discussion
Starting a discussion on a Drupal 7 port, if it should be done what what design/development strategies I may employ.

Related modules

If this module is not what you were looking for, there are several other modules that handle content access. Here are some of them:

Project Information