This project is not covered by Drupal’s security advisory policy.
Swipht technologies developed a set of security modules with sponsorship from Portland State University. The modules provide roles and user specific security permissions for menus, menu items, nodes, and security integration into the administration and help systems. We would like to provide this suite of modules back to the community to share the usefulness of the suite and involve the community to provide additional support, testing, and moderation. Special care was taken to ensure the usability of permission management was consistent across all sections of the system (nodes, menus, menu items). Also each security module uses a cascading security scheme to allow global security and the option to override or define exceptions to the security model for individual items.
For example, defining global node access rights by role will dynamically apply the security scheme to all content types and nodes created. However the user can override the global security scheme for an individual content type, and override the permissions for a given content type by setting permissions on an individual node.
Please be advised that there may be issues with the modules if you are attempting to run them on a platform or application version not used in the development and testing. I will do my best to trouble shoot issues with environments that are not setup exactly like that which was used to develop the modules.
Operating System: Linux
HTTP Server: Apache 1 or 2
Database Server: Mysql 5.0
PHP application server: 5.0
Please apply permissions to your roles before submitting issues to the bug tracker
To take advantage of Menu Access
Menu Access provides new menu blocks located within block management. The new blocks have a prefix of "Menu Access" - menu name and are available for the navigation, primary, and secondary menus. You must use the blocks with the Menu Access prefix in your theme. The default Drupal menus do not call the correct security settings to enforce it. This strategy removes the requirement to patch the core of Drupal to enforce security.
If you have a custom theme you can integrate the menu by calling menu_access_menu_tree('primary-links') where the unique computer name of the menu is your custom menu.
Modules in the suite:
- Provides global and menu specific security permissions by role and user account.
- Global security for all menus (default)
- Per menu security
- Inherits security from the parent menu
- Global security for all menu items (default)
- Per menu item security
Module Code: http://www.drupal.org/project/menu_access
** Please note menu_access and menu_item_access are included as a single package.
- Global security for all content types and nodes (default).
- Per content type and all nodes for the content type.
- Per node security scheme
Module Code: http://www.drupal.org/project/node_access
- all admin index pages
- add content index
- help index/details
Module Code: http://www.drupal.org/project/admin_access
Drupal 7 Development Discussion
Starting a discussion on a Drupal 7 port, if it should be done what what design/development strategies I may employ.
If this module is not what you were looking for, there are several other modules that handle content access. Here are some of them:
- Maintenance status: Unsupported
- Development status: No further development
- Module categories: Administration, Security, Site Navigation, User Access & Authentication
- Reported installs: 260 sites currently report using this module. View usage statistics.
- Downloads: 16,582
- Last modified: March 6, 2015
- This project is not covered by the security advisory policy.
Use at your own risk! It may have publicly disclosed vulnerabilities.