This project is not covered by Drupal’s security advisory policy.
D6 is approaching end of life. We'll be doing maintenance fixes only.
Module Grants makes modules that deal with content access permissions operate better on unpublished (as well as published) content. It also makes sure that access grants behave in an orderly fashion when such modules are used together.
- Access grants are tested for unpublished content just as they are for published content
- Allows modules that feature fine-grained access control (e.g. Workflow, TAC-Lite) to work together
- While Module Grants' raison d'etre is to act as a catalyst amongst other modules when dealing with unpublished content and/or fine-grained access control, it does come with a handy feature of its own via the Module Grants Monitor submodule, which is bundled with the package download. After enabling Module Grants Monitor, a new item, Accessible content, appears in your navigation menu. Clicking on it reveals a summary of all the content the logged-in user has access to (i.e. view, edit) after access controls have been applied by the content access modules installed on your site. So if you have Workflow installed then what's editable to you and what's only viewable to you will depend on the workflow state the content is in. With the TAC-Lite module enabled it will depend on the vocabulary term(s) used in the content.
- Thanks to dankh, Module Grants now also has Views support, allowing you to add to your views edit and delete links that properly honour permissions.
This module works around a couple of quirks in the core access permission system that tend to get in the way, for instance when you set up workflows and/or are dealing with categorised content.
By ensuring that access grants are tested for unpublished content just as they are for published content this module allows you to implement approval workflows that deal effectively with content moving from author to moderator BEFORE it is published (i.e visible to the public). And that's probably where it's needed most: once content is visible for all to see, it's a bit late to start an approval process!
When publication workflows and category-based content are used together (e.g. after installing Workflow and TAC-Lite) this module makes sure that their combination exhibits the expected behaviour: access is granted to content only when it is in the right state AND (rather than OR) of the right category.
For example, when taxonomy access control is set up so that an Arts moderator/publisher can't view a Sports article, because Arts moderators don't have access to the “sports” term, then it would be wrong if that Arts moderator suddenly does obtain access to Sports, when someone put content in the “review” state, and by the workflow access grants moderators are allowed to view content in "review". Yet, this will be the behaviour you'll find if you don't have this module installed.
Installation instructions can be found on the Module Grants documentation page.
The Accessible content menu option is implemented through the optional (sub)module Module Grants Monitor, which requires Node Tools and User Tools (both bundled with the Module Grants download), while Smart tabs is highly recommended to make the tab behaviour more natural and convenient.
If you don't like the memory function that Smart tabs brings to your pages, but would still like your tabs on the Accessible content page to work properly without any permission issues, then simply go to Administer >> Site configuration >> Smart tabs and blank out the Pages to include text box on the page. If you want the Smart tabs memory function for the Accessible content page only, then enter in the Pages to include text box the following line:
accessible-content*If you are happy to have the memory function on all your pages enter * in the text box.
- Maintenance status: Minimally maintained
- Development status: Maintenance fixes only
- Module categories: Content Access Control
- Reported installs: 1,521 sites currently report using this module. View usage statistics.
- Downloads: 47,038
- Last modified: December 4, 2015
- This project is not covered by the security advisory policy.
Use at your own risk! It may have publicly disclosed vulnerabilities.