This project is not covered by Drupal’s security advisory policy.
There is an open security issue: the name of the Node Access (node_access) project is confusing
Swipht technologies developed a set of security modules with sponsorship from Portland State University. The modules provide roles and user specific security permissions for menus, menu items, nodes, and security integration into the administration and help systems. We would like to provide this suite of modules back to the community to share the usefulness of the suite and involve the community to provide additional support, testing, and moderation.
Special care was taken to ensure the usability of permission management was consistent across all sections of the system (nodes, menus, menu items). Also each security module uses a cascading security scheme to allow global security and the option to override or define exceptions to the security model for individual items.
For example, defining global node access rights by role will dynamically apply the security scheme to all content types and nodes created. However the user can override the global security scheme for an individual content type, and override the permissions for a given content type by setting permissions on an individual node.
Please be advised that there may be issues with the modules if you are attempting to run them on a platform or application version not used in the development and testing. I will do my best to trouble shoot issues with environments that are not setup exactly like that which was used to develop the modules.
Operating System: Linux
HTTP Server: Apache 1 or 2
Database Server: Mysql 5.0
PHP application server: 5.0
Please apply permissions to your roles before submitting issues to the bug tracker
This is one of several node access modules in the community, even though the module is part of a security suite it is not strongly tied to the other modules (menu_access, admin_access). And so, you can use other access modules instead of this one.
The following modules can provide similar if not exactly the same security features as the node_access module.
Content Access (recommended)
This module is the main reference for the creation of the node_access module. The node_access module was built because at the time it was required the content access module did not have a Drupal 6 version.
All attempts to contact the module authors failed and thus, the node_access module was created.
Long standing node access security module, as with content access at the time that this module (node_access) was being developed the nodeaccess module did not have a Drupal 6 version and repeated attempts to contact the authors and or moderators had failed.
Both modules are a great alternative to the node_access module. It is up to you to choose which module best meets your requirements. And again, using node_access, content_access, or nodeaccess will not affect the functions provided by the menu_access or admin_access modules.
Modules in the suite:
- Provides global and menu specific security permissions by role and user account.
- Global security for all menus (default)
- Per menu security
- Inherits security from the parent menu
- Global security for all menu items (default)
- Per menu item security
Module Code: http://www.drupal.org/project/menu_access
** Please note menu_access and menu_item_access are included as a single package.
- Global security for all content types and nodes (default).
- Per content type and all nodes for the content type.
- Per node security scheme
Module Code: http://www.drupal.org/project/node_access
- all admin index pages
- add content index
- help index/details
Module Code: http://www.drupal.org/project/admin_access
Drupal 7 Development Notice
I have no intention of providing A Drupal 7 version of this module. I am currently looking at alternatives for Drupal 7. Once I chose an option I may provide a migration path for D6 users of node_access. Read more here:
If this module is not what you were looking for, there are several other modules that handle content access. Here are some of them:
- Maintenance status: Unsupported
- Development status: No further development
- Module categories: Administration, Content, Content Access Control, Content Display, Security, User Access & Authentication
- Reported installs: 300 sites currently report using this module. View usage statistics.
- Downloads: 17,291
- Last modified: 2 December 2014
- This project is not covered by the security advisory policy.
Use at your own risk! It may have publicly disclosed vulnerabilities.