Add functionality and customize your Drupal application with thousands of projects contributed by our amazing community.
A module is code that extends Drupal's by altering existing functionality or adding new features. You can use modules contributed by others or create your own. Learn more about creating and using Drupal modules.
This module uses Queue to rebuild node access in a non-disruptive
manner. This module depends on drupal_queue.
This module extends the content access module to put the view (any/own) [TYPE] to the drupal permissions form.
Description
Module provide an additional functional for content managers:
1) Manager role
2) Manager menu with ability use this menu in "admin menu style"
3) Hide unnecessary fields on node add/edit forms.
4) Show add "content type" button on selected node type / view pages. (Contextual links style)
Requirements
Drupal 7.x
Installation
1. Copy the entire pager_for_content_type directory
the Drupal sites/all/modules directory.
2. Login as an administrator. Enable the module
in the "Administer" -> "Modules"
Settings
1. Go to "Configuration" -> "Manager Access"
2. "Manager access fields" - set checkboxes for fields and for roles. Selected fields will not show on add/edit form for user which have selected role.
3. "Manager links settings" - set checkboxes for content types and for views. On selected views and content types will be added additional contextual links for manager.
4. Go to "People" -> "Permissions" and select roles for "Use manager links" and "Access top manager menu"
5. Go to "People" and add manager role to your user
This project has been sponsored by:
Volcanoideas Drupal consulting and development.
This modules builds on the Node authorize link project. It provides view, edit and delete links for nodes.
The Domain Field Access module is an add on module for Domain Access allowing you to restrict access to Fields based on the domain.
For example, you can have a field on domains A and B but not C.
Node Gallery Access is a module that adds access control to Node Gallery.
The user will be restricted from premium content. The content will be unlocked with the presence of page specific cookies and/or a master (Profile complete) cookie.
At first sight, you may think it's just another fork of already available module on drupal.org like taxonomy_access or tac_lite. First one is a taxonomy control access based on roles, second one is a taxonomy control access based on users. But both of those modules miss the - according to me essential - inheritance notion :
if you have access to one term, you don't automatically have access to the children nodes. My module does take care about inheritance and this way permit a powerfull user access control.
This module provides a way to let clients manage settings you define without affecting the configuration of the site (ie, as 'Content'). It provides an interface for admin to set up whatever settings they would like, add fields to them, and deploy them to a production site. Deployed settings can be filled in and edited by whoever is granted permission.
WARNING: This is an experimental module, NOT READY to be used in production. This exists as a proof-of-concept only. Use it at your own risk.
This module controls node access based on taxonomy term fields. When the nodes taxonomy terms and the user taxonomy terms match, the user is awarded certain permissions.
Features
- Matching taxonomy terms are checked based on Field instances added to both the node and user.
- Access is managed separately for each node type.
- When the user does not have matching terms this module does nothing, leaving the access check up to Drupal core permission settings or any another content access module you might be using.
- Multiple fields can be used together to determine valid access. Furthermore, specific fields can be given priority over others.
What is this?
Rabbit Hole is a module that adds the ability to control what should happen when an entity is being viewed at its own page.
Perhaps you have a content type that never should be displayed on its own page, like an image content type that's displayed in a carousel. Rabbit Hole can prevent this node from being accessible on its own page, through node/xxx.
Options
This works by providing multiple options to control what should happen when the entity is being viewed at its own page. You have the ability to
- Deliver an access denied page.
- Deliver a page not found page.
- Issue a page redirect to any path or external url.
- Or simply display the entity (regular behavior).
This is configurable per bundle and per entity. There is also a permission that lets certain roles override Rabbit Hole completely.
It's possible to evaluate PHP for the redirect path. This makes it possible to execute different redirects based on whatever logics you need. Perhaps you want a user to be able to view nodes that he has created, but no one else's. The PHP evaluation is limited to users with the appropriate permission, so there's no unnecessary security breach.
Supported entities
This module provide single sign-on capability for your Drupal site by implementing the
Overview
Node Access Relation allows content access permissions to be set for users on content referenced via a relation.
You need Node Access Relation if...
- You use or plan on using the Relation module and want to grant users access to view/edit/delete content based on their relations.
- You find Drupal roles too broad but per-node access controls too much to manage
Dependencies
Usage
- Enable the relation and node_access_relation modules.
- Create a new Relation Type.
- Check 'Directional Relation' to set access controls.
- Set the Source Bundle as a user and the Target Bundle as a node type.
- Set the node access permissions for the target node bundle as desired and save the relation type.
- Source users or users with access to the source node type should now have access to target node bundles based on the node access permissions.
- Additional linked relations where the target node bundle used above is the source can now be created with permissions inherited through node_access_relation.
-- SUMMARY --
This module provides control on site pages access
-- REQUIREMENTS --
Nested checkboxes
jQuery Update
Libraries API
-- INSTALLATION --
The LoginToboggan module offers several modifications of the Drupal login system in an external module by offering the following features and usability improvements:
As of Drupal 10.1.x-dev, this module is no longer needed and the "Block Content" core module's permissions can be used instead. See migration notes below.
The RealName module allows the administrator to choose fields from the user profile that will be used to add a "real name" element (method) to a user object. Hook_user is used to automatically add this to any user object that is loaded. It will also optionally set all nodes and comments to show this name.
This module allows the admin account (user 1) to add fields, filters and sorts to views which use PHP code. It also supports additional accounts when the core PHP Filter module is enabled.
Provides a listing of all node grants in a simple easy to scan table.
What Is Username Enumeration Prevention
By default Drupal is very secure (especially Drupal 7). However, there is a way to exploit the system by using a technique called username enumeration. Both Drupal 6 and 7 have this issue, but it is much worse for people using Drupal 6. This is because Drupal 6 does not have any built in brute force prevention. When an attacker knows a username they can start a brute force attack to gain access with that user. To help prevent this, it is best if usernames on the system are not easy to find out.
Attackers can easily find usernames that exist by using the forgot password form and a technique called “username enumeration”. The attacker can enter a username that does not exist and they will get a response from Drupal saying so. All the attacker needs to do is keep trying usernames on this form until they find a valid user.
This module will stop this from happening. When the module is enabled, the error message will be replaced for the same message as a valid user and they will be redirected back to the login form. If the user does not exist, no password reset email will be sent, but the attacker will not know this is the case.
Pages