Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.This project is not covered by Drupal’s security advisory policy.
Prevent access to OG private posts except to privileged users and OG group members.
This module serves to ensure that OG private posts remain private to the Organic Group(s) to which they're posted, regardless of which other modules may be trying to grant access.
Rationale
Under most circumstances and for most simple Drupal installations, Organic Groups will do a fine job of ensuring that group posts marked "private" will only be accessible by group members. It does this by simply refusing to grant access to those nodes.
However, it is possible for other modules to grant other users with access to those nodes. For example, Workflow module may be configured to grant view, edit, and/or delete access to certain roles, for nodes in a certain workflow state. This grant will be enough to allow non-group-members in those roles to access the nodes.
Functionality
This module adds an additional check to the node access system, so that group posts marked "private" will be inaccessible (for view, edit, and delete operations) to anyone who is not a group member, even if other modules grant such access.
This limitation can be lifted for specific roles, operations, or content types, using the provided permissions.
This module requires Node Access Fixer.
Project information
Minimally maintained
Maintainers monitor issues, but fast responses are not guaranteed.- Maintenance fixes only
Considered feature-complete by its maintainers. - Module categories: Access Control
- Created by TwoMice on , updated
This project is not covered by the security advisory policy.
Use at your own risk! It may have publicly disclosed vulnerabilities.
