|
1
|
# CONTENTS OF THIS FILE
|
|
2
|
|
|
3
|
* Introduction
|
|
4
|
* Requirements
|
|
5
|
* Recommended modules
|
|
6
|
* Installation
|
|
7
|
* Configuration
|
|
8
|
* Maintainers
|
|
9
|
* Notes
|
|
10
|
|
|
11
|
|
|
12
|
# INTRODUCTION
|
|
13
|
|
|
14
|
The **Content Access** module let you content manage access permission in a flexible and transparant way.
|
|
15
|
|
|
16
|
It provides two new permissions: *view all* (allows anyone to view the
|
|
17
|
content) and *view own* (allows only the content creator to see
|
|
18
|
his/her own content). It also gives access to the existing core
|
|
19
|
permissions *edit* and *delete* on the same settings page.
|
|
20
|
|
|
21
|
It provides the following modalities:
|
|
22
|
|
|
23
|
* Each *content type* can have its own default content access settings by role.
|
|
24
|
* Optionally you can enable role based access control settings per *content node*.
|
|
25
|
* Access control can be further customized per *user* if you have the **ACL** module enabled.
|
|
26
|
|
|
27
|
For more information and reporting, please visit:
|
|
28
|
|
|
29
|
* For a description of the module, visit the [project page][1].
|
|
30
|
* For on-screen documentation, visit the [documentation page][2],
|
|
31
|
or enable [**Advanced Help**][6].
|
|
32
|
* To submit bug reports and feature suggestions, or to track changes
|
|
33
|
visit the project's [issue tracker][3].
|
|
34
|
|
|
35
|
Features:
|
|
36
|
|
|
37
|
* It comes with sensible defaults, so you need not configure anything
|
|
38
|
and everything stays working.
|
|
39
|
* It is as flexible as you want. It can work with per content type
|
|
40
|
settings, per content node settings as well as with flexible Access
|
|
41
|
Control Lists with the help of the **ACL** module
|
|
42
|
([see Note 1](#ACL) at the end).
|
|
43
|
* It reuses existing functionality instead of reimplementing it. So
|
|
44
|
one can install the **ACL** module and set per user access control
|
|
45
|
settings per content node.
|
|
46
|
* It comes with a submodule named **Content Access Rules
|
|
47
|
Interations**. It provides conditions and actions for the **Rules**
|
|
48
|
module, which allows one to configure rule-based access permissions.
|
|
49
|
* It optimizes the written content node grants, so that only the
|
|
50
|
necessary grants are written. This is important for the
|
|
51
|
performance of your site.
|
|
52
|
* The module has a comes with automated testing to ensure everything
|
|
53
|
stays working correctly.
|
|
54
|
* It respects and makes use of Drupal's core permissions. This means
|
|
55
|
that the "Access Control" tab provided by this module takes them
|
|
56
|
into account and provides you a good overview of *all* applied
|
|
57
|
access control settings on a single page (but see [Note 2](#adv) at
|
|
58
|
the end).
|
|
59
|
|
|
60
|
The module is designed to be simple to use, but can be configured to
|
|
61
|
provide really fine-grained content access permissions.
|
|
62
|
|
|
63
|
|
|
64
|
# REQUIREMENTS
|
|
65
|
|
|
66
|
None.
|
|
67
|
|
|
68
|
# RECOMMENDED MODULES
|
|
69
|
|
|
70
|
* [**ACL**][4]:
|
|
71
|
To use Access Control Lists for per user access control.
|
|
72
|
* [**Advanced Help Hint**][7]:
|
|
73
|
Links help text provided by `hook_help` to online help and
|
|
74
|
**Advanced Help**.
|
|
75
|
* [**Advanced Help**][6]:
|
|
76
|
When this module is enabled, the project's `README.md` will be
|
|
77
|
displayed when you visit `help/content_access/README.md`.
|
|
78
|
* [**Markdown**][8]:
|
|
79
|
When this module is enabled, display of the project's `README.md`
|
|
80
|
will be rendered with the markdown filter.
|
|
81
|
* [**Node Export**][N]
|
|
82
|
To export content access rules.
|
|
83
|
* [**Rules**][5]:
|
|
84
|
To configure rule-based access permissions.
|
|
85
|
|
|
86
|
|
|
87
|
# INSTALLATION
|
|
88
|
|
|
89
|
The module is set up to require PHP ver. 5.6 or later. I do not want
|
|
90
|
to keep supporting legacy PHP (at least not for free). If you need a
|
|
91
|
version that runs on something more ancient, you have two options:
|
|
92
|
|
|
93
|
1. Keep useing version 7.x-1.2-beta2. It does not restrict PHP
|
|
94
|
version. It is very old tho', and is no longer recommended, nor is
|
|
95
|
it supported.
|
|
96
|
2. Ask me to create a separate branch of the project for a backport
|
|
97
|
the current supported version to whatever version of PHP you need.
|
|
98
|
Then get someone to support this branch.
|
|
99
|
|
|
100
|
If you go for the backport option: If you're a developer, request to
|
|
101
|
become a co-maintainer of this project and then create and support the
|
|
102
|
backport yourself. If you're not, sponsor someone to do the backport
|
|
103
|
and to support it.
|
|
104
|
|
|
105
|
To install and enable, do the following:
|
|
106
|
|
|
107
|
1. Install as you would normally install a contributed drupal
|
|
108
|
module. See: [Installing modules][9] for further information.
|
|
109
|
2. Enable the **Content Access** module on the *Modules* list
|
|
110
|
page.
|
|
111
|
3. If you want to use access control lists, download, install and
|
|
112
|
configure the **ACL** module.
|
|
113
|
|
|
114
|
|
|
115
|
# CONFIGURATION
|
|
116
|
|
|
117
|
Note that users need at least the permission "View published content"
|
|
118
|
to be able to access published content. Furthermore note that content
|
|
119
|
which is not published is treated in a different way by Drupal: It can
|
|
120
|
be viewed only by its author or users with "Bypass content access
|
|
121
|
control" permission. You can *not* use this project to manage
|
|
122
|
access to unpublished content.
|
|
123
|
|
|
124
|
To inspect and change those permissions, navigate to *Administration »
|
|
125
|
People » Permisions* and scroll down to the "Node" section.
|
|
126
|
|
|
127
|
## Role based access control
|
|
128
|
|
|
129
|
To set up access control for a content type, navigate to
|
|
130
|
*Administration » Structure* and click on "edit" for the content type
|
|
131
|
you want to set up. There will be a new tab named "Access Control"
|
|
132
|
that let you control access.
|
|
133
|
|
|
134
|
To set up role based access control, tick the boxes under "Role based
|
|
135
|
access control settings". Note that only the "View" permissions are
|
|
136
|
new permissions provided by this module. The "Edit" and "Delete"
|
|
137
|
permissions are provided by the Drupal core, and can also be found if
|
|
138
|
you navigate to *Administration » People » Permisions*. They are
|
|
139
|
shown here to provide the full picture of what permission is set for
|
|
140
|
the content type and role. It does not matter where you change these.
|
|
141
|
|
|
142
|
## Per content node access control
|
|
143
|
|
|
144
|
There is a a checkbox to enable per content node access control
|
|
145
|
settings. If enabled, a new tab for the content access settings
|
|
146
|
appears when viewing content.
|
|
147
|
|
|
148
|
To configure permission to access these settings, navigate to
|
|
149
|
*Administration » People » Permisions* and set the "Grant content
|
|
150
|
access" permission for the relevant roles.
|
|
151
|
|
|
152
|
## Advanced access control
|
|
153
|
|
|
154
|
The "Advanced" settings are only relevant if you are running multiple
|
|
155
|
node access modules on a site.
|
|
156
|
|
|
157
|
A Drupal node access module can only grant access to content nodes,
|
|
158
|
but not deny it. So if you are using multiple node access modules,
|
|
159
|
access will be granted to a node as soon as one of the module grants
|
|
160
|
access to it.
|
|
161
|
|
|
162
|
However you can influence the behaviour by changing the priority of
|
|
163
|
the content access module as drupal applies *only* the grants with the
|
|
164
|
highest priority. So if content access has the highest priority
|
|
165
|
*alone*, only its grants will be applied.
|
|
166
|
|
|
167
|
By default node access modules should use priority 0 (zero).
|
|
168
|
|
|
169
|
|
|
170
|
## Using access control lists
|
|
171
|
|
|
172
|
To make use of access control lists you'll need to enable per content
|
|
173
|
node access control settings for the content type. At the access control
|
|
174
|
tab of such a content node you are able to grant view, edit or delete
|
|
175
|
permission for specific users..
|
|
176
|
|
|
177
|
|
|
178
|
# MAINTAINERS
|
|
179
|
|
|
180
|
**Content Access** was created by [fago][10] (Wolfgang Ziegler).
|
|
181
|
It contains a lot of contributions from [good_man][11] (Khaled Al Hourani).
|
|
182
|
The current maintainer is [gisle][12] (Gisle Hannemyr).
|
|
183
|
|
|
184
|
Development and maintenance is sponsored by [Hannemyr Nye Medier AS][13].
|
|
185
|
|
|
186
|
Any help with development (patches, reviews, comments) are welcome.
|
|
187
|
|
|
188
|
# NOTES
|
|
189
|
|
|
190
|
**Note 1**<a id="ACL"></a>: ACL integration is not yet working right.
|
|
191
|
|
|
192
|
**Note 2**<a id="adv"></a>: Note that this overview can't take other
|
|
193
|
modules into account, which might also alter node access. If you have
|
|
194
|
multiple modules installed that alter node access, read the paragraph
|
|
195
|
about "Advanced access control".
|
|
196
|
|
|
197
|
|
|
198
|
[1]: https://drupal.org/project/content_access
|
|
199
|
[2]: https://drupal.org/node/1194974
|
|
200
|
[3]: https://drupal.org/project/issues/content_access
|
|
201
|
[4]: https://www.drupal.org/project/acl
|
|
202
|
[5]: https://www.drupal.org/project/rules
|
|
203
|
[6]: https://www.drupal.org/project/advanced_help
|
|
204
|
[7]: https://www.drupal.org/project/advanced_help_hint
|
|
205
|
[8]: https://www.drupal.org/project/markdown
|
|
206
|
[N]: https://www.drupal.org/project/node_export
|
|
207
|
[9]: https://www.drupal.org/docs/7/extend/installing-modules
|
|
208
|
[10]: https://www.drupal.org/u/fago
|
|
209
|
[11]: https://www.drupal.org/u/good_man
|
|
210
|
[12]: https://www.drupal.org/u/gisle
|
|
211
|
[13]: https://hannemyr.no
|
