|
1
|
<h2>Introduction</h2>
|
|
2
|
|
|
3
|
<p>This section contains notes about how to
|
|
4
|
integrate with <strong>Rules</strong>.</p>
|
|
5
|
|
|
6
|
<p><strong>Note</strong>: This only work on individual nodes. The
|
|
7
|
rules for access control that you set up will not be
|
|
8
|
executed <em>unless</em> you have enabled per content node access
|
|
9
|
control settings.</p>
|
|
10
|
|
|
11
|
<h2>Rules integrations example</h2>
|
|
12
|
|
|
13
|
<p>In this example, there will be two user roles: “writer” and
|
|
14
|
“editor”. There will also be two users: A writer named “Bob” and an
|
|
15
|
editor named “Ben”. There will also be a third user named “Alice”
|
|
16
|
that will not belong to any of there roles. We shall set up a workflow
|
|
17
|
where “Bob” creates content, and when that content is saved, only
|
|
18
|
users with the “editor” user role (e.g. “Ben”) will be allowed to see
|
|
19
|
it.</p>
|
|
20
|
|
|
21
|
<p>Set up:</p>
|
|
22
|
|
|
23
|
<ul>
|
|
24
|
<li>Ensure <strong>Content Access</strong> is enabled (if you can read this in the browser, it is).</li>
|
|
25
|
<li>Enable both the <strong>Rules</strong> and <strong>Rules UI</strong> modules.</li>
|
|
26
|
<li>Enable the <strong>Content Access Rules Integrations</strong> module.</li>
|
|
27
|
<li>Create the roles: “writer” and “editor” and the users “Bob”, “Ben” and “Alice”. Assign roles.</li>
|
|
28
|
<li>Set up default role based access control settings. Give the “anonymous user” role and the “authenticated user” role access to “View any article content” and “View own article content”.</li>
|
|
29
|
<li>Check “Enable per content node access control settings”. You find this checkbox under the “Access Control” tab located on the settings page for the content type.</li>
|
|
30
|
</ul>
|
|
31
|
|
|
32
|
<p>Create the rules:</p>
|
|
33
|
|
|
34
|
<ul>
|
|
35
|
<li>Navigate to <span class="nav">Configuration » Workflow » Rules<span>.</li>
|
|
36
|
<li>Click “Add new rule”.</li>
|
|
37
|
<li>Name the rule “editor oversight”.</li>
|
|
38
|
<li>Leave the field “Tags” empty.</li>
|
|
39
|
<li>In the pulldown menu for “React on event”, select “After saving new contents”.</li>
|
|
40
|
<li>Leave “Restrict by type” set to “- None -”.</li>
|
|
41
|
<li>Click “Save”.</li>
|
|
42
|
</ul>
|
|
43
|
|
|
44
|
<div class="help-imgpos-center" style="max-width:620px">
|
|
45
|
<img class="help-img" alt="ahelp_tab.png" title="New rule: Editor oversight" src="&path&rules01.png" width="620" />
|
|
46
|
<div class="help-img-caption" style="max-width:620px">Adding a new rule</div>
|
|
47
|
</div>
|
|
48
|
|
|
49
|
<p>This sets up a new rule named “editor oversight” that triggers when
|
|
50
|
a new node is saved.</p>
|
|
51
|
|
|
52
|
|
|
53
|
<ul>
|
|
54
|
<li>Under “Conditions”, click “Add condition”,</li>
|
|
55
|
<li>From the pulldown menu “Select <em>condition</em> to add”, select “User has role(s)”.</li>
|
|
56
|
<li>After making the selection, you automatically continue to a new page to set up a data selector.</li>
|
|
57
|
<li>For the “Data selector” field, choose “node:author”.</li>
|
|
58
|
<li>Under “Roles”, for “Value”, select “writer”.</li>
|
|
59
|
<li>Click “Save”.</li>
|
|
60
|
</ul>
|
|
61
|
|
|
62
|
<p>This sets up a contition for following the rule. The rule is only
|
|
63
|
followed when the user with the role “writer” triggers an event that
|
|
64
|
matches “After saving new contents”.</p>
|
|
65
|
|
|
66
|
<p>The final step adds an action that happens when the rule is
|
|
67
|
triggered and the conditions are met.</p>
|
|
68
|
|
|
69
|
<ul>
|
|
70
|
<li>Under “Actions”, click “Add action”,</li>
|
|
71
|
<li>From the pulldown menu “Select <em>action</em> to add”, select “Grant Access by role”.</li>
|
|
72
|
<li>After making the selection, you automatically continue to a new page to set up role based access settings.</li>
|
|
73
|
<li>Look under “Role-based access control settings”. Give the “editor” the right to “View any content” “View own content”. Checking a box grants the access.</li>
|
|
74
|
<li>Under “Actions”, again click “Add action”,</li>
|
|
75
|
<li>From the pulldown menu “Select <em>action</em> to add”, select “Revoke Access by role”.</li>
|
|
76
|
<li>After making the selection, you automatically continue to a new page to set up role based access settings.</li>
|
|
77
|
<li>Look under “Role-based access control settings”. Revoke “View any content” “View own content” for the “anonymous user” role and the the “authenticated user” role. Checking a box revokes the access.</li>
|
|
78
|
<li>Click “Save”.</li>
|
|
79
|
</ul>
|
|
80
|
|
|
81
|
<p>Verify that it works:</p>
|
|
82
|
|
|
83
|
<ul>
|
|
84
|
<li>Create an artcle as “Alice” (no special role). Verify that is viewable by everyone.</li>
|
|
85
|
<li>Create an artcle as “Bob” (the writer). Verify that is viewable by “Ben” (the editor), but not by “Alice”.</li>
|
|
86
|
</ul>
|
|
87
|
|
