[support] Content Types and Permissions

KOBA | Hans Rossel hans.rossel at koba.be
Mon Jan 12 22:40:56 UTC 2009 

Content access and node privacy by role are ready for d6 and can do it.

 Allthough they are probably overkill if you need to have access set
for only one role on only one content type. As a themer I would just
make a node-private.tpl.php, load the user id of the viewing user and
check if it belongs to the role id and then print $content or else a
message that content may not be viewed.

A small custom module that does the same would of course be even
better. Functionality like this is not supposed to be connected to a
theme.

The other proposal with robots.txt does not seems good to me. Everyone
can access freely robots.txt and get a list of your secret files. Also
google does not always obey.
If you would leave content unpublished and display the unpublished
nodes in the view you could keep them private when limiting the access
to the view to that role only, but its quite limiting as you cannot
link (read more) to the node because it is not published. Im not sure
what would happen if you would use the node id as an argument, maybe
that could work.

Hans

2009/1/12, Steve Kessler <skessler at denverdataman.com>:
> If you want to avoid using a module and the information could be seen if it
> was found by accident you could try using views and permissions. You can
> also edit your robots.txt file to not have Google index those pages. This is
> not a secure method but it avoids using taxonomy access control which is not
> ready for 6.
>
> Hope this idea helps.
>
> Thanks,
> Steve
>
> Steve Kessler
> Denver DataMan
> 303-587-4428
>
>
> -----Original Message-----
> From: Daniel Carrera [mailto:daniel.carrera at theingots.org]
> Sent: Monday, January 12, 2009 1:23 PM
> To: support at drupal.org
> Subject: [support] Content Types and Permissions
>
> Hello,
>
> I made a content type called "private" and I want to make it visible
> only to users with the "staff" role. I was hoping someone could tell me
> how to do that.
>
> I already set the "create" and "edit" permissions, but I cannot find any
> way to change view permissions. Any ideas? I am very hesitant to try the
> taxonomy_access module. I've had problems with it in the past.
>
> Daniel.
> --
> [ Drupal support list | http://lists.drupal.org/ ]
>
> --
> [ Drupal support list | http://lists.drupal.org/ ]
>

-- 
Verzonden vanaf mijn mobiele apparaat

Hans Rossel
KOBA Webdevelopment
Kerkstraat 228
9050 Gent
09-334.52.60
0472-79.32.16
www.koba.be
info at koba.be

More information about the support mailing list