Hello
I am using filefield, to attach files to a certain type of node, in D6.
I would like anonymous users to be able to view the nodes, but only authenticated users to be able to download the attached files.
How might I go about this?
I am using views and finders to search and organize content.
Thanks
Luke
Luke,
Enable the Content Permissions module (part of CCK). Then go to permissions, and you'll be able to define permissions for every field individually. As a caution with this though, you'll have to set permissions every time you add a new field, or users won't be able to view your content.
Michelle
On 2/11/2011 2:48 PM, Luke wrote:
Hello
I am using filefield, to attach files to a certain type of node, in D6.
I would like anonymous users to be able to view the nodes, but only authenticated users to be able to download the attached files.
How might I go about this?
I am using views and finders to search and organize content.
Thanks
Luke
2011/2/11 Michelle Ziegmann michelle@media.berkeley.edu
Luke,
Enable the Content Permissions module (part of CCK). Then go to permissions, and you'll be able to define permissions for every field individually. As a caution with this though, you'll have to set permissions every time you add a new field, or users won't be able to view your content.
With this, any visitor could download the file if he knows the url. Use the private/public options of File-system under admin/settings
-- Aries
On Fri, 11 Feb 2011, Fehér János wrote:
With this, any visitor could download the file if he knows the url. Use the private/public options of File-system under admin/settings
I realized after I sent the original message, that I should have noted that I was using private file access.
Thanks
Luke
[Originally under: Access nodes but not files?]
On Fri, 11 Feb 2011, Michelle Ziegmann wrote:
Enable the Content Permissions module (part of CCK). Then go to permissions, and you'll be able to define permissions for every field individually. As a caution with this though, you'll have to set permissions every time you add a new field, or users won't be able to view your content.
Thanks, but I actually left out some information, as I noticed when verifying that in fact I had already done what you suggest.
I need to have some files accessible by anonymous users. The scenario is this:
Anonymous users can see all nodes [of type X]. Anonymous users can download some files [attached to nodes of X]. Authenticated users can see all nodes [of type X]. Authenticated users can download all files [attached to X nodes].
I had hoped to avoid views for this, but it looks like that may not be possible.
I have to use the same content type for both, so that content accessibility can be altered.
I can use taxonomy to flag some content as publicly downloadable, and some as privately downloadable, and then structure a view to make the file field available only if public download is flagged in taxonomy for that node. I guess I could also use a CCK checkbox for this.
I suppose what that means, is that I must prevent all access to that content type, and make it accessible only via a view.
Does that sound like the most logical way to get this done?
Thanks
Luke
Luke,
If for a particular node, you want to say that anon users can or can't access all of the files attached to that node, then Taxonomy Access Control should handle this (http://drupal.org/project/taxonomy_access).
If instead, on a particular node you want anonymous users to access some of the attached files but not others, then I would suggest creating 2 different file fields - one for publicly-accessible files and one for private files. Then just set content permissions for each field separately in the permissions table.
Michelle
On 2/15/2011 5:34 AM, Luke wrote:
[Originally under: Access nodes but not files?]
On Fri, 11 Feb 2011, Michelle Ziegmann wrote:
Enable the Content Permissions module (part of CCK). Then go to permissions, and you'll be able to define permissions for every field individually. As a caution with this though, you'll have to set permissions every time you add a new field, or users won't be able to view your content.
Thanks, but I actually left out some information, as I noticed when verifying that in fact I had already done what you suggest.
I need to have some files accessible by anonymous users. The scenario is this:
Anonymous users can see all nodes [of type X]. Anonymous users can download some files [attached to nodes of X]. Authenticated users can see all nodes [of type X]. Authenticated users can download all files [attached to X nodes].
I had hoped to avoid views for this, but it looks like that may not be possible.
I have to use the same content type for both, so that content accessibility can be altered.
I can use taxonomy to flag some content as publicly downloadable, and some as privately downloadable, and then structure a view to make the file field available only if public download is flagged in taxonomy for that node. I guess I could also use a CCK checkbox for this.
I suppose what that means, is that I must prevent all access to that content type, and make it accessible only via a view.
Does that sound like the most logical way to get this done?
Thanks
Luke
On Tue, 15 Feb 2011, Michelle Ziegmann wrote:
[relates to D6]
If for a particular node, you want to say that anon users can or can't access all of the files attached to that node, then Taxonomy Access Control should handle this (http://drupal.org/project/taxonomy_access).
Should it? I have looked at that and tac_lite, but they seem concerned with managing access to nodes (in fact I have used tac_lite for this previously), not specific CCK fields (filefields in this case).
The user should see the node, but if he wants the attached file, he needs to log in or register.
In other words: I need exactly what taxonomy_access would do, but at the individual field level, not the node level.
Am I missing a capability of taxonomy_access? My only knowledge of it comes from its d.o description.
Thanks
Luke
Sorry, you're right, TAC will only control access to the whole node. I retract that suggestion.
Michelle
On 2/15/2011 12:04 PM, Luke wrote:
On Tue, 15 Feb 2011, Michelle Ziegmann wrote:
[relates to D6]
If for a particular node, you want to say that anon users can or can't access all of the files attached to that node, then Taxonomy Access Control should handle this (http://drupal.org/project/taxonomy_access).
Should it? I have looked at that and tac_lite, but they seem concerned with managing access to nodes (in fact I have used tac_lite for this previously), not specific CCK fields (filefields in this case).
The user should see the node, but if he wants the attached file, he needs to log in or register.
In other words: I need exactly what taxonomy_access would do, but at the individual field level, not the node level.
Am I missing a capability of taxonomy_access? My only knowledge of it comes from its d.o description.
Thanks
Luke
You can do field level access with the submodule of cck: content_permissions (or the variant field_permissions). This will block access for certain fields for the specified roles.
If its a file field you need to add a line to your .htaccess to be sure that the file itself is not accessible http://drupal.org/node/540754
http://drupal.org/node/540754Hans www.koba.be
2011/2/15 Luke drupal@lists.tacticus.com
On Tue, 15 Feb 2011, Michelle Ziegmann wrote:
[relates to D6]
If for a particular node, you want to say that anon users can or can't access all of the files attached to that node, then Taxonomy Access Control should handle this (http://drupal.org/project/taxonomy_access).
Should it? I have looked at that and tac_lite, but they seem concerned with managing access to nodes (in fact I have used tac_lite for this previously), not specific CCK fields (filefields in this case).
The user should see the node, but if he wants the attached file, he needs to log in or register.
In other words: I need exactly what taxonomy_access would do, but at the individual field level, not the node level.
Am I missing a capability of taxonomy_access? My only knowledge of it comes from its d.o description.
Thanks
Luke
-- [ Drupal support list | http://lists.drupal.org/ ]
Luke,
Don't miss Michelle's second recommendation here: create two file fields.
Ted
On 2/15/2011 12:59 PM, Michelle Ziegmann wrote:
Luke,
If for a particular node, you want to say that anon users can or can't access all of the files attached to that node, then Taxonomy Access Control should handle this (http://drupal.org/project/taxonomy_access).
If instead, on a particular node you want anonymous users to access some of the attached files but not others, then I would suggest creating 2 different file fields - one for publicly-accessible files and one for private files. Then just set content permissions for each field separately in the permissions table.
Michelle
On 2/15/2011 5:34 AM, Luke wrote:
[Originally under: Access nodes but not files?]
On Fri, 11 Feb 2011, Michelle Ziegmann wrote:
Enable the Content Permissions module (part of CCK). Then go to permissions, and you'll be able to define permissions for every field individually. As a caution with this though, you'll have to set permissions every time you add a new field, or users won't be able to view your content.
Thanks, but I actually left out some information, as I noticed when verifying that in fact I had already done what you suggest.
I need to have some files accessible by anonymous users. The scenario is this:
Anonymous users can see all nodes [of type X]. Anonymous users can download some files [attached to nodes of X]. Authenticated users can see all nodes [of type X]. Authenticated users can download all files [attached to X nodes].
I had hoped to avoid views for this, but it looks like that may not be possible.
I have to use the same content type for both, so that content accessibility can be altered.
I can use taxonomy to flag some content as publicly downloadable, and some as privately downloadable, and then structure a view to make the file field available only if public download is flagged in taxonomy for that node. I guess I could also use a CCK checkbox for this.
I suppose what that means, is that I must prevent all access to that content type, and make it accessible only via a view.
Does that sound like the most logical way to get this done?
Thanks
Luke
On Tue, 15 Feb 2011, Ted wrote:
Don't miss Michelle's second recommendation here: create two file fields.
The only problem with that, is the inability to change the status of a file later.
A secondary problem is that there are already several file fields per node [potentially; the organization has just requested that new twist today], so I would have to duplicate each of them, and at that point it would be easier to just use two identical content types divided by access rights.
I think I'm going to have to do this with several views. One for looking at an individual node, and others for various kinds of searching. Not sure what I'll have to do for editing nodes in that setup.
Luke
OK, then, assuming that access to the files are all or none on a given node, you might be able to get away with creating just 1 view as a "Node Content" display using the Views Attach module (http://drupal.org/project/views_attach). You might have to create 2 "node content" displays within the view - one with access for anonymous users only, one with access for authenticated users only, and set the filters accordingly using whatever field/term you use to set file access for the node.
Michelle
On 2/15/2011 2:07 PM, Luke wrote:
On Tue, 15 Feb 2011, Ted wrote:
Don't miss Michelle's second recommendation here: create two file fields.
The only problem with that, is the inability to change the status of a file later.
A secondary problem is that there are already several file fields per node [potentially; the organization has just requested that new twist today], so I would have to duplicate each of them, and at that point it would be easier to just use two identical content types divided by access rights.
I think I'm going to have to do this with several views. One for looking at an individual node, and others for various kinds of searching. Not sure what I'll have to do for editing nodes in that setup.
Luke
I know this is a late reply, but just came across this module and recalled our conversation. I hope it still may be useful for you.
http://drupal.org/project/private_upload
Michelle
On 2/15/2011 4:07 PM, Luke wrote:
On Tue, 15 Feb 2011, Ted wrote:
Don't miss Michelle's second recommendation here: create two file fields.
The only problem with that, is the inability to change the status of a file later.
A secondary problem is that there are already several file fields per node [potentially; the organization has just requested that new twist today], so I would have to duplicate each of them, and at that point it would be easier to just use two identical content types divided by access rights.
I think I'm going to have to do this with several views. One for looking at an individual node, and others for various kinds of searching. Not sure what I'll have to do for editing nodes in that setup.
Luke