Hellos,
New to drupal. I have created a custom cck form, where information is filled by different users on the same form
User 1(with role 1) fills cck field A, B C, then user 2(with role2) fills in cck fields D and E. I have set permissions for the different roles where under the "content_permissions module" to allow users onl to fill fields that they have permissions to fill. User 1 works well and creates the node and fills only their fields.
When user 2 accesses the same node, they get "permission denied error". I solved this by enabling "administer nodes" under the "node module" permissions.
The problem I am facing is with this enabled, user 2 can edit user 1 fields. How can I stop this?
Thanks
You might be able to uncheck the "administer nodes" permission and ensure that the "edit any <content type>" permission is checked for role2. This would probably circumvent the permission denied error, although I'm not entirely certain as it is a bit of an edge case.
If all else fails, you could use form_alter to hide and unhide the appropriate fields based on the user role. This would require creating a module and implementing hook_form_alter ( http://api.drupal.org/api/function/hook_form_alter/6). The list could help step you through how to do that.
Best, William
On Wed, Apr 14, 2010 at 2:09 PM, Mutuku Ndeti jnmutuku@gmail.com wrote:
Hellos,
New to drupal. I have created a custom cck form, where information is filled by different users on the same form
User 1(with role 1) fills cck field A, B C, then user 2(with role2) fills in cck fields D and E. I have set permissions for the different roles where under the "content_permissions module" to allow users onl to fill fields that they have permissions to fill. User 1 works well and creates the node and fills only their fields.
When user 2 accesses the same node, they get "permission denied error". I solved this by enabling "administer nodes" under the "node module" permissions.
The problem I am facing is with this enabled, user 2 can edit user 1 fields. How can I stop this?
Thanks
-- [ Drupal support list | http://lists.drupal.org/ ]
Thanks William,
Checking "edit any <contenttype>" and unchecking "administer nodes".
I cant hide any of the fields because user 2 fills in their fields based on user 1 input. It's a manual grading system user 3 grades the node is given numerical points(between 1 to 40), based on the content of the node(submitted by user 1)
you can set some fields to be edited, and others to be only viewed, based on role. i think this should resolve the situation for you.
Mutuku Ndeti wrote:
Thanks William,
Checking "edit any <contenttype>" and unchecking "administer nodes".
I cant hide any of the fields because user 2 fills in their fields based on user 1 input. It's a manual grading system user 3 grades the node is given numerical points(between 1 to 40), based on the content of the node(submitted by user 1)
@Sebastian...did exactly that
1. under "content_permissions module" in the user permissions. But when users tried to access the node created so as to edit some fields, they got "permission denied error".
2. I solved this by checking "administer nodes" under node module" permissions.
This seems to have "overwiritten" the settings under no 1 above and now users can edit anything they want.
Mutuku,
It is 100% possible to do what you want, your errors can only be due to misconfiguration.
If you get a denied message, then it means that you need to ensure that they can edit that content type.
If you make a field viewable, but not editable, it will then not appear as part of the edit form.
You don't need to give someone super admin rights to edit any node, just the rights to edit that specific node.
If you are missing links for that person to reach the node's edit form, then this is a separate problem, resolved by adding node edit links to the node.tpl.php and/or to the view [Node:edit node link]
Mutuku Ndeti wrote:
@Sebastian...did exactly that
- under "content_permissions module" in the user permissions. But when
users tried to access the node created so as to edit some fields, they got "permission denied error".
- I solved this by checking "administer nodes" under node module"
permissions.
This seems to have "overwiritten" the settings under no 1 above and now users can edit anything they want.
I found the source of the problem. I did not know that users cannot access "unpublished" nodes without having "administer nodes" permission. I published the node and it's working now.
-
Mutuku Ndeti -
sebastian -
William Smith