[drupal-devel] [feature] Extend access control options

Boris Mann drupal-devel at drupal.org
Fri Sep 9 06:32:56 UTC 2005 

Issue status update for 
http://drupal.org/node/30711
Post a follow up: 
http://drupal.org/project/comments/add/30711

 Project:      Drupal
 Version:      4.6.3
 Component:    node.module
 Category:     feature requests
 Priority:     normal
 Assigned to:  timcn
 Reported by:  timcn
 Updated by:   Boris Mann
 Status:       patch (code needs review)

OK, installed and tested.


To be clear, "admin nodes" permission is required to access any of the
extended functionality. Admin nodes will allow editing of any node, as
well as changing author and date, as well as any other features that
modules insert.


Enabling additional permissions makes those add-on functions of sticky
etc. available.


This makes sense (and it all works), yet at the same time it seems that
being able to edit the full content of a node is the most powerful
access. Would there be a way to enable only Admin > Content -- e.g.
"make sticky" or anything else allows access to Admin > Content --  but
does NOT allow editing of nodes?


I like the direction of this, and really, any toggle-able setting
should potentially have a separate permission, but at the same time, it
seems a bit funky. Comments?




Boris Mann



Previous comments:
------------------------------------------------------------------------

Thu, 08 Sep 2005 17:58:06 +0000 : timcn

Attachment: http://drupal.org/files/issues/node_33.patch (8.24 KB)

Unfortunately you can only give a role permission to "access content"
and/or "administer nodes". But often, this does not suffice. You want
editors to be able to browse the nodes in the "content" section and for
example allow them to make a node sticky. But you don't want them to
delete a node or change it's visibility.


My patch offers the following permissions:



* access content
* administer nodes
* change revision setting
* delete nodes
* make nodes sticky
* moderate nodes
* promote nodes

It does also really check if the user is allowed to perform a certain
action and deny it if that is not the case. It does also hide the
specified checkboxes and options from the dropdown box.


The patch is for 4.6.3 but should also work with HEAD.




------------------------------------------------------------------------

Thu, 08 Sep 2005 18:27:04 +0000 : Boris Mann

+1 for concept. Will test and follow-up.


The revision permission will need to be merged with the revision patch.




------------------------------------------------------------------------

Thu, 08 Sep 2005 18:51:51 +0000 : kbahey

+1 on the concept too.




------------------------------------------------------------------------

Thu, 08 Sep 2005 18:58:13 +0000 : timcn

Yes, some changes to the revision permission are necessary. I just saw
that it has been reworked in cvs,

More information about the drupal-devel mailing list