Start a FREE 7 day trial! Get training videos and books, plus expert support:  

Drupal Tutorials and How-to Support Articles

Control Who Can View Drupal Nodes: Content Access

Sometimes in Drupal there are many solutions to a problem.

One such problem is controlling who can see which content on your site.

Although Drupal comes with 5 permissions for content, none of them deal with access. Here are the 5 default permissions:

media_1355779199660.png

In this list, you can see create, edit and delete but you can't see view.

There are a lot of solutions to this problem. In this tutorial, we're going to introduce you to one of them: the Content Access module. This week we've always recommended Taxonomy Access.

What's the difference between these two modules?

  • Content Access works best if your user roles closely match your content types.
  • Taxonomy Access Control works best if you have a more complicated permissions system and one that doesn't closely match your content types.

Access Control for Content Types

  • Install Content Access from https://drupal.org/project/content_access
  • Enable the module.
  • Go Structure > Content Types
  • Click Manage fields next to the content type you want to edit.
  • You'll notice a new tab called Access Control at the top of the page. Click that tab.
media_1355780003650.png
  • You'll now be able to contol which user roles can view this content:
media_1355780152910.png

Access Control for Single Nodes

Content Access can also be more flexible if needed. You can apply permissions to individual nodes.

  • Make sure you are on the Manage fields > Access Control page that we saw above.
  • Click the "Enable per content node access control settings" box.
  • Visit a content item that's in this content type.
  • You'll see an Access Control tab where you can control the permissions for just this node.
media_1355780250508.png

 

Access Control Customized for Your Needs

You can make Content Access act in much more sophisticated ways by using the Rules module. Content Access is fully integrated with Rules, so you can automatically set permissions for different types of content.

  • Install Rules.
  • Enable both the Rules and Rules UI modules.
  • Enable the Content Access Rules Integrations module.

In the example we're going to show you, we have a user role called "Writers" . These people will add content to our site, but we don't want their content to be visible by everyone. We only want it to be visible to people in another user role called "Editors". Here's how we can set this up:

  • Go to Configuration, then Rules.
  • Click "Add new rule".
media_1355782679121.png
  • Click Add condition.
  • Choose If Users has roles.
  • For Data selector, choose node:author.
  • For Roles, choose Writers.
  • Click Save
media_1355782789281.png
  • Click Add action.
  • Choose Grant Access by role.
  • Give the Editors the ability to view the content.
media_1355783035437.png

 

 

Start a FREE 7 day trial! Get training videos and books, plus expert support:  

License

All of our tutorials are published under the Creative Commons Attribution-NonCommercial license. This means:
  • You can re-use these tutorials.
  • You can modify these tutorials.
  • You must link back to our original tutorial.
  • You can't use these tutorials commercially.
Click here to read the full license.