Control Who Can View Drupal Nodes: Content Access


Sometimes in Drupal there are many solutions to a problem.

One such problem is controlling who can see which content on your site.

Although Drupal comes with 5 permissions for content, none of them deal with access. Here are the 5 default permissions:


In this list, you can see create, edit and delete but you can’t see view.

There are a lot of solutions to this problem. In this tutorial, we’re going to introduce you to one of them: the Content Access module. We also recommend Taxonomy Access.

What’s the difference between these two modules?

  • Content Access works best if your user roles closely match your content types.
  • Taxonomy Access Control works best if you have a more complicated permissions system and one that doesn’t closely match your content types.

Access Control for Content Types

  • Install Content Access from
  • Enable the module.
  • Go Structure > Content Types
  • Click Manage fields next to the content type you want to edit.
  • You’ll notice a new tab called Access Control at the top of the page. Click that tab.

  • You’ll now be able to contol which user roles can view this content:


Access Control for Single Nodes

Content Access can also be more flexible if needed. You can apply permissions to individual nodes.

  • Make sure you are on the Manage fields > Access Control page that we saw above.
  • Click the “Enable per content node access control settings” box.
  • Visit a content item that’s in this content type.
  • You’ll see an Access Control tab where you can control the permissions for just this node.



Access Control Customized for Your Needs

You can make Content Access act in much more sophisticated ways by using the Rules module. Content Access is fully integrated with Rules, so you can automatically set permissions for different types of content.

  • Install Rules.
  • Enable both the Rules and Rules UI modules.
  • Enable the Content Access Rules Integrations module.

In the example we’re going to show you, we have a user role called “Writers” . These people will add content to our site, but we don’t want their content to be visible by everyone. We only want it to be visible to people in another user role called “Editors”. Here’s how we can set this up:

  • Go to Configuration, then Rules.
  • Click “Add new rule”.

  • Click Add condition.
  • Choose If Users has roles.
  • For Data selector, choose node:author.
  • For Roles, choose Writers.
  • Click Save

  • Click Add action.
  • Choose Grant Access by role.
  • Give the Editors the ability to view the content.




  • Steve Burge

    Steve is the founder of OSTraining. Originally from the UK, he now lives in Sarasota in the USA. Steve's work straddles the line between teaching and web development.

0 0 votes
Article Rating
Notify of

Newest Most Voted
Inline Feedbacks
View all comments
Tom Geller
Tom Geller
11 years ago

Funny that you should publish this article today — it’s *EXACTLY* what I was playing with earlier today on a new site project!

One tip: When editing access for a single node, the phrase “View any [article] content” is a bit confusing, because it’s easy to think that checking that will grant access to *all* articles. But it’s only for that one node being edited.



Adrian Mak
Adrian Mak
11 years ago

I read an article about Content Access has performance issue.

Lisa Marie Stedman-Falls
Lisa Marie Stedman-Falls
8 years ago

How do I put access control onto webform?

6 years ago

Steve — thanks for this. I’m trying to add a rule so that Anonymous user can view only partial or teaser content. Right now the way I have it is that only authenticated user with a specific role can view the content. If they ARE NOT an authenticated user they can’t view any of the content. I want it so that the Anonymous user can view the first paragraph but nothing more.


Would love your thoughts, please comment.x