Control Who Can View Drupal Nodes: Content Access
Sometimes in Drupal there are many solutions to a problem.
One such problem is controlling who can see which content on your site.
Although Drupal comes with 5 permissions for content, none of them deal with access. Here are the 5 default permissions:
In this list, you can see create, edit and delete but you can’t see view.
There are a lot of solutions to this problem. In this tutorial, we’re going to introduce you to one of them: the Content Access module. We also recommend Taxonomy Access.
What’s the difference between these two modules?
- Content Access works best if your user roles closely match your content types.
- Taxonomy Access Control works best if you have a more complicated permissions system and one that doesn’t closely match your content types.
Access Control for Content Types
- Install Content Access from https://drupal.org/project/content_access
- Enable the module.
- Go Structure > Content Types
- Click Manage fields next to the content type you want to edit.
- You’ll notice a new tab called Access Control at the top of the page. Click that tab.
- You’ll now be able to contol which user roles can view this content:
Access Control for Single Nodes
Content Access can also be more flexible if needed. You can apply permissions to individual nodes.
- Make sure you are on the Manage fields > Access Control page that we saw above.
- Click the “Enable per content node access control settings” box.
- Visit a content item that’s in this content type.
- You’ll see an Access Control tab where you can control the permissions for just this node.
Access Control Customized for Your Needs
You can make Content Access act in much more sophisticated ways by using the Rules module. Content Access is fully integrated with Rules, so you can automatically set permissions for different types of content.
- Install Rules.
- Enable both the Rules and Rules UI modules.
- Enable the Content Access Rules Integrations module.
In the example we’re going to show you, we have a user role called “Writers” . These people will add content to our site, but we don’t want their content to be visible by everyone. We only want it to be visible to people in another user role called “Editors”. Here’s how we can set this up:
- Go to Configuration, then Rules.
- Click “Add new rule”.
- Click Add condition.
- Choose If Users has roles.
- For Data selector, choose node:author.
- For Roles, choose Writers.
- Click Save
- Click Add action.
- Choose Grant Access by role.
- Give the Editors the ability to view the content.
Funny that you should publish this article today — it’s *EXACTLY* what I was playing with earlier today on a new site project!
One tip: When editing access for a single node, the phrase “View any [article] content” is a bit confusing, because it’s easy to think that checking that will grant access to *all* articles. But it’s only for that one node being edited.
Cheers,
–Tom
I read an article about Content Access has performance issue.
@tom Thanks indeed for the tip. I can see how that would be confusing.
@Adrian Do you have a link that article? If I remember right, access modules can lead to some parts of the cache being disabled.
How do I put access control onto webform?
Steve — thanks for this. I’m trying to add a rule so that Anonymous user can view only partial or teaser content. Right now the way I have it is that only authenticated user with a specific role can view the content. If they ARE NOT an authenticated user they can’t view any of the content. I want it so that the Anonymous user can view the first paragraph but nothing more.
Tim