Control User Access to Restricted Pages in Drupal 8 with Rabbit Hole
Sometimes, you would want to restrict access to certain pages on your site to users who do not have a specific role. You would want users to upgrade to a paid plan. Or you would just want to collect some more information from them.
The Rabbit Hole module controls what should happen when a user clicks the link to the entity or enters a URL in the address bar. It redirects such users to another page in the site.
The Rabbit Hole module works with different types of entities. They could be nodes, users, taxonomy terms and files, to name a few.
This tutorial will explain the basic usage of this module. Let’s start!
Step #1. Download the Required Modules
- Open the terminal application on your PC
- Go to the root of your Drupal installation (the composer.json file is inside this directory)
- Type the following command: composer require drupal/rabbit hole
- Click Extend
- Scroll down and check Rabbit Hole and Rabbit Hole nodes
- Click Install:
Step #2. Create the VIP Role
You need a VIP role in your site for paid users that are allowed to view this content. Users without a paid memberships will be authenticated users.
- Click People > Roles > Add Role:
- Give this role a proper name
- Click Save:
Step #3. Create Users
For this tutorial, you are going to create one authenticated user and one VIP user.
- Click People > Add user
- Enter the user data and give them the role of VIP
- Click Create new account:
Notice that I’m working within the development environment. You should always be careful with passwords and make them as strong as possible.
- Create another user, this time with the role of Authenticated.
The People page should now look like on the screenshot below.
Step #4. Create the VIP Content Type
- Click Structure > Content Types > Add Content type:
- Give the content type a proper name and description
- Scroll down and click the Rabbit Hole vertical tab
- Leave the Allow these settings to be overridden for individual entities option checked. (This will allow administering (as the admin user) permissions on a node basis)
- Choose the Page redirect option
- Enter the URL of the site you want the users to redirect to (in case they are not paying users). It can be an external URL too.
- Change the Response code to 303
- Click Save and manage fields:
Just for your practice, add an image field and place it above the body field on the content type display settings
- Click Save:
Step #5. Set Access Permissions
The users with the VIP role will have to be able to bypass the Rabbit Hole control.
- Click People > Roles
- Locate the VIP role and click the dropdown arrow
- Click Edit permissions:
- Look for the Rabbit hole permissions
- Check the Bypass Rabbit Hole action for Content permission
- Scroll down and click Save permissions:
- Click Configuration > Performance > Clear all caches
Step #6. Create Content
- Click Content > Add content > VIP Content
- Create a node
- Click Save:
Notice that as the admin user, you can choose another Rabbit hole behavior for that particular node. You left this option checked in Step #4.
Step #7. Testing the Rabbit Hole module
- Copy the node URL
- Log in as our authenticated user:
- Go to the Home page and click the Teaser title of the VIP Content
You will be redirected to the access-denied page.
- Paste the URL you copied into the address bar. (The system will redirect you to the same page.)
- Log out
- Log in as the VIP user
- Go to the home page and click the teaser title
You will be able to access the node.
There you have it!
Thanks for reading. Please leave us your comments and suggestions below.