Control Who Can View Drupal Nodes: Taxonomy Access Control

media_1355778945289.png

In another tutorial this week, we talked about a major hole in Drupal’s permissions system.

The hole is that Drupal allows you to control who can create, edit and delete content but not who can view it.

Because this problem impacts a lot of sites, there are a lot of available solutions. In that other tutorial, we recommended the Content Access module. In this tutorial, we’re going to recommend the Taxonomy Access Control module.

What’s the difference?

  • Content Access works best if your user roles closely match your content types.
  • Taxonomy Access Control works best if you have a more complicated permissions system and one that doesn’t closely match your content types.

Using the Taxonomy Access Control Module

Here’s the example we’re going to use in this tutorial.
  • On this screen we have 5 content items, all of the same content type.
  • Each content item is tagged with the appropriate state. For example, San Francisco is tagged with “California”.
  • We want to deny anonymous users the ability to view items from some states.

media_1355778945289.png
Here’s how we use Taxonomy Access Control to solve this problem.

media_1355777813695.png

media_1355777829342.png
  • You’ll see a message saying, The content access permissions have been rebuilt.
  • Go to Configuration > Taxonomy Access Control.
  • You’ll see that you have options for each user role. Click “edit access” rules next to anonymous user.

media_1355778312806.png

You’ll now see the main Taxonomy Access Control page. Here’s how to understand the page:

  • You add the tags on the left.
  • You look for the permissions across the top.

media_1355778345432.png

First, let’s add the tags:

  • Under New, choose a tag.
  • Click Add.
  • Repeat until you’ve chosen all the tags that you want to control access for.

media_1355778451527.png
 
Now let’s look across the top of the page:
media_1355778577251.png
Here are 5 new permissions that Drupal doesn’t have by default:
  • View: can the user see nodes with this term?
  • Update: can the user edit node with this term?
  • Delete: can the user delete nodes with this term?
  • Add: can the user add this term to a node?
  • View: can the user see the term when looking at a node?

Now that we’ve seen both the left and the top of the page, we can start to apply permissions.

For each permssion, you choose the setting for each tag. Here’s what the labels A, I, D mean:

  • A: people in this user role (in this case, anonymous) have this permission (in this case, View)
  • I: people in this user role have the same permissions as the default setting above
  • D: people in this user role do not have this permission.

So, if we the permissions as in the image below, anonymous users can view content tagged with Texas and Washington but they can’t view content tagged with California or Georgia.

media_1355778552743.png

Look back up to the image at the start of this tutorial. Here’s how that screen now appears to anonymous users.

 

media_1355779013696.png

Author

  • Steve Burge

    Steve is the founder of OSTraining. Originally from the UK, he now lives in Sarasota in the USA. Steve's work straddles the line between teaching and web development.

    View all posts
0 0 votes
Article Rating
Subscribe
Notify of
guest

5 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
jc
jc
11 years ago

Be careful applying permissions control modules as they can fight each other if you have more than one enabled. Drupal will ultimately grant permissions if any of the permissions modules says to, even if another module says no.

ja
ja
11 years ago

It looks really simple, but it don’t work on my site… I don’t understand why… The permissions in admin/people/permissions are always consider but not the permissions in the taxonomy control access module…
Somebody can help me ?

khaled_webdev
khaled_webdev
10 years ago

Successfully tested, be careful about authenticated user role hwo can affect other role given to a registred user.

Benita
Benita
6 years ago

2018, still works 😀 Thanks so much for this guide, it’s brilliant and easy to follow 🙂

Hashmat
Hashmat
6 years ago

Thanks for the tutorials. But I want to implement the same for some specific users, please help me out into this.

5
0
Would love your thoughts, please comment.x
()
x