Access control & restricted pages
I’m using Drupal to build an Intranet site for our school. Most of the content should be viewable only by authenticated users of the site (e.g., stuff like a page that describe how to fill out your timesheet – it’s not a big secret, but not intended for the public).
There will be some content that has a restricted audience, where only a certain set of users should be able to view it, and only a certain (probably smaller) set of users can create/edit it. I’ve been working out the personas and use cases for this site, toward installing a Drupal Access Control module of some kind. I’m looking for suggestions about which modules to look at and how to best configure them to realize my goals:
- Anonymous users can see very few pages (perhaps only the home page) which gives instructions about how to login.
- Authenticated users can see any page that isn’t restricted to a particular subset of users.
- Alice works in DeptA and creates and edits restricted pages that only other users in DeptA should be able to view.
- Andi also works in DeptA, and shares the workload of Alice. They each need to edit restricted DeptA pages created by the other.
- Bob works in DeptB and creates and edits pages that only other users in DeptB should be able to view.
- Sara supervises Alice, Andi, and Bob, and needs to be able to edit pages created by any of her workers.
- Hanna is a faculty member in DeptA, and needs to be able to view the restricted pages belonging to DeptA.
- Greg is a joint-appointment faculty member (in DeptA and DeptB) and needs to be able to view restricted pages from either department.
I’m thinking the Taxonomy Access Control Lite (tac_lite) module will do what I need. Am I on the right track? Do you have this scenario (or something similar). I’d be very happy to meet up with other Drupal admins to discuss this topic. Please post a comment if you have any specific suggestions, or to say “me too”.
- Login to post comments
Would be interested in getting together on this
Hi John,
I recently started work at the California Institute of the Arts and have been introduced to some of the workings of access control. I have inherited the Access Control list module with over 50 roles (or departments) and I would be interested in getting together and talking about it. Its definetly a fairly complex problem with many approaches (As an example to what you have above, you could potentially use OG to set some level of node access grants limited to people that work in departments. On the other side, access control list is very powerful with its own set of goals. You could event use node types + cck & its permissions to solve what you want to do).
Definitely
I’ve had a similar challenge with our IT documentation site. I think I approached every module I could find in an effort to solve it, and I’m interested in hearing what others have done.
tac_lite and OG proved to be our solution, but it has had some unforeseen consequences in opening up editing to non-group members.
I’d be interested in a
I’d be interested in a discussion of this