Implementing user-specific, role-based access control per node type, per group. (Part 1)

Implementing user-specific, role-based access control per node type, per group. (Part 1) 0

Implementing user-specific, role-based access control per node type, per group. (Part 1)

This entry is part 1 of 4 in the series Implementing Organic Groups RBAC per Node Type

This entry is part 1 of 4 in the series Implementing Organic Groups RBAC per Node TypeWe’re going to review a fringe case of setting an access control system, such that, the view access to a node is dependant upon the role the user have. To further complicate it, users get different roles in different groups they are in. Basic node access system overview To understand first how Drupal’s node access system behaves...

Implementing user-specific, role-based access control per node type, per group. (Part 2) 1

Implementing user-specific, role-based access control per node type, per group. (Part 2)

This entry is part 2 of 4 in the series Implementing Organic Groups RBAC per Node Type

This entry is part 2 of 4 in the series Implementing Organic Groups RBAC per Node TypeMore in-depth node access system overview So what is that node access system? The involved components are a few hooks that modules define if they want to hook into the way the node access system work; Furthermore, there’s the node_access table in the database which maintains all of the grants for each node in...

Implementing user-specific, role-based access control per node type, per group. (Part 3) 0

Implementing user-specific, role-based access control per node type, per group. (Part 3)

This entry is part 3 of 4 in the series Implementing Organic Groups RBAC per Node Type

This entry is part 3 of 4 in the series Implementing Organic Groups RBAC per Node TypePractical node access system with Organic Groups OG approached the node access system in a way which only requires the user to be a member of a community in order to see all of it’s nodes, whatever types they are. Therefore, og_access module defines an og_subscriber realm and sets the grant id to always...

Implementing user-specific, role-based access control per node type, per group. (Part 4) 0

Implementing user-specific, role-based access control per node type, per group. (Part 4)

This entry is part 4 of 4 in the series Implementing Organic Groups RBAC per Node Type

This entry is part 4 of 4 in the series Implementing Organic Groups RBAC per Node TypeImplementing role-based node access control in groups. Overview As mentioned earlier, Drupal is pretty permissive by default and don’t offer a ‘view page’ kind of permission for page content type. Moreover, it’s attempt to call other modules to control access to the content type is limited only to the module that created this node...