You are here

Home » API reference » Module Grants 6

README.txt in Module Grants 6

Same filename and directory in other branches
  1. 6.4 README.txt
  2. 6.3 README.txt
  3. 7 README.txt
DESCRIPTION
===========
This module gets around two quirks in the 6.x core Node module. 
Currently the Node module:
- causes access grants to be ignored for unpublished content;
- ORs together access grants coming from multiple modules; this results
  in content being made accessible by one module when access had already
  been restricted by another, which is undesirable in most cases.

The module ensures that access grants are tested for unpublished content just 
as they are for published content, so that using the Workflow module (or any 
other module that uses the node_access table) you can implement workflows that 
deal effectively with content moving from author via moderator to publisher 
BEFORE it is published (which is where it's needed most, once content is 
visible for all to see, it's a bit late to start a publication workflow 
process!).
Using Taxonomy Access Control (or Lite) you can restrict access to content
to user-defined "vocabularies" such as departments or regions. With Module
Grants this will work for unpublished content just as it does for published 
content.
Moreover when Workflow and TAC or (TAC-Lite) are used together this module
makes sure that the combination exhibits the expected behaviour: access is
granted to content only when it is in the correct state AND of the appropriate
vocabulary "term" (such as department, country, etc.).
The module_grants module achieves this by AND-ing rather than OR-ing the grants.

After installation users will have access to a new menu item, "My content" that 
shows a list of all content accessible to them based on their permissions and 
access grants as determined by enabled modules implementing hook_node_grants().

INSTALLATION
============
1. Place the "module_grants" folder in your "sites/all/modules" directory.
2. Enable the module under Administer >> Site building >> Modules.
3. Under Administer >> User management >> Permissions, section "module_grants
   module" tick the "access content summary" box for "authenticated user".
   There's usually no need to tick "administer nodes", which is good because
   "administer nodes" equates to almost god-like powers that you wouldn't 
   normally give to normal users.
4. If required, install and enable as many modules for content access control 
   as you need for your situation. Typical examples are Taxonomy Access Control
   (or use TAC Lite) and Workflow.

USAGE
=====
The module creates a new root menu item, 'My content' visible to the
administrator and to roles that have the "access content summary" permission. 
These users will see two new tabs:
 o "Viewable" shows all nodes that may be viewed by the logged-in user as
   granted by enabled modules that implement hook_node_grants()
 o "Editable" shows all nodes that may be edited by the logged-in user
 
You can use this module in combination with TAC or TAC-Lite for fine-grained
access control based on vocabularies (such as "department") assigned to the 
various content types. You can then create department-specific roles (eg 
Sports Author, Music Author) and enforce that these roles can only access
content belonging to their departments, whether it's published or not.
Create your grants "schemes" on this page: Administer >> User management >> 
Access control by taxonmy.

In addition you may want to install the Workflow module to further segragate
roles (eg author and moderator) via access control based on states such as
"in draft", "in review" and "published". See Administer >> Site building >>
Workflow.

The module makes sure that access to content is given only when both the 
TAC (Lite) and the Workflow Access modules grant it (as opposed to one OR
the other).

Be aware that any permissions given in the "node module" section override the
access grants given by the Workflow and TAC-Lite modules, so you probably only 
want to assign a few creation permissions in the node module and grant 
view, update and delete via TAC/TAC-Lite and/or Workflow.

This module also works well with the Revisioning module for creating effective
publication workflows operating on published as well as unpublished content
revisions. 

AUTHOR
======
Rik de Boer, IBS, Melbourne, Australia.

File

README.txt
View source 
  1. 

  2. DESCRIPTION

  3. ===========

  4. This module gets around two quirks in the 6.x core Node module. 

  5. Currently the Node module:

  6. - causes access grants to be ignored for unpublished content;

  7. - ORs together access grants coming from multiple modules; this results

  8.   in content being made accessible by one module when access had already

  9.   been restricted by another, which is undesirable in most cases.

  10. 

  11. The module ensures that access grants are tested for unpublished content just 

  12. as they are for published content, so that using the Workflow module (or any 

  13. other module that uses the node_access table) you can implement workflows that 

  14. deal effectively with content moving from author via moderator to publisher 

  15. BEFORE it is published (which is where it's needed most, once content is 

  16. visible for all to see, it's a bit late to start a publication workflow 

  17. process!).

  18. Using Taxonomy Access Control (or Lite) you can restrict access to content

  19. to user-defined "vocabularies" such as departments or regions. With Module

  20. Grants this will work for unpublished content just as it does for published 

  21. content.

  22. Moreover when Workflow and TAC or (TAC-Lite) are used together this module

  23. makes sure that the combination exhibits the expected behaviour: access is

  24. granted to content only when it is in the correct state AND of the appropriate

  25. vocabulary "term" (such as department, country, etc.).

  26. The module_grants module achieves this by AND-ing rather than OR-ing the grants.

  27. 

  28. After installation users will have access to a new menu item, "My content" that 

  29. shows a list of all content accessible to them based on their permissions and 

  30. access grants as determined by enabled modules implementing hook_node_grants().

  31. 

  32. INSTALLATION

  33. ============

  34. 1. Place the "module_grants" folder in your "sites/all/modules" directory.

  35. 2. Enable the module under Administer >> Site building >> Modules.

  36. 3. Under Administer >> User management >> Permissions, section "module_grants

  37.    module" tick the "access content summary" box for "authenticated user".

  38.    There's usually no need to tick "administer nodes", which is good because

  39.    "administer nodes" equates to almost god-like powers that you wouldn't 

  40.    normally give to normal users.

  41. 4. If required, install and enable as many modules for content access control 

  42.    as you need for your situation. Typical examples are Taxonomy Access Control

  43.    (or use TAC Lite) and Workflow.

  44. 

  45. USAGE

  46. =====

  47. The module creates a new root menu item, 'My content' visible to the

  48. administrator and to roles that have the "access content summary" permission. 

  49. These users will see two new tabs:

  50.  o "Viewable" shows all nodes that may be viewed by the logged-in user as

  51.    granted by enabled modules that implement hook_node_grants()

  52.  o "Editable" shows all nodes that may be edited by the logged-in user

  53.  

  54. You can use this module in combination with TAC or TAC-Lite for fine-grained

  55. access control based on vocabularies (such as "department") assigned to the 

  56. various content types. You can then create department-specific roles (eg 

  57. Sports Author, Music Author) and enforce that these roles can only access

  58. content belonging to their departments, whether it's published or not.

  59. Create your grants "schemes" on this page: Administer >> User management >> 

  60. Access control by taxonmy.

  61. 

  62. In addition you may want to install the Workflow module to further segragate

  63. roles (eg author and moderator) via access control based on states such as

  64. "in draft", "in review" and "published". See Administer >> Site building >>

  65. Workflow.

  66. 

  67. The module makes sure that access to content is given only when both the 

  68. TAC (Lite) and the Workflow Access modules grant it (as opposed to one OR

  69. the other).

  70. 

  71. Be aware that any permissions given in the "node module" section override the

  72. access grants given by the Workflow and TAC-Lite modules, so you probably only 

  73. want to assign a few creation permissions in the node module and grant 

  74. view, update and delete via TAC/TAC-Lite and/or Workflow.

  75. 

  76. This module also works well with the Revisioning module for creating effective

  77. publication workflows operating on published as well as unpublished content

  78. revisions. 

  79. 

  80. AUTHOR

  81. ======

  82. Rik de Boer, IBS, Melbourne, Australia.