Restricting access to site content

Restricting access to site content: Professional subscription plan or higher

Drupal Gardens provides fine-grained access control to your site’s content through the Taxonomy Access Control module. With this feature, you can define access control rules describing which users (by role) can view, edit, or delete content. Then you can apply these access control rules to any content you want, including basic pages, blog entries, and forum topics.

For example, you may want to allow all site visitors to discuss topics on current events, but allow only users with the Editor role to discuss topics related to improvements on your website. Using Taxonomy Access Control, you can restrict forum topics so that certain terms grant access only to the relevant user roles, preventing visitors from viewing topics about website improvements.

Optionally, you can allow some users to see a teaser of the content, but then redirect them to another web page when they try to view the full version of content in order to upsell them or provide information about how they can get access to your premium content.

In addition, you can add small images called role indicators to enhance content teasers, taxonomy term listings, and user pictures that indicate what roles apply to them. To display role indicators with content, you have to configure your content types and views to display them.

To restrict access to the content on your website:

  1. Prepare your website.
  2. Configure your site's roles to restrict content.
  3. Assign restrictions to content.
  4. Allow views to "tease" restricted content.

    Optionally, you can also create and use role indicators to indicate both restricted content and higher-tier users.

  5. Create role indicators.
  6. Display role indicators for content.

Note: If the Taxonomy Access Control module is enabled on a website, only user accounts assigned to the Administrator role can access unpublished content.

To allow non-administrators to access unpublished content with the Taxonomy Access Control module enabled, you must create a view of each user's unpublished content. To do this:

  1. Ensure that the Views module is enabled for your website.
  2. Go to Structure > Views, and then either add or edit a view to list the users' unpublished content.
  3. In the Advanced section, add a contextual filter on Content: Author UID.
  4. Also in the Advanced section, in the Other section, click the Settings link to the right of Query settings.
  5. Clear the Disable SQL rewriting check box, and then click Apply (all displays).
  6. After you've finished modifying the view, click Save.

Users can now use the view that you either created or modified to find and edit their unpublished content.

Preparing your website

To use taxonomy to restrict access to protected content, enable the Taxonomy Access Control module.

  1. In the admin menu, select Modules.
  2. Enable the Taxonomy Access Control module.
  3. Click Save configuration.

Select an existing role on your website that will have access to protected content, or create an additional role. Later you will associate the role with access permissions for the content that you want to protect. To learn more, see User roles and permissions.

Continue to the next step >