Note When you grant the Post Comments Without Approval permission Drupal automatically grants the Post Comments permission as well This is logical since the former includes the latter

Now let's say that you want to have a group of trusted users who have the ability to moderate comments by marking them with flags like "inappropriate content," which, depending on how moderation is configured, might lead to the comment being unpublished. To set this up, you could define a role named Moderator. The Moderator role would receive the Moderate Comments permission, and users who are moderators would be given both the Authenticated User and the Moderator roles. Since the permissions from both roles are added together, these users would have a total of four permissions pertaining to comments: Access Comments, Post Comments, Post Comments Without Approval, and Moderate Comments.

Note that in Figure 2-2 the Access Comments permission is assigned to both the Anonymous User role and the Authenticated User role. This is because the Anonymous User role is unique among roles. It cannot be assigned to users as can all other roles. Users who are assigned the Anonymous User role cannot have any other roles and vice versa.

In general, the permissions are self-explanatory. For example, the Upload Files and View Uploaded Files permissions are straightforward. Only users in a role that has the Upload Files permission will ever be shown a file upload form. Users who do not have the View Uploaded Files permission will not be shown links to uploaded files.

Permission anonymous user authenticated user moderator comment module access comments ivfi 0 □

administer comments D D D

administer moderation D D D

moderate comments D D 0

post comments 0 0 □ post comments without approval 0

Figure 2-2. Sample permissions for a Moderator role

You've already been introduced to the Access Content permission. Users who do not have this permission will not be able to see anything on the site, so it is normally granted to every user.

A couple of the permissions are very powerful—perhaps more powerful than their names reveal—and therefore merit closer attention. The Administer Nodes permission grants nearly complete control over all the content on the site. Users possessing this permission can access all content on the site and execute any action on it, including changing the content, changing the author of the content, unpublishing the content, and even deleting it. Furthermore, the Administer Nodes permission allows a user to access the configuration pages where each content type is customized. Clearly, this permission should not be granted lightly.

Another important permission is Bypass Input Data Check. Drupal normally prevents users from creating posts that contain anything that might be a malicious attempt to inject computer code or scripting elements into a site. Entering a <script> tag in a Drupal blog, for example, will normally result in the message "Terminated request because of suspicious input data." Roles possessing the Bypass Input Data Check permission are exempt from this check. Grant this permission only to users who have legitimate reasons for creating content with code and scripts embedded.

Profit From Fiction

Profit From Fiction

Theres a lot of talk about just how lucrative the fiction genre is and how countless new writers are able to cash in with a combination of selfpublishing and hitting the right market.

Get My Free Ebook


Post a comment