background image

Content tagged with: permission

Restrict sections of a form to certain users and roles

Eric's picture
Submitted by Eric on Fri, 03/27/2009 - 14:21

At some point, you might want to restrict sections of a form to certain users and roles. That can be accomplished relatively easy by creating a module that implements 2 Drupal hooks: hook_form_alter and hook_perm.

First, I start by adding the hook_perm():

<?php
function MYMODULE_perm() {
  // return an array of permissions,
  // they can be named whatever you'd like.
  // NOTE: avoid redeclaring permissions that are already set
  return array('access secret section of my form');
}
?>

Next, add a form_alter hook:

<?php
function MYMODULE_form_alter(&$form, $form_state, $form_id) {

  // test for the form id you'd like to alter.
  // if you are unsure of the it's exact name,
  // you could add this: echo $form_id . "<BR>";
  if ($form_id =='SOME_FORM_ID') {
    // check if the user has access to the permission you defined
    if (!user_access('access secret section of my form')) {
      // deny access to the form element
      // if you don't what what it's called,
      // output the $form object:
      // echo "<pre>" . print_r($form, true) . "</pre>";
      $form['SOME_FORM_ELEMENT']['#access'] = false;
    }
  }
}
?>

Now, if you enable you module you can restrict permissions by going here: /admin/user/permissions

Restrict which roles can modify node taxonomy

Eric's picture
Submitted by Eric on Thu, 09/18/2008 - 14:38

I recently decided to use taxonomy to set the status of my nodes as they moved through phases of the application. A created a category called status and added the terms: incomplete, complete, and submitted. I needed the ability to restrict who can set the taxonomy, so I wrote this module which allows you to set which roles can modify taxonomy...

<?php
function tpr_perm() {
  return array('modify node taxonomy');   
}

function tpr_form_alter(&$form, $form_state, $form_id) {

  // ensure this is a node form
  if (substr($form_id,-10)!='_node_form') return;
   
  // ensure taxonomy exists for this node type
  if (!isset($form['taxonomy'])) return;
   
  // if the user does not have permission to modify node taxonomy:
  if (!user_access('modify node taxonomy')) {

    // node already exists
    if (isset($form['#node']->nid)) {
           
      // loop through taxonomy form elements
      foreach ($form['taxonomy'] as $k => $v) {

        // set each form element to disabled
        if (is_int($k) && is_array($v)) {
          $form['taxonomy'][$k]['#disabled'] = true;   
        }

      }
           
    } else {
      // new node, remove taxonomy from elements
              
      // loop through taxonomy from elements
      foreach ($form['taxonomy'] as $k => $v) {

        if (is_int($k) && is_array($v)) {

          // get first termID
          $termID = array_shift(array_keys($v['#options'][0]->option));
                   
          if (is_int($termID)) {
            // set default option
            $form['taxonomy'][$k]['#default_value'] = $termID;   
          }
                   
          // set element as disabled
          $form['taxonomy'][$k]['#disabled'] = true;   
        }

      }
           
    }

  }
   
}
?>

Password protecting a directory using .htaccess and htpasswd

Eric's picture
Submitted by Eric on Tue, 05/27/2008 - 14:15

Here is how you can password protect a directory using htpasswd and .htaccess files:

mkdir /path/to/new/directory/YOURNEWDIRECTORY
cd /path/to/new/directory/YOURNEWDIRECTORY
htpasswd -c .htpasswd YOURUSER

Next, edit/create an .htaccess file in the same directory containing:
AuthUserFile /path/to/new/directory/YOURNEWDIRECTORY/.htpasswd
AuthType Basic
AuthName "YOURDESCRIPTION"
Require valid-user

NOTE: A absolute path is required for the AuthUserFile directive.

Access Denied, You are not authorized to access this page

Eric's picture
Submitted by Eric on Tue, 04/22/2008 - 11:18

I just encountered a tricky "Acess Denied" error message. After creating a new user, and adding them to a role that has permissions to edit all node types, they were still unable to edit certain nodes. Everything looked fine on the access control settings page. It turns out, they did not have access to the Full HTML Filter, which was used to originally create the nodes. As soon as I granted them permission to the input filter, they were able to edit the nodes.