Description of the need
Currently #25 on the new feature priority poll - https://forum.backdropcms.org/feature-requests (Sept 23, 2022)
I have never understood why I can set permissions per content type for everything, but access.
I frequently want to set up an internal content type that is only for site administrators or editors, but never available to unauthenticated users. It always surprises me that I can't do this in core and need an additional module. I believe that there are multiple modules for Drupal 7 to do this. In Backdrop land we have several of them available. I think that the two most basic use cases would be:
- Members only content. In this case, special groups are not necessary. Members login to the site, non-members don't. I'd like to make some content available to members that is not available to the public.
- Admin User Guide - I like to enable the book module and create a site user guide that is only accessible to site admins (on sites where admins are the only ones that login). But, in order to make the content only accessible to admins, I have to add another module.
I'm not sure we need all of the functionality of content access in core. But, I'd like the ability to create content types that are accessible by role (using permissions).
Is there a reason why this is difficult in core?
Here is something @quicksketch said in the past when this came up:
You've probably noticed that there are per-type controls on creating/editing/deleting content, but no "view" permissions at all other than "access content". This is because there are so many ways of controlling access to content: by type, by taxonomy terms, by "groups" (as provided by OG) and many other ways. Core does provide a central mechanism for controlling access, through a combination of hook_node_access() and hook_node_grants(). The first is for viewing an individual node, the second when doing queries of multiple nodes that need to be shown in a list.
https://github.com/backdrop/backdrop-issues/issues/1348#issuecomment-156...
Proposed solution
Related issues:
https://github.com/backdrop/backdrop-issues/issues/1348 https://github.com/backdrop/backdrop-issues/issues/1407
Alternatives that have been considered
https://backdropcms.org/project/simple_access (48 installs) https://backdropcms.org/project/content_access (95 installs) https://backdropcms.org/project/content_view_access (40 installs) https://backdropcms.org/project/simple_access_grants (28 installs)
Installs as of May 24, 2022
Additional information
I plan to vote for this in the new feature survey, once it shows up on that site. https://forum.backdropcms.org/feature-requests
You can vote for this feature here: https://forum.backdropcms.org/features/create-view-all-content-type-perm...
Draft of feature description for Press Release (1 paragraph at most)
Backdrop CMS now includes the ability to restrict access to content of any given type by role. This makes it easy to create an members only or admin only content type that used to be only possible with contrib modules.
Recent comments
Hi patch-works I did something similar with Drupal 7: a block with aniversaries of historical dates. You can see it at https://lassalle-kreis.de/ down in the blue footer, the middle column...
How to get a list of upcoming birthdays?
@indigoxela - I agree, I mentioned the SVG topic specifically for the dev meeting. I think we'll definitely want Nate involved in that discussion. Good call!
Apr 18th Weekly Meetings
Hi colbyat, re display in the browser: the problem is that when a 500 occurs, this PHP process died before being able to render anything. So that won't work. Logging is possible, but...
Displaying 500 errors