Description of the need

I have never understood why I can set permissions per content type for everything, but access.

I frequently want to set up an internal content type that is only for site administrators or editors, but never available to unauthenticated users. It always surprises me that I can't do this in core and need an additional module. I believe that there are multiple modules for Drupal 7 to do this. In Backdrop land we have several of them available. I think that the two most basic use cases would be:

  • Members only content. In this case, special groups are not necessary. Members login to the site, non-members don't. I'd like to make some content available to members that is not available to the public.
  • Admin User Guide - I like to enable the book module and create a site user guide that is only accessible to site admins (on sites where admins are the only ones that login). But, in order to make the content only accessible to admins, I have to add another module.

I'm not sure we need all of the functionality of content access in core. But, I'd like the ability to create content types that are accessible by role (using permissions).

image

Is there a reason why this is difficult in core?

Here is something @quicksketch said in the past when this came up:

You've probably noticed that there are per-type controls on creating/editing/deleting content, but no "view" permissions at all other than "access content". This is because there are so many ways of controlling access to content: by type, by taxonomy terms, by "groups" (as provided by OG) and many other ways. Core does provide a central mechanism for controlling access, through a combination of hook_node_access() and hook_node_grants(). The first is for viewing an individual node, the second when doing queries of multiple nodes that need to be shown in a list.

https://github.com/backdrop/backdrop-issues/issues/1348#issuecomment-156...

Proposed solution

Related issues:

https://github.com/backdrop/backdrop-issues/issues/1348 https://github.com/backdrop/backdrop-issues/issues/1407

Alternatives that have been considered

https://backdropcms.org/project/simple_access (48 installs) https://backdropcms.org/project/content_access (95 installs) https://backdropcms.org/project/content_view_access (40 installs) https://backdropcms.org/project/simple_access_grants (28 installs)

Installs as of May 24, 2022

Additional information

I plan to vote for this in the new feature survey, once it shows up on that site. https://forum.backdropcms.org/feature-requests

You can vote for this feature here: https://forum.backdropcms.org/features/create-view-all-content-type-perm...

Draft of feature description for Press Release (1 paragraph at most)

Backdrop CMS now includes the ability to restrict access to content of any given type by role. This makes it easy to create an members only or admin only content type that used to be only possible with contrib modules.

GitHub Issue #: 
5634