Access Control

Apache access control the Agaric way

Key words and phrases: 
require password authentication Apache authorization limiting access to test server control who can view development sites
Description & Info: 

Clients don't like their test site competing with their live, production site for Google results. Therefore, we have put our entire set of test sites behind a pop-up requiring basic Apache authentication.

For ongoing maintenance — adding new people to access the test environment behind the authorization wall — the operative command is:

Roughly following the instructions here:
http://httpd.apache.org/docs/2.2/howto/auth.html


sudo mkdir /etc/apache2/passwd

sudo htpasswd -c /etc/apache2/passwd/passwords dan
New password:
Re-type new password:
Adding password for user dan

sudo htpasswd /etc/apache2/passwd/passwords benjamin
New password:
Re-type new password:
Adding password for user benjamin

by Benjamin Melançon
Posted on Thu, 2008-07-03 01:51
in

Userreference Access

With Userreference Access, site administrators can choose to give additional view or edit access to users who are associated with a node by userreference fields.

Figuring out User-based Node Access in Drupal (again), some notes

Key words and phrases: 
hook node grants Drupal access records permission hide viewable
Description & Info: 

Simply looking at this function is one of the most useful things you can do to understand node access control in Drupal. From the 5.3 version of node.module

/**
 * This function will call module invoke to get a list of grants and then
 * write them to the database. It is called at node save, and should be
by Benjamin Melançon
Posted on Tue, 2007-12-11 10:21
in

Per content type, per role Drupal access control

Key words and phrases: 
per content type per role Drupal access control
Description & Info: 

Searching for this led Agaric to this long thread on Access Control Within A Specific Content Type?

which led to:

http://drupal.org/project/nodeaccess

by Benjamin Melançon
Posted on Tue, 2007-12-11 10:17
in

RE: Node access module (based on users listed in userreference fields)

Key words and phrases: 
userfield based permissions to content userreference linking
Description & Info: 

I created a module (attached, in case you're curious) that's a user reference widget. When placed on a node type, it will hide itself and fill itself in from the URL with the person the request is being made of. When a node with the field on it is submitted, it emails the person.

by Benjamin Melançon
Posted on Tue, 2007-12-11 09:56
in

Node Authors module: give multiple people edit rights to specific content based on userreference field

Description & Info: 

Deep background:

Michelle: Anyone know of some good docs on doing access control? The node chapter of PDD touches on it but not enough for me to really get it and what I'm trying to do is complicated
[10:55am] agentrickard: node access or user access?
[10:55am] Michelle: Well, user access to nodes

by Benjamin Melançon
Posted on Sun, 2007-11-11 07:53
in