Drupal permission, a user case

StackOverflow https://stackoverflow.com/questions/4331488

Question

The objective of the site is to maintain a product listing.

  • Each product composes of a title, description and quantity (CCK field).
  • Each product belongs to a shop.
  • Each shop has a manager.
  • All products are visible to all.
  • A manager can only add/edit products of his own shop.
  • A site admin can create new shops and new managers.

How can I set the permission for the above scenario?

I am thinking of using Taxonomy for shop names, Taxonomy Access Control for permission control. Not sure whether I am on the right track though...

Besides, is Organic Groups also an option?

Thanks!

Was it helpful?

Solution

TAC solves your problems. I'm using it in a very similar scenario. Here's how to set it up:

  1. Create a new content type "Product" with the fields you specified
  2. Create a taxonomy term for each shop. Enable and require Taxonomy on the "Product" content type
  3. Create a role for each shop
  4. Enable TAC for that role
  5. Set the TAC permissions for Global to allow View, but deny Update, Delete, Create and List.
  6. Set the TAC permissions for the shop's term to allow View, Update, Delete, Create and List.
  7. Save and rebuild permissions

That should do it, as long as your permissions for the content type are set up to allow anonymous users to view the fields in "Product".

OTHER TIPS

I think your approach with Taxonomy Access Control may be work, but assigning users to a taxonomy for the proper permissions would require a bit of custom code.

Using Organic Groups might provide more robust access out of the box (each shop is a group, and products are then published in that group), but you would need to theme a lot of the defaults away in order to hide the forum/wall-of-news workflow that OG comes with out of the box (this can be done with the hooks OG provides).

The advantage here is that to add product managers to a shop, you would simply make them the group administrator (a shop could have more than one admin this way). You would set each group as public (so all products are visible), but only grant permission to edit nodes in the group to the admin of that group. Group admins would also be the only ones with permission to create product nodes, which would be setup as group nodes (this is done at the node-type edit screen, or at the OG admin screen).

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top