Drupal - Restricting access to containers or categories

I've been using theĀ Drupal Category ModuleĀ for a website. The owner of the site wants people to register for free on the site to view the content but to be able to still navigate through the site so you get an idea of what content is on the site first.

I've been using the Drupal Category Module for a website. Basically the site is structured so that the tree like navigation is built using containers, and when you are down to the actual content they are implemented as categories. The owner of the site wants people to register for free on the site to view the content but to be able to still navigate through the site so you get an idea of what content is on the site first.

The simplest way to do this would be to restrict anonymous access to categories but still allow it for containers. Initially I've looked at cac_lite, but these are fairly complex, and do a lot more than I need, plus I couldn't get it to work correctly. So what I've done is modify the category module to include some more granular permissions.

First of all I added the new permissions to the category_perm function, modifying the existing function to look like this:

function category_perm() {  $base_types = variable_get('category_base_nodetypes',  array('category_cat' => 'category_cat',  'category_cont' => 'category_cont'));  $perms_list = array();  if ($base_types['category_cat']) {    $perms_list[] = 'create categories';    $perms_list[] = 'access categories';  }  if ($base_types['category_cat']) {    $perms_list[] = 'create containers';    $perms_list[] = 'access containers';  }  if ($base_types['category_cat'] || $base_types['category_cont']) {    $perms_list[] = 'edit all categories';    $perms_list[] = 'edit own categories';  }  $perms_list[] = 'administer categories';  return $perms_list;}

This adds the permissions to the access control section, next we have to actually restrict access to the containers or categories. The module uses a helper function to get the permissions for access control called _category_privileged. I added these cases into that function, one for container and one for category:

case 'access categories':  return user_access('access categories') || user_access('administer categories');case 'access containers':  return user_access('access containers') || user_access('administer containers');

This will also allow users who can administer containers/categories access as well as users with our new permission.

Then the final step is to actually modify the category_access function to restrict access when viewing containers or categories. To do this I added a if statement to the end of the category_access function:

if ($op == 'view') {  $type = $node->type;  if ($type == 'category_cont') {    return _category_privileged('access containers');  }  else {    return _category_privileged('access categories');  }}

This simply checks the node type and then returns whether the user has been granted access to the relevant type. That should be it, you can then use the access control section to grant/deny permissions to view categories or containers.

About the Author

Steve Temple, Technical Director and co-founder of Gibe

Steve is the super brain behind the development of our major projects. With over 20 years of commercial experience, Steve is an expert in .NET, Umbraco and Microsoft technologies. Steve is also an Umbraco Certified Master and Microsoft MCSD