How do I give a specific user editing rights to a specific node?

19.1k views Asked by At

How do I give a specific user editing rights to a specific node?

I have a user role named "Student". Multiple users have that role, only a few of them can edit a node. How can I realise this?

5

There are 5 answers

1
gapple On BEST ANSWER

I'll try and cover a few use cases, with how I would solve them:

  1. If all members of a category of users can edit any node of a certain type
    • Create a new role for that subset of users ('Super Students', as Emyr suggested) and grant them 'Edit content of type' permissions through Drupal's core permission system (no node access module required)
  2. If all members of a category of users can edit specific nodes
    • Create a new role for that subset of users and grant them edit permissions on the specific nodes (a node access modules is required, such as Node Access or Content Access). This will also require that someone has the permissions (and time) to grant access to the role whenever a new node is created.
  3. Some users can edit some nodes; there is no 'elite' group of users who can edit all nodes, and not all members can edit the same nodes
    • This will require a node access module, such as Node Access or Content Access with ACL. There will also need to be administrative users who have the permission to grant other users access to edit the nodes.
  4. Allow users to grant others access to edit a node they have created.
    • I implemented this recently with a user reference CCK field and Node Access User Reference. You can grant users permission to edit their own nodes through the core permissions system and they can then add other users to the user reference field. In my case creators are not given that permission and I set up the default value of the field to the creator's user id, which allows a user to remove themselves from being able to edit the node.

These all assume there is no categorization for your content. You may be able to utilize node access modules based on Taxonomy or Organic Groups if your content and users are organized sufficiently.

1
Emyr On

If only a subset should be able to edit nodes, you need an additional "super student" role.

The Node Access module may help you set appropriate permissions on the nodes. Here is an excerpt from its project page:

... provides roles and user specific security permissions for menus, menu items, nodes, and security integration into the administration and help systems. We would like to provide this suite of modules back to the community to share the usefulness of the suite and involve the community to provide additional support, testing, and moderation. Special care was taken to ensure the usability of permission management was consistent across all sections of the system (nodes, menus, menu items). Also each security module uses a cascading security scheme to allow global security and the option to override or define exceptions to the security model for individual items.

0
Mike Crittenden On

For sort of abnormal permissions stuff like this, I've always found that a small custom module is the way to go. General node access modules have to be general enough to be useful for a lot of different cases, which generally makes them sort of messy and confusing.

For this specific one, you could create a module that implements hook_nodeapi and on $op==prepare, check the user's ID against your user reference and do a drupal_goto the access denied page if they don't match up.

0
Free Radical On

You can do this with Flexi Access. Giving a specific user the "update" privilege on a node will allow him to edit the node.

For more options, see the page: Overview of Node Access modules @ Drupal.org.

1
Sean McRaghty On

Have you tried either Node Access or Content Access?