These people help to make sure that your site is a pleasant and spam-free destination. You can grant your Moderator role permission to administer users see the User section on the Permissions page. Note that this is a very powerful permission.
If granted, any user with Moderator role can access any other user's account and change its settings. Grant with caution. This video is taken from the class called " The Beginners Guide to Drupal 8 ":.
Want to Learn More Drupal 8? After reading this tutorial, I'd recommend " How to Build User Profiles " which follows on directly from this point. This tutorial was an extract from Drupal 8 Explained , the best-selling guide to Drupal 8. Grab a copy today to learn all the fundamentals of Drupal 8. Join today and get access to 1,'s of books and videos. Sign up today! This tutorial is all about managing users on your Drupal 8 site.
I'll show you how to control who can do what on your site: Who can create, delete, and edit content? Who can upload modules and themes? Who can modify menus and blocks? Drupal Roles and Permissions Explained Drupal users are defined by their role. Drupal has three default roles: Anonymous : Visitors to your site who are not logged into your site. Authenticated : Anyone who has an account on your site and logs in is authenticated. The Authenticated role also serves as the minimum set of permissions that is given to all logged in users.
Drupal sets some default permissions but you can change them. Administrator : Users assigned the administrator role can do everything on the site. Creating an Article Writer Start with the example of an Article writer. There are four steps to make sure a user account is set up correctly: Add a role.
Set the role permissions. Create a user. Test the user to make sure it has the correct permissions. Following are those four steps. Click "People" on the admin menu bar and then on the "Roles" tab. Click "Add role". Type Article writer for the new role name. Click "Save". Click the Permissions tab to see the permissions available: On the left side of the list, you can see the modules that have permissions settings.
Scroll down until you find the header Node. At the top of the Node area, you see some admin-type permissions, as shown below: Scroll a little further to find the Article permission set.
To keep things simple in this example, check all of the Article permission boxes: Create new content Delete any content Delete own content Delete revisions Edit any content Edit own content Revert revisions View revisions To ensure the Article writer can "Add Content", check the permissions box for "Use the administration toolbar".
Click "Save permissions" at the bottom of the page. Now let's set up an actual user account for an Article writer. Click the "List" tab at the top of the screen. Click the "Add user" button. Username: articlewriter Password: articlewriter Roles: Check the "Article writer" box. If you included an email address, check the box to "Notify user of new account".
Click "Create new account". Following is a basic method for testing. You can use the following steps: Open a browser where you are not already logged in. Observe that the menu bar to which you have grown accustomed is lacking in options. That is good. First test passed. Click "Shortcuts" and then "Add content". The "Create Article" form appears immediately, with no other content types available.
Test passed again! Install the Masquerade module. Go to "Structure" and then "Block layout". Place the Masquerade block at the top of the Secondary region. Go to your homepage and you'll find the Masquerade block and its search box. Type in the name of the user you want to test and click "Switch". Creating a Moderator Now see one more example of user permissions.
Go to "People", "Roles", and then "Add new role". Type Moderator for the Role name. Next, we'll set up the permissions: Click the "Permissions" tab and scroll down until you find the Comment module. Check the "Administer comments and comment settings" box in the Moderator column.
Scroll down until you find the Forum module and check the "Administer forums" box in the Moderator column. There is a user-role association and a role-permission association. This is probably the most common issue encountered in Drupal. You need to let users into your system, but you want to limit their rights to the content management only. You do not want to give the rights to change the system configuration or to add new users. Then log-in into the account of the selected user and check out whether they have the appropriate permissions.
Maybe you need to extend them or take them away. If you are unfamiliar with the Drupal's permission system, such a test with logging-in into the user account is always worth carrying out. You do not need to know the password to the user account you want to log-in into. You just need to install the module Masquerade. Thanks to it, you can log-in into the account of any user. This is probably the longest configuration page in Drupal. Let us start with the table header.
In the next cells of the first row, there will be the names of the roles. Then, looking at the first column in its entirety, you will see a long list of permissions. The permissions are divided into sections. The sections are the names of modules. Some sections have only one permission, e. Others have many more of them. If this is your first time dealing with Drupal permission settings, I suggest that you read the names of all permissions.
The names themselves explain what a given permission is for. The first of these roles is responsible for all non-logged-in users. For example: if you want to add the ability to view user profiles for all non-logged-in for the "View user information" permission, tick the checkbox in the "Anonymous User" column.
It is important here to understand the permission inheritance. If you assign a permission to "Authenticated User", then all other roles except anonymous will be given this permission immediately. Example: You have the "Editor" role in the system. You assign the "View user information" permission to the "Authenticated User" role. Everyone with the "Editor" role will also be given the permission because they are also considered to be logged-in users.
Moreover, keep in mind that if you select any permission for the Anonymous role e. Sometimes there is a need to define your own permissions, e. You just need to add the modulename. If you do not know how to create your own modules, I encourage you to visit the website.
The permission file is a file in the YML format. A simple example can be found in the Popup Message module, right here. Being defined in the file is a unique name for the permission e. You can provide a title in the "title" parameter and additionally — a more detailed description in the "description" parameter.
This is enough to define new permissions. Most often, permissions are being used when defining routing. Take a look at the file. In the "requirements" section, you can add the "permission" parameter. In this way, you can define the users or rather roles with what permission can display the page defined in routing. The second method is to check out the permissions in your code. User object in Drupal has the "hasPermission" method. In this way, you can check out whether a given user has the selected permission.
It is worth to take a look at the hasPermission method here. As you can see, the user ID is being checked there. If the id equals 1, the user gets access without further checking if they have selected roles. Drupal also offers a ready-made method to check whether a given user has a role with a specific name. Provided below is an example of how you can do it in the code.
Additionally, there are also methods related to the Authenticated and Anonymous roles:. In the application code, you can also check the permissions to operate on selected entities e. Node or User.
0コメント