Drupal permission, a user case
The objective of the site is to maintain a product
listing.
- Each
product
composes of a title, description and quantity (CCK field). - Each
product
belongs to ashop
. - Each
shop
has amanager
. - All
开发者_如何学Pythonproducts
are visible to all. - A
manager
can only add/editproducts
of his ownshop
. - A site
admin
can create newshops
and newmanagers
.
How can I set the permission for the above scenario?
I am thinking of using Taxonomy
for shop names, Taxonomy Access Control for permission control. Not sure whether I am on the right track though...
Besides, is Organic Groups also an option?
Thanks!
TAC solves your problems. I'm using it in a very similar scenario. Here's how to set it up:
- Create a new content type "Product" with the fields you specified
- Create a taxonomy term for each shop. Enable and require Taxonomy on the "Product" content type
- Create a role for each shop
- Enable TAC for that role
- Set the TAC permissions for Global to allow View, but deny Update, Delete, Create and List.
- Set the TAC permissions for the shop's term to allow View, Update, Delete, Create and List.
- Save and rebuild permissions
That should do it, as long as your permissions for the content type are set up to allow anonymous users to view the fields in "Product".
I think your approach with Taxonomy Access Control may be work, but assigning users to a taxonomy for the proper permissions would require a bit of custom code.
Using Organic Groups might provide more robust access out of the box (each shop is a group, and products are then published in that group), but you would need to theme a lot of the defaults away in order to hide the forum/wall-of-news workflow that OG comes with out of the box (this can be done with the hooks OG provides).
The advantage here is that to add product managers to a shop, you would simply make them the group administrator (a shop could have more than one admin this way). You would set each group as public (so all products are visible), but only grant permission to edit nodes in the group to the admin of that group. Group admins would also be the only ones with permission to create product nodes, which would be setup as group nodes (this is done at the node-type edit screen, or at the OG admin screen).
精彩评论