HandsOn Creating Roles

Earlier, we talked about Drupal's access control system, and how it's composed of users, roles, and permissions that map to who is going to use the site and what they're going to want to do on it. Let's spend a moment brainstorming about Mom and Pop, Inc.'s needs in this area.

This site will have four types of users:

• Passing visitors, who will basically only be able to read and search content, comment on news items once their content has been approved, and send mail with the contact form. This will map to the built-in "anonymous user" role in Drupal.

• Customers, who will log into the site and can comment on content, but aren't able to actually post news items themselves. Because they will be logged in, we'll use the built-in "authenticated user" role for customers.

• The store owners Mike and Jeanne themselves, who will handle writing content and some of the smaller day-to-day administration of the website. They'll need to be able to create and manage content, view logs and statistics, and change certain website settings when required. However, because they're not extremely technically savvy, the more advanced options should be hidden. We're going to call this role "editor," as they will be largely adding and editing content on the site.

• Finally, Goldie is the webmaster, who will actually build the site, as well as look after the more technical details for Jeanne and Mike. This will entail things like installing and upgrading modules, and configuring advanced website settings. Although she could just do everything as User 1, at some point she might want to bring on another family member to take over her duties, so it pays to be forward-thinking and make a role for this purpose. We'll call this role "site administrator."

* • These standard four roles are the same ones we'll use in all future chap ters. On your own Drupal site, you can have as many or as few roles as VV' A ^ , 11 • i1. you d like.

With that, we can begin setting up our access control:

1. Begin by creating the two additional roles—the ones for Mike and Jeanne and for Goldie, who will build the site. Go to AdministersUser managementsRoles (admin/user/roles).

2. Enter editor as a role name and click "Add role."

3. Enter site administrator as a role name and click "Add role." Your roles page should now look like Figure 2-31, shown earlier.

4. After setting up roles, it's always a good idea to set up some test users as well. Go to AdministersUser managementsUsers, and click the "Add user" tab (admin/ user/user/create).

5. Enter in the settings from Table 2-4 and Figure 2-34 and click "Create new account."

Table 2-4. Values for initial website users





Email address

[email protected]


Your choice, but try to pick something secure; perhaps "Mom-0-Rama'


Active (default)


authenticated user (default) editor

6. Repeat the above step for Mike, and repeat it again for Goldie, but add her to both the editor and site administrator roles.

7. Also create a user called Random Customer, but note that Random Customer should not be assigned any special roles.

Users ust ^fffW

This web page allows administrators to register new users, Users' e-mail addresses and usernames must be unique.



Spaces are allowed; punctuation is not allowed except for periods, hyphens, and underscores.

E-mail address: *

| [email protected]

A valid e-mall address. All e-mslls from the system will be sent to this address. The e-mail address Is not made public and will only be used if you wish to receive a new password or wish to receive certain news or notifications by e-mail.

Password: *

|| Password strength: High Confirm password: *

|| Passwords match: Yes

Provide a password for the new account In both fields.


C Blocked © Active Roles:

^ authenticated user S! editor

□ site administrator D Notify user of new account

Create new account)

Figure 2-34. New user account form

0 0

Post a comment