User Roles & Permissions

Roles are another name for a type of user which has specific permissions i.e. they are allowed to do certain things like create pages.

In a default Drupal site there are the following roles:

  • Superuser - the first user created that has access to everything
  • Anonymous users - users that aren't logged in
  • Authenticated users - users that are logged in but with no additional role

It is typical to create new roles such as:

  • Admin - a role that can do everything you usually do (This is useful so you only see the options you need)
  • Editor - a role that can only change/add/remove content

Let's have a go at creating an Editor role:

  1. Go to: User management > Roles
  2. Enter editor and click add role
  3. Click edit permissions next to editor
  4. Select the following (or options you see fit):
    • Access administration menu
    • Administer nodes
    • Access administration pages

Unfortunately the administer nodes permission allows the user to create, edit and delete all content on the site which you may not want.  Without the administer nodes permission you don't get access to view the site content under Content management > Content.  However, there is the ‎Content Management Filter‎ module that will give us access to content administration without permissions to all content and content types.

  • Download and install the ‎Content Management Filter‎ module
  • Go to: User management > permissions
  • Scroll down to cmf module and check filter and manage site content under the editorcolumn
  • You may also remove administer nodes and enable the permissions for specific content types

The content management filter module also gives you many more useful options for filtering content.

You can now test out your editor role:

  • Go to: User management > Users > Add user
  • Fill out the details and select editor
  • Logout and then login with your editor user

Note: The ‎Devel‎ module has a switch users permission that can be accessed via the right of the admin menu and there is also the ‎Masquerade‎ module.  These are both very handy and avoids you having to logout and in again to test different users.  The ‎Devel‎ module also has a couple of blocks to show you which users have access to the page you're on and why.