Drupal 8 User Guide: 7.5. Assigning Permissions to a Role

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
Assigning Permissions to a Role with Amber Matz In this tutorial, we'll walk through how to assign permissions to a role. By the end of this tutorial, you'll understand how to change the permissions for the Vendor role so that those users can create, edit and delete Recipe and Vendor content, format the content, and contact each other. To follow along, you should understand the concept of users, roles, and permissions and have completed the tutorial, "Creating a Role" where we created the "Vendor" role. See the written version of this tutorial for links to these prerequisite tutorials. In the Manage Administrative menu, navigate to People, then Roles which is the admin/people/roles path. The Roles page appears. Next to Vendor and under the Operations column, drop down this menu and select Edit permissions. The Edit role page appears and this is where you can see all of the available actions for the website such as Post comments or Administer blocks. The available permissions depend on the modules that are installed in the site. Note—some permissions may have security implications. Be cautious when assigning permissions to roles. The Permission page is organized by module. Let's assign the following permissions to the Vendor role. Under Contact, check Use users' personal contact forms. Under Filter, check Use the restricted HTML text format. Under Node, check Recipe Create new content. Also, click Recipe Edit own content and Recipe Delete own content. By selecting Edit own content and Delete own content and not Edit or Delete any content, we allow the user to manage the content they created themselves without allowing them to edit or delete anyone else's. Finally, under Node, check Vendor Edit own content. Now, under Quick edit, check Access in-place editing. Now at the bottom of this page, click Save permissions. You will get a message saying that your changes have been saved. You can test these permissions by logging in as one of the new users you created in a previous tutorial. Verify whether you have the correct permissions by testing each of the actions that you granted permissions for, like Creating a new Recipe. And using the restricted HTML text format. It looks like our Vendors also have access to the basic HTML format. Let's go ahead and fix that by logging back in as admin. We'll navigate back to People, Roles, and let's edit the permissions for the Vendor role once again. We can see under Filter, that Basic HTML text format isn't checked for this role, but they still have access to it. This is probably because our user is also part of the Authenticated user role. Let's go back to People using the breadcrumbs and then over to Permissions, where we can see each of the roles. Let's navigate down to Filter and we can see that our Authenticated user also has access to the Basic HTML format. Let's uncheck this. And Save. Now if we go back to the site and log out and log in as our new user with the Vendor role, and we test out this permission again we can see that there's no more Select option for text format and they only have access to the restricted HTML format. Testing permissions for each role is an important part of the site building process and can help ensure that your site remains secure. In this tutorial, we walked through the steps of how to change the permissions for the Vendor role so that users can create, edit, and delete Recipe and Vendor content, format the content, and contact each other.
Info
Channel: Drupalize.Me
Views: 1,631
Rating: 5 out of 5
Keywords: Drupal, Drupalize.Me, training, lesson, tutorial, learn Drupal, Drupal 8, Drupal tutorial, Drupal tips, Drupal video, Drupal 8 User Guide
Id: IlVh9f4BHVw
Channel Id: undefined
Length: 4min 18sec (258 seconds)
Published: Wed Feb 14 2018
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.