HomeHow to Create Pages Only Customers Can See

Creating User Roles & Setting Permissions

Welcome to the second section of the tutorial on configuring your Drupal site with special access permissions, enabling you to create pages only privileged users can see. The first section of this tutorial explains Drupal's permissions and user roles. If you are new to Drupal, I suggest you read that first. In this section we will create and configure two new user roles.

Creating User Roles & Configuring Their Permissions
Now, let’s create some new user roles for our customers and staff. First, navigate to admin/user/roles, and you’ll see a page similar to this:

example of Drupal's admin/user/roles configuration page
The new role creation interface at admin/user/roles

Start by entering “customer” (without the quotes) in the text field under “name”, and click the “add role” button. After submission, you should see your listed roles change to this:

example listing of Drupal site roles after adding the 'customer' role
The "customer" role has been created

The new role is listed beneath ‘authenticated user’. If you click the “edit role” link, you are given a form to change the name of this role. If you click the “edit permissions” link, you are taken to a special version of the permissions administration form; the special version only allows the permissions to be set for this role, not any role. This is useful for sites that have too many roles, and they cannot all be viewed at once from the normal permissions administration page.

example of Drupal permissions for the 'customer' role
A portion of the new "customer" role's permissions setting page

Shown above is the special ‘customer role’ permissions administration page. Note that new roles default to having no permissions at all. At minimum, for a customer, I’d scroll through the available permissions and grant permissions for the access content setting. This allows customers to see site pages, and is the bare minimum for viewing content on the site. If you want your customers to be able to access comments and/or support forums, click the checkbox granting them permission for these areas as well. If you don’t see a permission for forums, that may be because you’ve not yet activated that module. So be sure to activate any modules for features you want your customers to be able to access.

Once you’ve activated all the permissions you want for your customers, scroll down to the bottom of the page and click the “Save permissions” button to finalize these settings.

Returning to the admin/user/roles page, create a “staff” role like this:

example of creating a 'staff' role in Drupal
Adding the "staff" role

Once the “Add role” button has been clicked, click the “edit permissions” link to go to the page for configuring your staff’s permissions. Here, I expect you’ll be granting permission to quite a few more areas than simply access content. I suggest you look at all the settings with ‘administer’ in the name and consider them. Keep in mind that your site’s staff is not necessarily the same as your site’s web master. Some of the ‘administer’ settings make sense for your staff, they are helping customers and running your eCommerce operations, rather than other settings that are more for administration of the web site itself. For example, these settings make sense for staff:

  • administer comments – grants the ability to moderate comments
  • access content – necessary for staff to see site contents
  • create page content – grants ability to create page nodes
  • delete own page content – delete their own page nodes
  • edit own page content
  • revert revisions – roll back changes to a node they’ve edited
  • view revisions – see the available revisions of a node

Later on, after the Ubercart modules have been activated, your staff will also get permissions for the Ubercart administration pages. The ‘staff’ permissions above are in contrast to the permissions settings below that are more appropriate for your site web master:

  • administer blocks – grants the ability to create & change blocks
  • administer filters – add & modify node editing input filters
  • administer menus – add & modify the site’s menus
  • administer content types – create & modify the content types of the site

At this point in the tutorial, your site has the three default user roles and two new user roles: one for customers and one for staff. However, customers simply have ‘access content’ granted, meaning that they are little different from anonymous users who also have permission to access content. Next are the steps necessary to create special permissions to a newly created content type that will hold your product support information.

If you have any questions or suggestions for how I can improve the above, please write a comment. Constructive comments will be followed as much as possible. Otherwise, please visit the next section Installing and Configuring the Content Access Module.


Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <pre>
  • Lines and paragraphs break automatically.
  • Syntax highlight code surrounded by the {syntaxhighlighter OPTIONS}...{/syntaxhighlighter} tags with the rich text editor turned off or set to source mode.

More information about formatting options