This chapter has given you a good grounding in the basics of controlling access to your site's content. You have seen that Drupal comes with a large number of facilities and options to ensure proper maintenance of the site by retaining overall control with the administrative user, as well as delegate important jobs to trusted users via the use of roles.

We looked at how to go about planning an access policy. This is not only an important requirement, in terms of making sure the site runs smoothly, but also helps to solidify how the site will eventually work by forcing you to consider many eventualities. Following this, a tour of the fundamental aspects of access control in Drupal saw us discussing roles, permissions, and users, and learning how to plan and implement an access policy based on the requirements of the site.

A discourse on how to use the contributed module that controls access based on taxonomy showed us how to implement even further fine-grained control over the content's access permissions. However, you probably also found out that creating a well-designed and coherent access policy takes a bit of time. Planning, and above all, testing, will help ensure that everything works as intended.

Access rules were then introduced as a further way of controlling who gets into the site, with a discussion on how to use the wildcard characters effectively. With that, we are done with access control although you are strongly urged to spend some time playing around with the various options until you are comfortable with being able to make changes and knowing their effects.

The next two chapters take an in-depth look at content—the beating heart of Drupal!