Reviewing Permissions

It’s helpful to learn a little about permissions, including how to grant authority to people for doing things on the site.

To investigate permissions, log into the Drupal site, and click on the “People” link at the top:

Then on the next screen, click the Permissions tab:

There’s some basic information (which I recommend reading), and then a series of columns: Anonymous User, Authenticated User, and Administrator (see Figure 7.2).

Figure 7.2. Various types of users in the People section.

[View full size image]

Basically, what this allows you to do is to grant permissions to various kinds of users and to adjust as necessary. As with other settings, Drupal makes some educated guesses about default settings, but it’s still helpful to know the capability is here, and to understand how to change them.

For example, if you scroll down, you’ll see that the default settings allow an Authenticated User to view and post comments (see Figure 7.3). This means that if you allow people to register on the site, or for any users you create, they can comment on articles. An anonymous user (not logged in—any visitor, in other words) can only view comments.

Figure 7.3. Permission.

[View full size image]

Now, try scrolling down to the Node section (see Figure 7.4). A node is Drupal’s way of referring to a part of the website. And this column shows how both Anonymous and Authenticated users can view published content. You could change the settings so that neither could view content (if you wanted to have a private site, for example).

Figure 7.4. An example of telling Drupal who can do a certain thing when they log in.

[View full size image]

Further on down is another area worth being familiar with. In this area, you can see that Authenticated Users are not able to create content or edit content. You could change that if you like (see Figure 7.5).

Figure 7.5. Additional permissions.

[View full size image]

After adjusting any settings, click the Save permissions button: