Skip to main content

Posts

Showing posts from May, 2010

Drupal Camp Toronto 2010

Okay, I haven't been involved in organizing Drupal Camp TO since 2008, and last year it didn't even happen, but I'm delighted to report that it appears that a new crop of organizers are really, really making it happen this year. So, pencil it in for October 15 - 16, 2010. Once there's a site up, it should be accessible here: http://2010.drupalcamptoronto.org (but meanwhile it's still showing our 2008 camp ...).

Congratulations to the organizers!

[Oct 4, 2010 update: actually, extra congratulations for bringing in an amazing line of keynote speakers, including Dries himself: keynote page. Now - go register before it fills up!]

Drupal Node Access

Most website permissions work like this: you've got the anonymous public, who can see everything you've published, and a webmaster or two who can see and edit everything.

But once you add the complexity of users publishing their own content, or adding an 'intranet' where only some people are able to see private content, it gets tricky. Unlike Wordpress and Joomla that are very focussed on the simple website permissions model, Drupal was originally built as a platform for collaboration, and it's got some great tools for addressing all kinds of access use cases. In particular, sometime around when I started working with Drupal, the node access system of access control was born.

Unfortunately, the problem of access control is inherently challenging due to its complexity, and every time I try to implement it, I have to reread about the Drupal node access model to remember how it works. I've just had to do this again while implementing a customized Open Atrium insta…