VERSION: 7.x-1.x development build OVERVIEW -------- Tac_lite stands for Taxonomy Access Control Lite. This module grants access so that some users may see content that is hidden from others. A simple scheme based on taxonomy, roles and users controls which content is hidden. Bear in mind that, like all modules which use Drupal's built-in node_access features, this module does not prevent users from viewing/editing nodes which Drupal's permission allow them to view/edit. To use, configure Drupal to not grant the permission, then configure tac_lite to grant it. As the name implies, this module shares some functionality with an earlier module called Taxonomy Access Control (TAC). If you are shopping around for an access control module to use, consider that one as you may find that it suits your needs. In my case, I wanted access control but without some of the complexity introduced by TAC. I also wanted more flexibility in granting access on a per user basis. Here are some key features of tac_lite: * Designed to be as simple as possible in installation and administration. * Uses Drupal's node_access hooks and taxonomy module to leave the smallest possible footprint while doing it's job. For example, it introduces no new database tables. * Grant permissions based on roles. * Grant permissions per user. (Give a specific user access beyond what his/her roles allow). * Supports view, update and delete permissions. USE CASE -------- Here's how I originally used this module. This description might make it easier to understand why one might prefer tac_lite over TAC. My website helps me manage my work projects. I use Drupal's project module to track issues. Some of my projects are for the public to see (i.e. Drupal modules) others are limited to my clients and partners. These restricted projects should be visible only to me, the client in question, and partner(s) working on that particular project. I've defined a vocabulary for my projects (same one used by project.module) and I've defined a client role and a partner role. Partners can contribute to the website, while clients can read content but post only issues. Using TAC (or as far as I know all other access control modules) I would have to create a new role for each project/role combination. That is, for the Acme project I'd have to create roles 'Acme Client' and 'Acme Partner' in order to assign permissions just the way I want them. Using tac_lite, I simply associate each user with the project(s) they are allowed to see. That is, I associate some clients and some partners with Acme. Their role (client or partner) controls what they can do, and the associations through tac_lite control what they can see. INSTALL ------- Enable taxonomy module. It's required. Install this package the normal way. - put this file in a subdirectory of the modules directory. - enable using admin interface - no database tables to install. USAGE ----- Log in as an administrator. (uid==1, or a user with administer_tac_lite permission) Create a vocabulary which you will use to categorize private nodes. You may want to create a vocabulary called "Privacy" with terms like "public", "private", and "administers only". Associate the vocabulary with node types, as you would normally do. Go to administer >> user management >> access control >> access control by taxonomy. Select the category you created in the earlier step ("Privacy"). Create some content. Choose a node type you've associated with "Privacy". Note that you can view the content you just created. Other users cannot. Edit the account of another user. Go to the tac_lite access tab under edit. Select a term you selected when creating the node and submit changes. Now the user can also access the node you created. NOTES ----- If behavior of this or any other access control module seems to be incorrect, try rebuilding the node access table. This may be done under administer >> content management >> post settings. There is a button there labelled "rebuild permissions" Another useful tool is a sub-module of the devel module, called devel_node_access which can give you some insight into the contents of your node_access table. Recommended for troubleshooting. AUTHOR ------ Dave Cohen http://www.dave-cohen.com