access control

I eventually want to hunt for someone to do development on this idea, but first I'd like to find out how it can be designed to be of greatest benefit to the community.

I want to be able to manage access to a node, with CCK fields. The node should be viewable by both a role and at least a single (ideally multiple) user(s) not in the role.

Hello,

I'm building a multi-lingual site, where I would like different translation groups/roles to be able to work on their language (and only their language) to translate source content. In some cases translating in response to content being posted, and at other times originating the content.

Here's my setup: I have a network with different forums and different content but shared users on one codebase on the same database with different prefixes.

What I'm hoping for is a way for all of these sites to share the same 'off-topic' category but different overall forums. What's the best way to achieve this? Thanks.

For a project, we just came up with another way to skin the multisite problem.

Domain Access is a node access module that enables multiple sites to be run from one installation.

The beta has been released.

See the module in action at http://skirt.com/map

Hello,
I'm here because it seems like the only place I am likely to find some help with Access Control, having scoured the internet for help elsewhere...

Trong cuốn Building Online Community with Drupal trang 36 nó có cái hình này:

http://trunga.com/tmp/drupal_comment_access.JPG

Sao khi mình cài Drupal lên thì ko có thêm 2 cái quyền mà mình đánh dấu trong hình nhỉ?

I am reporting some findings that I hope will help others who decide to try any access control module currently available to Drupal 5.1 or earlier.

I've put some work into a 5.x nodeaccess module. It could be the superior from the current nodeaccess module, and perhaps also from the simple_access module. I'm waiting for feedback from the authors..

So my module provides extended role based access control per content type, but it can be configured to manage per user access control per node - it does this by integrating with the ACL module, as well as role based per node access control.

Like simple_access it doesn't touch any permissions when it's activated. It also does some performance optimizations and tries to keep the UI simple.

Read a more detailed description or download and test the module at http://drupal.org/node/135693.

How does one handle access control when doing Ajax requests? Take a completely hypothetical example: I have my Drupal install setup in a way where only authenticated users may attach comments. I also want to add comments using an Ajax call instead of a normal fom submission (I said this was hypothetical, not that it was practical).

How would I make this secure? The comments box is stripped automatically for anonymous users, but anyone who knows where the Ajax call submits to will be able to send along the usual arguments. How do I make sure it was a validated user who submitted?

I have read some general articles on security and Ajax.

I've been thinking about some of the specifics of creating a personal workspace within Drupal -- although my main area of interest is education, these thoughts have applications outside education -- these are some rough notes, and I'm curious to see/hear reactions about what I'm missing/overlooking. These notes are not intended to be comprehensive, but a starting point in a conversation about some specific functionality

Some basic functionality--

<

ol>