Posted by Anonymous on March 2, 2012 at 11:54am
Hi,
I'm developing an iPhone app to populate Drupal nodes using client side DIOS libraries.
The server side is a Drupal 6 with Services 3.1 and REST server 3.1 modules.
I'm able to create nodes via iPhone interface after authentication but I want to restrict node creation only via iPhone app, denying users to create nodes directly from /node/add page.
Is there any way to do that?
Thanks,
Igor
Comments
User Roles or Menu Alter
Hey Igor,
Since you're using authentication I would approach this problem from a user role standpoint. Create a user for the iPhone and assign it a new role. Give only that role the appropriate node permissions. Then, make sure your regular users don't have the node creation permissions.
If you're in a situation where you need that author information and want users to log in with their own accounts, the problem looks more challenging. It might be possible to use Rules to determine how a user logged in and assign them a role based on their method of authentication. Then, you could have a mobile_access role and assign it to a user when there was an active session that was opened through REST. The mobile_access role would be the role with the appropriate node permissions. If they log in on both the mobile device and their regular browser, you might run into some issues, though.
You could try using a menu_alter to change the access callback for the /node/add menu item to be something like ($uid == 1).
I thought to the first option
I thought to the first option but it isn't feasible since I want to link new nodes to users account, and i don't want to store hardcoded username and password for a user in to the app.
The second options seams to be interesting I'll give it a chance :)
Thank you very much.
Igor