Customize Organic Groups Global Permissions
Written Steps
In this video we will set custom global permissions for groups on our site.
Organic Groups Global Permissions
First, let’s take a look at the Organic groups global permissions
- Go to Configuration > Organic groups global permissions
These are the permissions active for all groups that are not overriding the default roles and permissions.
This is also where we can change how groups behave by default. For example, we can specify that members should be able to edit their own article content.
- For member role, select: Edit own article content
- (Save global permissions)
Now if we have Chelsea view "Chelsea's First Article (Group)" you'll notice that she has the "Edit" tab, but she can't delete it. So members can revise their articles, but not delete them. If we give members the permission "delete own Article content," we will see that Chelsea is able to delete her article.
- For member role, select: "Delete own Article content"
- (Save global permissions)
When Chelsea edits her article, she now has the "delete" button next to "Preview."
The permissions "Edit any Article content" and "Delete any Article content" allow users to edit and delete content posted to the group by any member, not just themselves. This should clearly be given only to trusted members. This is the reason I have created the role "Content Moderator."
We can give the permissions: "Edit any Article content" and "Delete any Article content" to the role "Content Moderator."
- For the role: "Content Moderator", select:
- Edit any Article content, and
- Delete any Article content
Now we can have a handful of trusted members help moderate the content in each group.
Let's go over the rest of the permissions:
- Edit group (Only give this to trusted members). This will allow users to see the "Edit" tab on the group homepage. They will be able to:
- Change the group name
- Change whether or not this is a group
- Edit the body
- Edit any other fields you have added to the "Group" content type.
- Change the group visibility (whether it is private or public).
- Administer group (Again, only give this to trusted members). This will allow users to see the "Group" tab on the group homepage. They will be able to:
- Add people to the group (if they also have that permission below)
- See all members of the group and
- Approve membership requests
- Deny membership requests
- Block members from the group
- Remove people from the group
- Assign group roles to members
- View group roles (read-only)
- View group permissions (read-only) The group roles and permissions are currently read only. We'll see how we can override these in the video "Group Specific Permissions"
- Subscribe user to group. This permission allows the user to see the "Subscribe to Group" link. Membership must be approved by a group admin.
- Subscribe user to group (no approval required). This permission allows the user to see the "Subscribe to group" link. Membership is instant, it does not need to be approved by a group admin.
- Unsubscribe user from group. This permission allows the user to see the "Unsubscribe from this group" link.
- Approve and deny subscription. This permission allows the user to approve or deny a membership request by another user. This will also allow them to remove members from the group. (Used in conjunction with "Administer group" above)
- Add user. This permission allows the user to add other site users to the group. (Used in conjunction with "Administer group" above).
In the next video I'll show you how to set roles and permissions on a group by group basis.
Comments
permissions in drupal 6
how similar or different would you say OG permissions are in D6? Am having a hard time setting things up this way - bonus points = am ingesting all user nodes with feeds and wondering whether that's going to allow me to set permissions that way
Not sure
Ive not yet tried to update a site from d6 to d7, so I'm not sure how the permissions would transfer. Sorry :(
d6 -> d7
I'm upgrading to d7 right now. I think I did everything that can be done migrating and more; I had to write my own script to set the visibility settings of eache group content node.
What I see at admin/config/group/permissions/node/ were the default settings, so no migration of any settings. Since it is all so much more fine grained than in d6, it would be too hard to find the right migrated settings and also make everybody happy. For me the main charm of this is that I can recover my WIKI content in groups, but much, much more is possible.
og7 2.x
definitely great tutorial but... how to set global permissions on d7 2.x version? It seems to differ a lot form the one in this tutorial.
Not sure yet
I haven't played with the 2.x version for months now, so I'm not sure where it's at. As soon as it's released though, I'll be doing a series to cover it. In the meantime Drupalize.me has put together a series covering it that you might be interested in.
view but not edit by default
I have an "alumni" style site using OG for ex-students of my school. All authenticated users belong to a mandatory group (say, "ex-students") but additionally belong to a specific group that corresponds to the the year they started school. Posts in the latter group are typically visible only to members of that group. What I want to do is make all members of "ex-students" be able to see all posts, but only members of the group of the "poster" able to add comments/edit it etc.
Any hints or suggestions gratefully accepted !