Drupal 6 向特定角色授予一个模块页面的权限
我有一个模块可以创建多个 admin/settings/modname
页面。
我创建了一个新角色。
我希望该角色只能访问一个特定页面,例如 admin/setting/modname/custom1
我该如何为该角色分配仅对该页面的访问权限?
这可以在我的访问参数
下的hook_menu
下完成吗?
现在,该角色在所有页面上都被拒绝访问。
I have a module that creates several admin/settings/modname
pages.
I created a new role.
I want this role to only be able to access one specific page, say admin/setting/modname/custom1
How would I go about assigning access right only to that page to this role?
Would this be done under my hook_menu
under access arguments
?
Right now, the role gets Access Denied on all pages.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您可以实现
hook_perm
为您的模块提供一组自定义权限:然后在
hook_menu
的菜单项中使用访问参数
建议:一旦您安装了模块/清除了 Drupal 的缓存,请转到权限管理页面并将新权限授予所需的角色,并且具有该角色的用户(理论上)将能够访问它。
我说“理论上”是因为如果您的路径位于
admin/
下,那么该角色还需要访问管理页面
权限才能查看该页面,这会引入潜在的风险安全问题。最好的选择是将路径更改为admin/
之外的其他位置,以避免处理此问题。You can implement
hook_perm
to provide a set of custom permissions for your module:And then in your menu item in
hook_menu
use theaccess arguments
as you suggest:Once you've installed your module/cleared Drupal's caches go to the permissions admin page and grant your new permission to the required role and users with that role will (in theory) be able to access it.
I say "in theory" because if your path resides under
admin/
then the role will also need theaccess administration pages
permission in order to view the page, which would introduce potential security issues. Your best bet would be to change the path to somewhere other thanadmin/
to avoid having to deal with this.