I have an intranet on the Drupal platform. I am using permission to restrict access to certain node types that have sensitive informatio开发者_运维问答n in them. This is all working nicely.
However, some of theses sensitive nodes use taxonomy as a method of categorization. The problem is, I have found certain paths, apparently created by the taxonomy module itself, that show teasers of these sensitive nodes, even to unauthenticated users.
for example: mysite.com/category/traintype/site
Shows the companies training appointments where the training type is onsite. These nodes are set so that they should not be accessible to users of a certain roles, and certainly not to unauthenticated users.
I have looked through Views on the site, and I don't see any taxonomy views. So, how can I make these paths inaccessible?
Another method is to alter node.tpl.php to strip the teaser if the user does not have access.
You can use hook_menu()
or hook_menu_alter()
in a custom module to overwrite the default menu item that is created by the taxonomy module. Here you can add your own extra permission check or remove it altogether.
精彩评论