Beginning Drupal 8
Todd Tomlinson - Beginning Drupal 8 (The Expert's Voice in Drupal) - 2015
Todd Tomlinson - Beginning Drupal 8 (The Expert's Voice in Drupal) - 2015
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Chapter 3<br />
Creating and Managing Users<br />
Now that your site is up and running, you have a couple of decisions to make. First, will you have any<br />
administrators on the site other than yourself? Second, will your site be open to everyone, or will users need<br />
to log in to view content and other features? In this chapter, I cover how <strong>Drupal</strong> treats visitors to your site,<br />
and how you as a site administrator can configure <strong>Drupal</strong>’s user account features to restrict the capabilities<br />
of those who have user accounts on your system.<br />
Users, Roles, and Permissions<br />
Controlling who has the ability to do what on your website is performed through <strong>Drupal</strong>’s security features.<br />
<strong>Drupal</strong>’s security features provide the ability to define who has the ability to view, create, update, delete, and<br />
participate through a combination of individual user accounts, user roles, and permissions.<br />
Users (or site visitors) in <strong>Drupal</strong> 8 are divided into two general categories: anonymous users and<br />
authenticated users. Anonymous users are individuals who visit your website and do not log in using a user<br />
ID and password. If you visit www.cnn.com and don’t log in, you’re classified as an anonymous user. With<br />
<strong>Drupal</strong>, you have the ability to support anonymous users, and you also have the ability to restrict what an<br />
anonymous user can do on your site. Authenticated users are visitors to your site who log in using a unique<br />
user ID and password. I’ll cover how user IDs and passwords are created shortly, but understanding the<br />
difference between the two categories of users is important.<br />
Roles are a <strong>Drupal</strong> mechanism that allow you, the site administrator, to define categories of<br />
authenticated users of your website. You may define roles on your website that are department specific<br />
(e.g., a role each for human resources, purchasing, sales, marketing, and customer service), roles that are<br />
functionally oriented (e.g., content authors, content reviewers, content publishers), roles that are associated<br />
with a specific section of your website (e.g., products, support, sales, homepage), or any other definition that<br />
you can dream up. Roles are simply a way of putting authenticated users into categories, where categories<br />
are associated with specific permissions. Any authenticated user of your website may be assigned to none,<br />
one, or more than one role (e.g., you may have a user who is assigned roles of sales department, content<br />
author, and products).<br />
Permissions in <strong>Drupal</strong> are a mechanism for controlling what a user assigned to a specific role can<br />
do. There are dozens of permissions that you can enable or revoke for each user role you have defined.<br />
Examples of permissions that you might set for a specific role include: the ability to create a new page, the<br />
ability to create a new article, the ability to edit any article regardless of who authored it, the ability to search<br />
content on the website, and the ability to add a new user account. The combination of permissions that you<br />
set for each role defines the capabilities that a user assigned to that role can do on your website once they<br />
have successfully logged in.<br />
When you combine user roles with permissions and individual user accounts, you end up with a highly<br />
configurable solution for securing access to key features and content on your website.<br />
23