| Attribute | Average |
|---|---|
| Features | 3.5 / 5 |
| Reliability | 3.67 / 5 |
| Ease Of Use | 2.83 / 5 |
| Documentation | 3.33 / 5 |
| Vote Count | 6 |
Access control for user roles based on taxonomy categories (vocabulary, terms). Automatically controls access to nodes (based on their taxonomy terms). Configuration page for each user role. Three node access permission types: View, Update, Delete. Two term access types: View tag, Add tag. Drupal... [More...]
| Maintainer: | xjm |
| Links: | |
| Categories: | Content access control, Security, Taxonomy, User Access & Authentication |
| Version | Date | Files | Release notes |
|---|---|---|---|
| 7.x-1.0-rc1 | 2011-Sep-10 | Download | Recommended |
| 6.x-1.3 | 2011-Feb-07 | Download | Recommended |
| 7.x-1.x-dev | 2011-Nov-14 | Download | Development |
| 6.x-1.x-dev | 2011-Sep-08 | Download | Development |
Options: Add a review
I almost did not use this module because of a review that says it "utterly failed to provide role-based access to taxonomies." While it does take a little effort to understand how to use Taxonomy Access Control, the same can be said about almost any Drupal module.
For my purposes, this module worked beautifully to provide role-based access control to content types that have a taxonomy associated with them, assigning different levels of access to different roles based on taxonomy terms. You do have to read the documentation, however, to understand that Taxonomy Access Control works in concert with other permission schemes. For example, the documentation states that "[Create] . . . does not give the role the ability to create nodes by itself; the role must have create [type] content permission on the permissions administration form in order to create new nodes." If you're having trouble with this module, be sure read through the docs to understand how it interacts with other access control modules you may be using. Once I (sort of) got my head around the various levels of access controls, I found this module worked well to implement the access controls my customer wanted.
This module is difficult to configure and a bit un-intuitive to administer (RTFM!), but it adds powerful, fine-grained control and flexibility to Drupal's access control.
Use case that other access control modules can't cover: Various groups of users can add and update content in certain categories of a content type, but should not have permissions to add or update everything in a content type. In my case, I have a few content administrators for each department; these content administrators can post documents and announcements in various taxonomy categories, and update documents or or announcements that have already been posted in those categories, without having this sort of access for taxonomy terms belonging to other departments.
Edit: increasing my score for "reliability" because the new release (6.x-1.2) has the major bugs fixed. (I know, because I fixed them!) The documentation should be better now, too.
If you have a very simple site, this module will likely work for you. If you are managing a large array of users, content types, and permissions, then this module is definitely not for you. It tends to be confusing as to why certain permissions are triggered and when. It also tends to screw with the drupal API in weird ways - so if you are running lots of other modules, they may end up interacting with TAC in funky methods. TAC costs me lots of lost time because it was overriding a node_save that another module was calling.
The writers and maintainers of this module deserve a lot of credit.
I have used it in 4.6, 4.7 and 5.7 and it certainly does work. But it is hard to get your head around sometimes how it works and the practical effect of different settings.
I think the difficulty is inherent in having to bolt something fundamental onto Drupal core alongside the core role and access permission systems. Imho it illustrates the need for a much more granular approach to content access being built into core.
The documentation is reasonably clear in the context of the above.
When I first set my site up 3 years ago I was pushed towards Organic Groups, didn't feel that gave me the user experience I wanted, tried simple_access but found it was TAC that really provided me the functionality I wanted.
From my own experience, it is worth looking at more than one module to see which most closely matches what you want to do. And the only problem with that is you don't really see the possible pitfalls until you have installed them and tried to run with them. A comprehensive and comparative review of the different node access modules would be useful.....
This is a must have module if you are building a content driven website
For my purposes, these modules were useless. Tac_Lite and Taxonomy Access Control utterly failed to provide role-based access to taxonomies.
I've tried the arcane, and mislabeled, "create" toggle. I've tried the "rebuild permissions" button. Perhaps I don't really understand what these modules are for, but if you're trying to apply vocabularies based on user role, look elsewhere.
Documentation for these mods is also spotty.
