Managing Content Security in Drupal 7

In any organisation, there is the inevitable issue of who may manage the content. There is concern about authenticity of information and accountability of the content displayed on the site. In many cases, organisations do no mind delaying making information available and are very risk-averse to inappropriate content showing up on their site.

By default, you may control access by defining roles. A role may have access rights to a content type. This is generally too restrictive an option. The same content type may be used across the organisation but rights may depend on the actual content. As expected, there are a number of modules available for Drupal 7 which address aspects of this concern.

The module you may find very useful is Workbench - Workbench consists of four additional modules. We will discuss moderation and access modules, which are especially useful and relevant in most instances.


Typically, often the first area of concern is to allow only certain people to manage sub-sections in a site. For example, marketing department should be responsible for any sales and marketing related content. Furthermore, content related to each product may need to be managed by the corresponding product manager. That is, a hierarchical control for the management of the web site is desirable.

The Workbench Access module provides two mechanisms for controlling access. The first way is by using a menu. Menus are hierarchical. So, access rights can be given to people for each node of a menu. A person having rights to the 'Products' node will have rights for individual products under that node.

This set up is very simple to understand and seems easy to implement. However, it requires the menu to be modelled on the ownership hierarchy of the content. In some instances, content managed by Marketing may need to be a part of the Corporate or some other node. This results in complicating the management of rights to the content.

It is better to identify each content with a label and manage content based on the label regardless of where it may be displayed on the site. So, the alternate mechanism based on taxonomy offered by Workbench Access is a far better option.

You define a hierarchical taxonomy, very much like a menu, using the Structure => Taxonomy option in the administrative menu. You need to worry only about the parent-child relationship in the definition of the taxonomy and not about the type of content each node represents.

Once the taxonomy is created, you may enable the Workbench Access module and associate the taxonomy you just created with it. Each term in the taxonomy becomes a 'Section' to be managed by Workbench Access.

You will also need to make sure the content types you want managed by access control are enabled.

The next step is to associate editors with each section. That is, add users for each section who are permitted access to the corresponding section.

Now, when a user tries to add content, he can add content to a section for which he has rights and nothing more.


It is better to try one module at a time for better understanding of the flow. Hence, disable the Workbench Access module and uninstall it. Now, you may enable the Workbench Moderation module. After enabling the module, you will need to enable the content types which need to be moderated. You do so by selecting the Structure => Content Types in admininistration menu. Then, you will need to check the 'Create New Revision' and 'Enable Moderation of Revisions' options. This is done in the 'Publishing options' for each content type that needs moderation.

It is a common requirement to be able to review and edit content before it it published. So, you need to keep track of the state of a document, other than published or not. When an author enters a content, it will be in the draft state. The author may complete the entry over several sessions. Once the author is satisfied, he would change the state of the content to 'Needs Review'. The reviewer may approve the content as is or after editing it and push it to the 'Published' state. In case the reviewer is not satisfied, he may put it back in the draft state.

These are the default states in the Workbench Moderation module. You may wish to add a state 'Reviewed' in case publishing is done by someone other than the reviewer. The module is pretty versatile. The permissions are controlled by Drupal roles. The Workbench Moderation adds some more entries in the already pretty large set of permission options (People => Permissions in administration menu). The configuration options for the Workbench Moderation module includes an option to check permissions. It does not set any permissions but helps you make sure that the permissions for a role have been set appropriately for the task you expect a role to be able to perform on a content type.

Moderation and Access Control

As you might expect, if both Workbench Access and Workbench Moderation module are installed, you can control the activity a user or specified users can perform on content identified by a taxonomy. Each module is configured independently. The rights for a user are the combination of both. A user will be allowed access to a piece of content as per the Access module; but what he can do to that content will be as per the rights for the role to which the user belongs. It is a bit tricky to separate the two concerns in the beginning; however, once you have experimented a bit with each module separately and understood their configuration options, it is not too difficult.

Finally, how does a user know what items are pending for him? This is where the Workbench module comes in. Workbench is included in the administration menu. Since you may not want the administration menu bar to be available to all users, you may be prefer to add a link with the path “admin/workbench” to the user menu.

Getting security and access rights properly defined is never easy. Getting it right takes time and effort. It is far better to spend time upfront and experiment with various options than to ignore it. The cost of ignoring security is usually very high in case anything goes wrong. Perhaps the biggest personal cost is the embarrassment of having to own up to being sloppy and careless.