Beginners Guide to Drupal: Users, Roles and Permissions
Drupal has one of the greatest abilities to control how and which users can access on your site. You, as a Drupal admin, can set permissions for these "users" to define who can do what for Drupal modules. Drupal allows you to setup any number of different kinds of users or roles.
For many people who are new to Drupal or to site management in general, understanding users, roles, and permissions can be puzzling.
At the most basic level, a user is anyone who visits your site. Every visitor of your site, whether they have an account and they are logged in or they visit the site anonymously, is considered a user to Drupal. Every user has a numeric user ID special to the type of user. The first user created (user/1) is the primary admin user account created during Drupal installation. This user is very special because it has the permission to do absolutely everything on the site. User/0 is reserved for the unregistered/anonymous user. User/2 and all other registered users on your Drupal site should each be associated with an individual person. Registered users can be assigned to roles, which are given fine-grained permissions to allow different users different access to administer the site and add content.
Drupal users can be divided into several different groups, each of which is called a Role. A Role specifies who they are and what you want them to be able to do (or not do) on your website. By default, Drupal has three different types of roles – ‘Anonymous’ users, ‘Authenticated’ users and ‘Administrator’ users.
Anonymous users are users who have no accounts in your site. They all share a user ID of zero (0). Authenticated users are those who have accounts in your site. These users are assigned a user ID when they register for the website. Administrator users are also authenticated users but have administrator level privileges.
Permissions are setting specifying rules to certain roles to decide what these roles can and can’t do on your site. That means when those users of these roles are logged in, Drupal will let them do the actions you gave that role’s permission to do. Drupal permissions are quite flexible; you are allowed to assign permission for any task to any role, depending on the needs of your site.
Managing roles in Drupal 7
To create (or edit) a role, you have to navigate to the Roles Page which can be found in People > Permissions tab > Roles tab. You can type in the below text box of your new role (e.g. 'member') and click 'Add role'. (see Figure 12: Manage roles)
Figure 12: Manage roles
Your new role has been created. Now, to create a user, you can go to the People page and click '+ Add user'. (see Figure 13: People page)
Figure 13: People page
After entering the username, email address and password, enable the 'member' role by selecting “member” under Roles and click 'Create new account'. (see Figure 14: Add user)
Figure 14: Add user
Your new user account with the member role now has been created. You can configure permissions for member roles in the People > Permissions tab. To give the member role the ability to create and edit pages within the site, you have to scroll down to the Node section of the permissions page and click the checkbox next to ‘create’ and 'edit' for each content type and click ‘Save Permission’ at the bottom of the page. (see Figures 15 and 16)
Figure 15: Permission page
Figure 16: Providing permissions to member role
If you start off with a blank template of Drupal, you need to fill it with content. Each piece of content that you put on your page is referred to as a block. Blocks are assigned to regions. Blocks are the boxes of content that can be displayed in regions on your page.
Regions in Drupal are predefined areas in your template where content can be added to. For example, the header, footer, content and sidebar are all regions. (see Figure 17: Regions and blocks)
Figure 17: Regions and blocks
In Figure 17, you can see the basic concept of regions in Drupal. The different regions are highlighted on the page. When you add content to your page, you'll need to choose which of these regions you will add the content to. From the figure, you can notice that user login box (block) is assigned to the sidebar (region), the page’s main content (block) is assigned to the content region and the main menu (block) is assigned to the header (region).
Adding a block
Blocks are made available to your site most commonly by enabling modules. Once created, a block can be modified to adjust its appearance, position or which pages it appears on. By going to the Structure > Blocks page as an admin, you can see that different blocks are assigned to different regions.
You can scroll down to the bottom of the list and find disabled blocks which are not assigned to any region. If you click "Configure", you can do so and edit the contents of the block, deal with the visibility settings and even change/add the block to the region of your theme.
To create a new block, you have to click the ‘+ Add block’ link from the blocks page. In the ‘Add block’ page, there are several fields that you need to fill out for this new block. (see Figure 18: Blocks)
Figure 18: Blocks
Figure 19: Create block
In the block title field, enter the title of your block. If you enable the option to show the title for your block, this is what will appear. (see Figure 19: Create block)
The block description field is used primarily to identify this particular block in your Drupal admin section. If you had 20 different blocks for example, unique descriptions will help you organize and manage your blocks more efficiently.
The block body is the bulk of your block. For example, if you were creating a block to show social media icons, the HTML code would be entered in the block body.
The text format controls if and how your block body will be filtered. For example, there are some options that allow HTML code and others that don't.
The region settings allow you to setup where each of your blocks will appear. Beneath each listed theme, select the region to display the block in. In order to know how to choose a region, you'll first need to know where each region is within your theme. Keep in mind too that you can change where the region blocks are assigned to at any time.
From the visibility settings section located at the bottom of the page, you can manage different settings. The pages setting allows you to restrict which pages this block will be displayed in. The content types setting allows you to control which content types this block will appear with. The roles setting allow you to specify which types of users can see this block. User settings give you the ability to show or hide certain blocks from specific user roles.