Prevent "Access Denied" for anonymous users - Session node access module

11 Oct 2015

Today's users are becoming increasingly spoiled by technologies allowing them to deeply interact with websites without having to create an account first. To keep up with this development and to entice users to use your website without them having to give up any personal information requires a bit of problem solving in Drupal.

The first obvious problem to solve is the increase of spam posts this set up will inevitably cause. If your site is small to medium sized, I recommend the Honeypot module configured the way it's described in this article. For huge sites, captcha will be the only way to go.

The other thing is that you probably do not want the anonymous content to be publicly visible after creation. The content must first go through an administrative approval process before it is publicly available. In Drupal 7 you can do exactly this by unsetting the default value of the 'published' checkbox on the content type edit page.
The problem with this is that as soon as the anonymous user saves the content, they loose access rights to it and get redirected to an 'Access denied' page which is not very user friendly.

In addition to the above, you may want the anonymous user to be able to edit or even delete their own content in case they find an error right after submitting it. Users often find typos or other kinds of mistakes right after content submission.

Gbyte created the Session Node Access module to tackle exactly these issues. The module allows administrators to grant certain user roles (not only anonymous users) specific permissions to content they created. These permissions last only as long as the browsing session lasts; after that, the regular permissions apply again. This way it is possible to allow guests or users of a certain role to keep access to their content, even if it is pending for approval.

Feel free to download Session Node Access from its module page.

Session Node Access configuration screen:

Session node access configuration screen

Comments

Add new comment

The content of this field is kept private and will not be shown publicly.

Restricted HTML

  • Allowed HTML tags: <a href hreflang> <em> <strong> <cite> <blockquote cite> <code> <ul type> <ol start type> <li> <dl> <dt> <dd> <h4 id> <h5 id> <h6 id>
  • Lines and paragraphs break automatically.
  • Web page addresses and email addresses turn into links automatically.

Get a quote in 24h

Wether a huge commerce system, or a small business website, we will quote the project within 24h of you pressing the following button: Get quote