LoginToboggan Access Denied when using Content Access Control
I launched a new site yesterday for a client. It's a restricted content site. Users are only allowed to view certain content types after creating an account.
The simplest most straightforward way to limit access to individual content types is by implementing the Content Access module. The module adds an Access Control tab to the content type which allows fine-grained permission control for viewing and editing each content type.
The site, however, also uses the LoginToboggan module to assign new, but unverified, users to an intermediate, or non-authorized, role. I called this role "Not verified". Pretty original, I know.
So the new user sign-up and get on with viewing content process looks like this:
- User creates account
Creeping Elegance and the Drupal Developer
One of the first points I always make to anyone who asks me about the ins and outs of custom Drupal development is to spec out your projects nice and tight and to get customer sign-off on those specs. Time and again I find this is the biggest source of failure for developers.
I know this because I've been there. It's an easy trap to fall into. It's easy to be eager for the job. The natural instinct is to get on with the work once the client says yes. If we don't take the extra step to define exactly what work will be done (along with the time frame and cost) we'll eventually realize that the work will never be done, the time frame will extend and extend, and the cost per hour will plummet.
