Get all 33 large screen training videos like this one, absolutely
free ($99 value) used by over
250,000 Drupallers
Drupal Security
In Drupal you can use roles to group a set of users to your site and give them set permissions or privileges. Your initial account is a super user. It is advisable to create an administrative role called "admin" and grant this role capabilities to administer and manage everything similar to an admin.
By default there are two roles as part of the installation - anonymous users and authenticated users. Anonymous user is any visitor to your site that does not login. Authenticated user, on the other hand, is any user who requests a login to your site. By default, visitors to your site have the permission to create an account on your site and inherit the privileges assigned to authenticated users. If you do not wish to have users on your site to have such privileges, you can control this fromadminister » user management »user settings. By selecting the option "Only administrators can create new user accounts" you can control the creation of new user accounts:

For my site JoeMatthew.com I am going to disallow anyone other than administrators to create new accounts and inherit privileges. For my site Gotofamousfootwear.com I am going allow shoppers to create their own account if they wish to do so.
For this, I will leave it to the default of "Visitors can create accounts and no administrators approval is required".
Below are the privilege settings for my JoeMatthew.com site and GotoFamousFootwear.com that you can mirror to follow along with this workbook without any permission issues
My Access Control settings for JoeMatthew.com
| Permission | admin users | anonymous user | authenticated user | |||||||
|---|---|---|---|---|---|---|---|---|---|---|
| aggregator module | ||||||||||
| access news feeds | ||||||||||
| administer news feeds | ||||||||||
| blockmodule | ||||||||||
| administer blocks | ||||||||||
| use PHP for block visibility | ||||||||||
| blog module | ||||||||||
| edit own blog | ||||||||||
| commentmodule | ||||||||||
| access comments | ||||||||||
| administer comments | ||||||||||
| post comments | ||||||||||
| post comments without approval | ||||||||||
| fckeditor module | ||||||||||
| allow fckeditor file uploads | ||||||||||
| use advanced fckeditor | ||||||||||
| use default fckeditor | ||||||||||
| filtermodule | ||||||||||
| administer filters | ||||||||||
| imagemodule | ||||||||||
| create images | ||||||||||
| edit images | ||||||||||
| edit own images | ||||||||||
| view original images | ||||||||||
| image_gallery module | ||||||||||
| administer images | ||||||||||
| image_import module | ||||||||||
| import images | ||||||||||
| menu module | ||||||||||
| administer menu | ||||||||||
| node module | ||||||||||
| access content | ||||||||||
| administer content types | ||||||||||
| administer nodes | ||||||||||
| create page content | ||||||||||
| create story content | ||||||||||
| edit own page content | ||||||||||
| edit own story content | ||||||||||
| edit page content | ||||||||||
| edit story content | ||||||||||
| revert revisions | ||||||||||
| view revisions | ||||||||||
| nodewords module | ||||||||||
| administer meta tags | ||||||||||
| edit meta tags | ||||||||||
| path module | ||||||||||
| administer url aliases | ||||||||||
| create url aliases | ||||||||||
| poll module | ||||||||||
| cancel own vote | ||||||||||
| create polls | ||||||||||
| inspect all votes | ||||||||||
| vote on polls | ||||||||||
| site_map module | ||||||||||
| access site map | ||||||||||
| surveymodule | ||||||||||
| maintain surveys | ||||||||||
| submit surveys | ||||||||||
| systemmodule | ||||||||||
| access administration pages | ||||||||||
| administer site configuration | ||||||||||
| select different theme | ||||||||||
| taxonomy module | ||||||||||
| administer taxonomy | ||||||||||
| trackback module | ||||||||||
| administer trackbacks | ||||||||||
| user module | ||||||||||
| access user profiles | ||||||||||
| administer access control | ||||||||||
| administer users | ||||||||||
| change own username | ||||||||||
| webformmodule | ||||||||||
| access webform results | ||||||||||
| clear webform results | ||||||||||
| create webforms | ||||||||||
| edit own webforms | ||||||||||
| edit webforms | ||||||||||
| use PHP for additional processing | ||||||||||
My Access Control settings for GoToFamousFootwear.com
| Permission | admin users | anonymous user | authenticated user | |||||||
|---|---|---|---|---|---|---|---|---|---|---|
| aggregator module | ||||||||||
| access news feeds | ||||||||||
| administer news feeds | ||||||||||
| apparelmodule | ||||||||||
| create apparel products | ||||||||||
| edit own apparel products | ||||||||||
| blockmodule | ||||||||||
| administer blocks | ||||||||||
| use PHP for block visibility | ||||||||||
| blogmodule | ||||||||||
| edit own blog | ||||||||||
| commentmodule | ||||||||||
| access comments | ||||||||||
| administer comments | ||||||||||
| post comments | ||||||||||
| post comments without approval | ||||||||||
| ec_mailmodule | ||||||||||
| administer ec emails | ||||||||||
| fckeditor module | ||||||||||
| allow fckeditor file uploads | ||||||||||
| use advanced fckeditor | ||||||||||
| use default fckeditor | ||||||||||
| filtermodule | ||||||||||
| administer filters | ||||||||||
| imagemodule | ||||||||||
| create images | ||||||||||
| edit images | ||||||||||
| edit own images | ||||||||||
| view original images | ||||||||||
| image_gallery module | ||||||||||
| administer images | ||||||||||
| image_import module | ||||||||||
| import images | ||||||||||
| menumodule | ||||||||||
| administer menu | ||||||||||
| nodemodule | ||||||||||
| access content | ||||||||||
| administer content types | ||||||||||
| administer nodes | ||||||||||
| create page content | ||||||||||
| create story content | ||||||||||
| edit own page content | ||||||||||
| edit own story content | ||||||||||
| edit page content | ||||||||||
| edit story content | ||||||||||
| revert revisions | ||||||||||
| view revisions | ||||||||||
| nodewords module | ||||||||||
| administer meta tags | ||||||||||
| edit meta tags | ||||||||||
| pathmodule | ||||||||||
| administer url aliases | ||||||||||
| create url aliases | ||||||||||
| pollmodule | ||||||||||
| cancel own vote | ||||||||||
| create polls | ||||||||||
| inspect all votes | ||||||||||
| vote on polls | ||||||||||
| productmodule | ||||||||||
| administer products | ||||||||||
| searchmodule | ||||||||||
| administer search | ||||||||||
| search content | ||||||||||
| use advanced search | ||||||||||
| site_map module | ||||||||||
| access site map | ||||||||||
| storemodule | ||||||||||
| administer store | ||||||||||
| subproducts module | ||||||||||
| administer own subproducts | ||||||||||
| administer subproducts | ||||||||||
| administer variations | ||||||||||
| systemmodule | ||||||||||
| access administration pages | ||||||||||
| administer site configuration | ||||||||||
| select different theme | ||||||||||
| tangible module | ||||||||||
| create shippable products | ||||||||||
| edit own shippable products | ||||||||||
| taxonomy module | ||||||||||
| administer taxonomy | ||||||||||
| trackback module | ||||||||||
| administer trackbacks | ||||||||||
| usermodule | ||||||||||
| access user profiles | ||||||||||
| administer access control | ||||||||||
| administer users | ||||||||||
| change own username | ||||||||||
| webformmodule | ||||||||||
| access webform results | ||||||||||
| clear webform results | ||||||||||
| create webforms | ||||||||||
| edit own webforms | ||||||||||
| edit webforms | ||||||||||
| use PHP for additional processing | ||||||||||
Resources
Video
In this video you will see how to
- Create a new role
- Manage the privileges of this role
- Change the account creation settings for your site
- Create a new user account and assign it to a role.

