Skip to content Skip to navigation

Using Display Suite to provide field-level permissions

Have you ever wanted to show only selected information on a content type to anonymous users and more information to authenticated users? It turns out that you can use Display Suite to provide field-level permissions for an entity.

In this post we'll show you an example of how to use Display Suite to display a field which is only visible for specific roles. In this example we use the Display Suite Field permissions, and create 1) an editable field called Private Info and 2) a code field called View by permission. A code field allows you to display among other things, one or more fields. Private Info is the field you enter the information you want hidden for selected roles, and View by permission displays the information in Private Info according to role permissions. Once View by permission has been created and Display Suite has been enabled for your content type, the code field will appear on the Manage Display page on the content type edit form; you won't see it on the Manage Fields form. You can set who can see the View by permission field on the Permissions page at admin/people/permissions. 
 

Here's how

Create or Identify a Field

  1. On an entity such as a content type (node) or bean, identify or create the field to which you will apply the field-level permissions. For this example, I'll use a content type with the field Private Info (i.e., field_private_info).

Enable and Configure Display Suite 

  1. On the Modules page (admin/modules) enable Display Suite Extras, Display Suite Format, and Display Suite UI
  2. On the Display Suite administration page (admin/structure/ds ) select the Extras tab


     
  3. On Extras page, select the Other tab, check Field Permissions, and click on Save Configuration



     
  4. On the Permissions page (admin/people/permissions), enable the Use the Display Suite code text format for your role



     

Create a Code Field

In this step you will create a Code Field that can display the contents of your original field and use field-level permissions.

  1. On the Display Suite Fields page (admin/structure/ds/fields) select Add a code field



     
  2. Add the Code Field information for your field:
    1. ​Give it a Label (e.g., View by permission)
    2. Select which Entities can use this code field (e.g., Node)
    3. Select Token
    4. Click on Browse Available Tokens
    5. For the Field code, click on token
    6. Click next on Browse Available Tokens
    7. In the pop-up window scroll until you find the relevant token. In this example, click on Nodes, then click on Private Info (e.g., [node:field_private_info])
    8. Close the Tokens pop-up window
    9. Click on Save



       
  3. On the Permissions page (admin/people/permissions) select the permissions for the Code Field
  4. Click on Save permissions


     

Enable Display Suite for Your Content Type

In order for you to access the new code field, you'll need to enable Display Suite for your content type. To do this, you'll need to select a default layout.

  1. Navigate to the content type Manage Display form (admin/structure/types/manage/your_content_type/display)
  2. In the vertical tabs at the bottom of the form select Layout for your content type in default
  3. Select a layout from the dropdown menu
  4. Click on Save

Display the Code Field

With Display Suite enabled for your content type, your new field should appear in the Disabled section on the Manage Display page for your content type. In this step you will allow the newly minted dynamic field to display.

  1. Navigate to the Manage Display form for your content type (admin/structure/types/manage/your_content_type/display)
  2. Scroll down until you see the new code field. It should appear in the Disabled section
  3. Hover over the "+" and move the field to a display region such as "Content"
  4. Select Save

Test it out!

Add data to the new field and view the entity with both the permission to view the field and without permission such as anonymous. 

Troubleshooting

Display Suite makes it easy to adjust field order. However, it is important to take your time when changing field order and allow the Javascript to finish processing before moving a different field or saving. Otherwise  your changes may not be saved properly and the database entry for your content type may be corrupted.
 
If you make any changes to the content in the "Private Info" field you may need to flush the cache to get the changes to show for all roles. 
 

For more information

https://drupal.org/node/2124297 

Acknowledgements

Thanks to Shea McKinney for showing this to me, and to Marion Marquardt for encoraging me.

Categories: