The Beginner's Drupal Administration Series
This admin section is one of the smallest, so I will share a few extra configuration options and extras, along with all the basic defaults.
With the 'People' admin section, you can
- Add a new user
- Add/edit user roles
- Configure site permissions, which are based on roles in Drupal (they are not on a per-user basis)
If you just click on the top-level 'People' link without hovering to go to its subsections, you'll get a listing of all the users who have an account on your site.
You can use this page to search for users given the default filter options at the top and perform mass functions like deleting or blocking users by checking which users you want to include in the action, and selecting the action from the 'Update Options' box.
If you end up having a lot of site content editors, webmasters and site users, this screen may become inadequate in searching for your users. If that is the case, you can add the Advanced User module to your site. As soon as you enable that, you will see a new 'Advanced' menu drop-down and tab, which will allow you to search for users based on individual fields that appear in the user profiles and so on.
Adding new users
The first link under 'People' allows you to add a new user to your site, whether it is to add a new admin, content editor or site user. By default, the fields you need to fill in to create a Drupal user are
- blocked or active
- Drupal automatically includes all roles currently created on the site, and you can check which ones (if any) would apply to the user you're creating
- checkbox on whether to notify the user of their new account
The form used to create a new user is almost the same as the one you use when you want to edit a user later on, so you can always come back and change any of these. The 'edit' form includes a few extra fields, such as user photo field and timezone settings.
If you need to add additional fields to your user's accounts, you can do that! Perhaps you're working with subscribed users and what to add a 'Subscription expiration' field. Perhaps you want users to be able to add their age for some reason...
Since Drupal 7 re-did their whole Entity API, it's easy to add fields to user accounts, since users are just entities like nodes. Yipee! Simply go to Configuration -> People -> Account settings -> Manage fields/Manage display to edit which fields are included in the account and how they are displayed.
You will see the very familiar screens to add/edit fields and configure how they're displayed!
Configuring roles and permissions
The last screen in the admin 'People' section is the one where you can configure roles and permissions. (The roles page is under the permissions page.
The default roles that come with all clean Drupal installations are
- anonymous user
- This role is automatically given to all users who browse your site who are *not* logged in - the majority of your site visitors. So if your site is public, the anonymous role should typically have permissions to 'View published content' and 'Use search', etc
- authenticated user
- This role is automatically given to all users on your site who are logged in, regardless of any additional roles they have. Use this role to set any permissions that need to be given to logged in users globally.
- This role is given to user 1 of the site - the user that does the drupal installation. This user has all permissions granted!
At /admin/people/permissions/roles, add as many additional roles as you need! A good rule of thumb is to make roles that correspond to actions, versus ones that correspond to specific types of users. This gives more flexibility in the long-run.
For example, I have roles that are called 'Page author' and 'Page editor' and 'Blog author' and 'Blog editor' and even 'Comment moderator' etc. With roles that correspond to the permissions I'm giving them, it's very flexible to give all your content creators/editors and site users exactly as many permissions as they need on the site (and no more). If, on the other hand, you create roles that correspond to big/complex user types such as 'marketing employee' and 'program manager' and check off bunches of permissions for each you may
- forget which permissions each of these roles has
- not be able to give one marketing employee different permissions from another if their role expands
So that approach is less flexible, in my experience.
The Permissions page (/admin/people/permissions) lists all of the permissions configurable on your site, grouped by module (based on the modules you currently have enabled), with a column for each of the roles you currently have:
This screen can get a little overwhelming if you have a lot of roles set up, so have in mind that you can also just select the 'edit permissions' link next to a particular role, when you're looking at it on the 'Roles' page and that will bring up only that particular role as a column, not all of them at once:
One last note - as you enable new modules on your site, they will automatically add their corresponding permissions on this permissions page. So, make sure to visit this section each time you add a new module to configure that module's permissions as you see fit. That helps the security and usability of your site - it allows you to make sure non-admin users aren't able to do anything they shouldn't, but also allows you to verify that anonymous users have permissions to see/edit all the parts they need.