2. What are we going to talk about?
Organic groups, a contributed module,
version 7.x-2.x
Laying a foundation for understanding OG
Background
What is it good for?
Setting up
Testing access control
These slides will be available in SlideShare
3. Why?
OG is powerful but complicated
Many ways to adjust permissions and access
control
No out of the box solution for layout
OG has gone through some major changes
from 6 to 7, and 7.1 to 7.2
4. Who am I?
Kari Kääriäinen, kari.kaariainen@nettimaakari.fi
1980 fooling around with Intel 8086, Assembly
language
Mostly self taught on computers and web
Master of Music, Sibelius Academy
Worked at Sibelius Academy IT department
Used to develop my own CMS on PHP until finding
Drupal 2008
www.nettimaakari.fi, self employed
I build sites, do migrations, some design/theming,
some module programming
5. Who are you?
How many of you know at least something
about OG?
How many of you have tried it but don't
have anything in production at the
moment?
How many of you have an actual OG
application in mind?
How many of you are using OG in
production now?
6. What is Organic groups (OG)?
Create user groups...
Only admin creates groups
Let users create groups ("organic")
Let users assign admins for groups
...Make users become members...
users apply for membership, you accept
you assign them
... share content with members
7. Compared with Facebook groups
Public, Private or Hidden
Pros
Finished, complete product, ready to use
Many users already know it
Nice layout
Cons
You don't own your data
No exceptions, no tweaks
No styling or customizing
Unexpected changes
OG hooks to the rest of Drupal
8. Fun fact from the early days
2004 Carl-Magnus Dumell was looking for a
gallery and club functionality for Finnish
Broadcasting Company, YLE
Emailed Drupal core developers, Moshe
Weitzman was available -> Organic Groups
4.6.x-1.x
YLE has been actively promoting Open
source
9. Short history of OG versions
Rewrite 6 -> 7
Entities and fields
Major change 7.1 -> 7.2
Group entity was discarded
Now status quo, good time to come
onboard
10. Distributions using OG
To name a few
Open Atrium 2 (based on Panopoly)
Acquia Commons
Open public
Open publish
Explore to learn and to see if a good fit for
your needs
Make sure you have a powerful machine
13. Testing environment (cont.)
When installed, disable these modules
Toolbar
Search
Overlay (for now, just to keep urls simple)
14. Testing environment (cont.)
Download modules to sites/all/modules
Needed for OG
○ Chaos tool suite
○ Entity API
○ Entity Reference
○ Organic groups
○ Views Bulk Operations
○ Views
Not needed for OG, but for our environment
○ Administration menu
○ Module filter
○ Devel
15. Testing environment (cont.)
Enable modules
For OG
○ Chaos tools
○ Entity API
○ Entity Reference
○ Organic groups UI
○ Organic groups
○ Views Bulk Operations
○ Views UI
○ Views
For testing
environment
○ Administration menu
Toolbar style
○ Administration menu
○ Module filter
○ Devel node access
○ Devel
○ Switch user
20. Testing environment (cont.)
Give both Anonymous and Authenticated
roles permission to switch users -> you are
able to switch freely between any user
(never on production site)
http://localhost/ogtesting/admin/people/permissions
22. First scenario, public groups
Everybody can see the group
Everybody can post to the group
23. First scenario, public groups (cont.)
Add content type ”Group”
Name: Group
Display settings, Display author and date
information: off
Comment settings, Default comment setting for
new content: hidden
Organic groups, Specify how OG should treat
content of this type: Group
24. First scenario, public groups (cont.)
http://localhost/ogtesting/admin/structure/types/add
25. First scenario, public groups (cont.)
Add content type ”Posting”
Name: Posting
Display settings, Display author and date
information: off
Comment settings, Default comment setting for
new content: hidden
Organic groups, Specify how OG should treat
content of this type: Group content
26. First scenario, public groups (cont.)
http://localhost/ogtesting/admin/structure/types/add
27. First scenario, public groups (cont.)
http://localhost/ogtesting/admin/structure/types
28. First scenario, public groups (cont.)
Configure OG's permissions
For Member role, add
○ "Create Posting content"
○ "Edit own Posting content"
○ "Delete own Posting content”
Note that by design, Non-member cannot get
the right to create Posting content
29. First scenario, public groups (cont.)
http://localhost/ogtesting/admin/config/group/permissions/node/group
30. First scenario, public groups (cont.)
Create a group ”First group”
http://localhost/ogtesting/node/add/group
35. Rudimentary layout
Panels
Preferred by module maintainers
Pros: flexible, powerful, popular
Cons: challenging to set up, maybe overkill for
some sites
OG extras
Brings back what was in OG 6
36. Rudimentary layout (cont.)
Group members block
Enable OG extras
Assign OG Extras group members block
somewhere
37. Rudimentary layout (cont.)
Group contents listing (also by OG extras)
Enable EVA (Entity Views Attachment)
“Latest news” listing automatically appear
38. First scenario, public groups (cont.)
Testing
See who can actually see and do what by
switching users
Test as Insider and Outsider
41. Vocabulary in Drupal and OG
Some fuzziness in term usage
Permission
Used as an general term
Can we DO something to a piece of content, i.e. create, edit or delete
Can we perform some other action (join a group / subscribe to a group)
Access
Can we VIEW a piece of content
Field access: view field, edit field
Visibility
In OG, a user friendly synonym for “Access”
Is a piece of content private or public
Private: only group members can see a piece of content
Public: anyone (who can view published content) can see a piece of content
Context: when viewing a node, are we "in a group" or not
Audience: list of groups a piece of content is posted to
42. Second scenario, private groups
Everybody can see the group
Only members can view the posts and post
to the group
43. Second scenario, private groups
(cont.)
Core has no (granular) access control, "who
can view"
Enable OG access control
Permissions need to be rebuilt
44. Second scenario, private groups
(cont.)
Most OG functionality is powered by fields
Special OG field settings admin tool at
http://localhost/ogtesting/admin/config/group/fields
Some of this functionality is duplicated for
convenience elsewhere, for example on
Content type edit page, Organic groups
vertical tab, for both Group and Posting
46. Second scenario, private groups
(cont.)
Make Group public
http://localhost/ogtesting/node/1/edit
Make Group content private
http://localhost/ogtesting/node/2/edit
47. Second scenario, private groups
(cont.)
Testing
Test as Insider and Outsider
Insider should see Group and Posting
Outsider should see Group but shouldn't
see Posting (Access denied)
48. Exceptions to public or private groups
Visibilities can be mixed
Private posting to a public group
Set the visibility to private
Public posting to private group
Set the visibility to public
49. Third scenario, hidden group, one
private field
One field will be accessible only to Admin members
Enable OG field access
New set of permissions appear at
http://localhost/ogtesting/admin/config/group/permissions/node/group
Initially nobody can see anything
OG permissions so far
Creating nodes
Editing nodes
New set of permissions added
Viewing fields
Editing fields
50. Third scenario (cont.)
Create Groupadmin user
Add it to First group and make it
administrator member
52. Third scenario (cont.)
Add view permission for all existing fields
for Member role and Administrator member
role
Create new field,
“Private field” to “Posting”
Add permission to view “Private field” for
Administrator member only
53. Third scenario (cont.)
Why was it
important to keep
it simple?
Already 14 rows,
3 columns,
42 checkboxes
in just the OG Field
access section
54. Third scenario (cont.)
Testing
Test as Groupadmin, Insider, and Outsider
Groupadmin should see everything,
including the private field
Insider should see everything, except
the private field
Outsider can't see either the group or
the posting (Access denied)
55. Things to consider
Managing users
Let users subscribe to groups, with or without
approval
Add users to groups
56. Things to consider (cont.)
Migration from 6.x
Migrate module (7.x-2.5 even though it's old) is
needed, OG uses that
Other options exist
Migration from 7.x-1.x
Should work, make backups!
57. Things to consider (cont.)
Email notifications
Message notify module preferred by module
maintainers
Rules module practical for small needs
58. Where to learn more
modulesunraveled.com, videos
lullabot.com, videos
drupal.stackexchange.com, questions and
answers
drupal.org/og, issue queue
Community Documentation, Organic Groups
Version 7.x-2.x at
https://drupal.org/node/1603460
59. Questions?
There are no dumb questions
The next person may be thinking about the
same thing