Taxonomy Access Control

On sites that are maintained by a number of long-term groups of users, the Taxonomy Access Control module can be helpful. Instead of adding the names of every member of the group to all the group’s nodes using the Node Access User Reference module (section 10.5.4), you can create a role and taxonomy term for each group, and use Taxonomy Access Control to connect the two.

Create a vocabulary “Groups” (Structure > Taxonomy > Add vocabulary), and add a term for each group. Create a role for each group (People > Permissions > Roles). Install and enable the Taxonomy Access Control module, and go to Configuration > People > Taxonomy access control (admin/config/people/taxonomy_access); if it doesn’t appear as an option right after you’ve installed it, flush all caches by going to the house icon in the upper left of the administration menu, and choose “Flush all caches”.

On the taxonomy access control screen, for each role, click “enable access control”, then “edit access rules”. Under “new”, select the taxonomy term corresponding to the group. Then, under “update” (and, optionally, “delete”, if you want group members to be able to delete content), choose the option labeled “A”. Also, check the “add tag” box. This will allow all users with that role to edit and/or delete all nodes that are tagged with the corresponding group name. To complete this setup, be sure to add a term reference field that points to the “group” taxonomy to all the content types where you want to control access this way.