am I just stupid or does Drupal have a big flaw? (probablt the former of the two..)
I have built a site with some public content and some private content. The problem is that even though menus can be hidden from public, unauthorized users, there is no stopping a visitor from just typing in node/5 (if node/5 were one of the private, hidden pages).
And I am baffled by how troublesome this is to fix. there is no basic functionality to fix this, and having tried two modules simple_access and access_control none of them work! Currently trying to fix a drupal 6 site. Any suggestions on modules that might fix this VERY BASIC functionality? Is Drupal not meant to handle corporate pages where you have external pages and internal sensitive content?
By the way, Drupal 7 is in the .9 stage, there are still VERY limited module availability, mostly everything is in an alpha stage and has been like forever, is there no development being done for D7?
The module that’ll fix the problem for you is Nodeaccess; this is the opening text from the module page:
So that will do exactly what you want. Also the way Drupal’s access system works means that any menu link that points to a node to which the user does not have access, will not be shown for that user. So you won’t even have to hide your menu items any more, Drupal will do it for you 🙂
Regarding Drupal 7 contributed modules, the ‘major’ modules (Views, CTools, Devel, etc.) are all coming along nicely and are stable, in RC or at least beta. Because Drupal is open source the sole maintainers of smaller modules may not have the time to devote to bringing the Drupal 7 version alongside maintaining the v6 module (a lot of people still use D6 and there are still issues to attend to there).
Personally I’ve developed quite a number of D7 sites now and have found the contributed modules to be available and of a good quality (for the most part). I guess it just depends what specific functionality you need at the end of the day.