There might be instances when you want to restrict access to some pages of your website. It could because you want increased security for the high-risk data that’s lying on the page or you want only your subscribed users to be able to view the content. This functionality is provided in Drupal 8 by a module with an interesting name called the Rabbit hole module. The module is also compatible with Drupal 9! In this article we will be elaborating on the module and how you can implement it in your next Drupal project.
What does the Rabbit Hole module do?
The Rabbit Hole module provides the ability to control what should happen when an entity is being viewed at its own page. It also controls what happens when someone visits an entity page.
In simple it allows you to easily redirect or prevent users from viewing specific types of entities on your site. You can grant or deny user access to entity types or specific Drupal entities based on user roles. For example: To display paid content to users with a subscription or to allow special user roles.
Some of the entities that it supports are Nodes, Taxonomy Terms, Users, Files, Group and Media Entity
The Rabbit hole module for Drupal 8 provides multiple options to restrict access to specified pages. You can choose to deliver access denied or page not found pages. You can also choose to redirect a page to any path/URL. Or you could choose to display the entity as it is.
Configuring the Rabbit hole module
Here’s how you can configure the Rabbit hole module for an entity type:
- Download the module using
composer require drupal/rabbit hole
- Click on Extend in the Admin toolbar.
- Scroll down and select the entities for which you want to add the functionality for
- Click on install.
Configuring the Rabbit hole module: Select the required entities
Create a VIP Role
When you create a VIP role, only paid users will be allowed to view the content. Without a paid membership user will be Authenticated user.
- On the Admin toolbar click on People -> Roles -> Add Role
- Give the role name as VIP
- Click on Save
Creating VIP roles
Create Users
Here let’s create an Authenticated user and a VIP user.
- Click on People -> Add user
- Enter the data and select the role as VIP
- Click on Create a new account
Create a new user account
In the same way create another user with the role of Authenticated. After that, the People page will look like this.
All Users
Create VIP Content Type
- Click on Structure -> Content type -> Add content type
- Give a proper name and description for the content type
- Click on Rabbit hole Settings
- Keep “Allow these settings to be overridden for individual entities” option as checked. It will allow administering permissions on a node basis
- Choose the redirect option and enter the URL of the site to which you want to redirect
- Click on Save and manage Fields.
Create VIP Content Type
- Add an image field and place it above the body field on the content type to manage display settings.
- Click on Save
Set Access Permissions
Users with a VIP role will have to be able to bypass the Rabbit Hole control.
- Click on People - > Roles
- Click on the dropdown arrow of VIP role and click on Edit permissions
- Search and Check for the Bypass Rabbit hole action for Content permission. Save the permissions.
Create Content
- Click on Content -> Add content -> VIP content
- Create a node and hit Save
Create content
Test the Rabbit hole Module
- Login as an Authenticated User
- Click on the Teaser title of the VIP content on the Home page)
Testing the Rabbit hole module
- It will (and should) redirect to the Access denied page.
Access denied for an Authenticated user
- Now let’s logout and login again but this time as a VIP user.
- Go to home page and click on the Teaser title.
- As a VIP user, you will now be able to see the node and content.