Drupal Default Filter - Role (role) user is not allowed to use format Full HTML.

Thursday, February 07th, 2008
Last Updated:
Sunday, April 05th, 2009

Disclaimer: Accessing the information on this page means you agree to the Sites Terms of Service

I ran across a beautiful Drupal module this evening called Default Filter which allows the Drupal administrator to set input filter defaults, based on various roles within the system.

I have run into issues where I have wanted to assign the Full HTML input format for all administrative users, and Filtered HTML for all anonymous or low level authenticated users. Up to this point, I just set the default filter to Filtered HTML and manually changed it when I created a new page.

Default Filter takes care of this problem!

However, I ran into a problem with it. I threw the module out into a sandbox I have and began getting the following error:

Role (role) user is not allowed to use format Full HTML.

I pulled my hair out for about 15 min before figuring out what the problem was.

First off, "proper" Drupal practice is to create a new role and call it something like admin users, or as I call it, administrative users.

Despite the fact that the first account created for Drupal has full / (admin) rights to Drupal, there are some modules out there that aren't quite coded properly to allow this role to have true admin access. Thus, the need for an admin role. Plus, if you want to add any other users with admin access, you have to create the role and add them in anyway...

After you create the administrative user role, you have to give access to every module for that role. Kind of a pain, but that's the way it is... (Update: Take a look at Admin Role for help on this)

Now, for the Role (role) user is not allowed to use format Full HTML. Default Filter problem.
Let's say you want to give the administrative user role, Full HTML access and set the Drupal Input Filter with the default of 'Filtered HTML', that way everyone else has to use Filtered. (By the way, best 'security' practice is to give everyone limited permissions, then add privileges to those who need it. Don't give full control to everyone, then try to restrict access to those who don't need it!)

Here's the fix:

  1. Set the Default radio in (Site Configuration -> Input Formats) next to Filtered HTML
  2. Click on 'configure' for Full HTML
  3. Click on the check next to 'administrative users'
  4. Submit the new settings

You should now be able to click on 'Input Format' on the breadcrumb, then click on Defaults to set the administrative user role to Full HTML!

Post Comment