Drupal is a registered trademark of Dries Buytaert
Protected Pages 3.0.0 Major update available for module protected_pages (3.0.0). Commerce Core 3.3.8 Minor update available for module commerce (3.3.8). Search API HTML Element Filter 1.0.7 Minor update available for module search_api_html_element_filter (1.0.7). Layout Builder Reorder 2.0.1 Minor update available for module layout_builder_reorder (2.0.1). Ban 1.1.0 Minor update available for module ban (1.1.0). Field Formatter Range 2.0.0 Major update available for module field_formatter_range (2.0.0). Field Formatter Range 8.x-1.8 Minor update available for module field_formatter_range (8.x-1.8). UI Patterns (SDC in Drupal UI) 2.0.18 Minor update available for module ui_patterns (2.0.18). Search API Solr 4.3.11 Module search_api_solr updated after 14 months of inactivity (4.3.11). Provus Mega Menu Module provus_mega_menu crossed 1,000 active installs.

This module grants granular control over which users can view specific content nodes. It allows administrators to restrict access based on roles assigned in reference fields or by directly referencing individual users. This ensures that content is only visible to the intended audience, such as sales representatives seeing their assigned clients or developers viewing assigned tasks.

Summary:

Node Access by Field provides fine-grained node access control based on role reference fields and user reference fields.
It allows you to restrict visibility of nodes depending on who is assigned in specific fields or what roles are selected per node.

Features

  • Restrict node visibility per role using a "Role access" field (checkboxes with Drupal roles).
  • Restrict node visibility per user reference field: e.g. Developer role only sees nodes where field_developer matches the logged-in user.
  • Define global full-access roles and global deny roles.
  • Configure per-content-type settings with a flexible UI.
  • Works with Drupal’s native node access system, Views, and Search API.
  • Compatible with Drupal 9, 10 and 11.

Use cases:

  • CRM / Sales: Only the commercial assigned to a client (via field_comercial) can see that client’s node.
  • Issue tracking: Developers only see the issues where they are assigned in field_developer.
  • Knowledge base: Certain nodes in a "Data bank" content type are visible only to specific roles (support, managers, etc).

Post-Installation

  1. Enable the module (drush en node_access_by_field or via the Extend page).
  2. Go to Configuration → People → Node Access by Field (/admin/config/people/node_access_by_field) to configure global and per-bundle rules.
  3. To allow per-node restrictions, add the provided Role reference field to the desired content types.
  4. Clear caches (drush cr).
  5. Test with different users and roles.

Additional Requirements

  • No external libraries required.
  • Works with Drupal core only.
  • Views: to display node listings respecting the access rules.
  • Search API: access restrictions also apply to indexed results.

Activity

Total releases
2
First release
Sep 2025
Latest release
10 months ago
Releases (12 mo)
2 ▲ from 0
Maintenance
Slowing

Releases

Version Type Release date
1.0.1 Stable Sep 2, 2025
1.0.0 Stable Sep 2, 2025