This documentation refers to an older version of CiviCRM (3.4 / 4.0). View latest version.

Aller directement à la fin des métadonnées
Aller au début des métadonnées
This page refers to CiviCRM 3.4 and 4.0, current STABLE version.

Documentation Search

CiviCRM 3.4 and 4.0 Documentation

Support and Participation

Developer Resources

CiviCRM books!

Make sure to check out the FLOSS Manual Understanding CiviCRM as well! You can also support this project by ordering a hard copy.

Or support us by buying an eBook or hard copy of Using CiviCRM from Packt Publishing.

Return to Access Control Main Page

Default Permissions and Roles in Drupal

Notes on Specific Permissions
  • Make online contributions:
    If you plan to use CiviContribute and want to allow online contributions, enable this permission. Be sure to assign this permission for the "anonymous" role if you want to allow un-authenticated visitors to make contributions.
  • View event info and Register for events:
    If you plan to use CiviEvent and want to allow online event registration, enable these permissions. Be sure to assign permissions for the "anonymous" role if you want to allow un-authenticated visitors to view and register for events.
  • Profile listings and forms:
    If you want to either collect contact information from constituents and/or expose a searchable directory using a profile, you must assign this permission. Be sure to assign this permission for the "anonymous" role if you want to collect contact information from un-authenticated visitors as part of your online contribution pages or during event registration.
  • Access all custom data:
    You must enable this permission for any role which you want to view or edit custom data fields. EXAMPLE: If your site uses Profile(s) which include custom fields, make sure the role(s) that need to access these Profiles have this permission. Be sure to assign this permission for the "anonymous" user role if you want to collect information using custom profiles with custom fields.
  • Access uploaded files:
    Enable this permission for any role which you want to view images, photos and files attached to CiviCRM records and screens. Be sure to assign this permission for the "anonymous" role if you want visitors to see photos attached to contact records, Personal Campaign Pages, etc. and / or other documents intended for public consumption.
  • Access Contact Dashboard:
    You can provide authenticated users with access to a screen where they can review their subscribed groups, contributions, memberships and event registrations (as applicable). Enable this permission for role(s) for which you want to provide this feature. Do not enable this for the "anonymous" role.

Regardless of permissions assigned, the Anonymous role (visitors who are NOT logged in) is not permitted access to the "back-office" functions of CiviCRM. This includes the CiviCRM Home Page dashboard and any of the functions accessed via the standard CiviCRM menus (Find Contacts, Manage Groups, Import, Administer CiviCRM) as well as the built-in Shortcuts block.

CiviCRM+Drupal includes these access control options out of the box:


Roles with this permission can...

access CiviCRM

Access one or more items in the CiviCRM main menu

access CiviCase

View All Cases

access CiviContribute

View All Contributions

access CiviEvent

View All events, and Participant

access CiviGrant

View all Grants

access CiviMail

View all Mailings

access CiviMail subscribe/unsubscribe pages

Allow user to Subscribe / Unsubscripe from Groups

access CiviMember

View all Members

access CiviPledge

View all Pledges

access CiviReport

View Report Instances

access Contact Dashboard

View Contact Dashboard

access Report Criteria

Allow user to Change Report search Criteria

access all custom data

View /  Edit all custom data fields and groups

access uploaded files

View / Download files including images and photos

add contacts

Create a new contact record in CiviCRM

administer CiviCRM

Perform all tasks in the Administer CiviCRM control panel and Import Contacts

administer Multiple Organizations

Allow user to add organization to Group

administer Reports

Manage CiviReport Templates

delete activities

Delete Activities

delete contacts

Delete Contacts

delete in CiviCase

Delete Cases

delete in CiviContribute

Delete Contribtuions

delete in CiviEvent

Delete Participants

delete in CiviGrant

Delete Grants

delete in CiviMail

Delete Mailing

delete in CiviMember

Delete Memberships

delete in CiviPledge

Delete Pledges

edit all contacts

View, Edit  and Delete ANY CONTACT in the CiviCRM database;
 Create and Edit relationships, Tags and other info about the contacts

edit contributions

New / Update Contribution

edit event participants

New / Update Participants

edit grants

New / Update Grant

edit groups

Create New groups, Edit group settings (e.g. group name, visibility...), delete groups

edit memberships

New / Update Membership

edit pledges

New / Update Pledges

import contacts

Import Contact / Activity

make online contributions

Allow user to Online Contribution / Donation

profile listings and forms

Access the Profile Search form and Listings

register for events

Allow event registration

translate CiviCRM

Allow User to Enable Multilingual

view all activities

View All Activities

view all contacts

View ANY CONTACT in the CiviCRM database (no editing allowed), export
 contact info and perform activities such as Send Email, Log Phone Call, etc.

view event info

Allows users to view event information pages

view event participants

Allow user to View all participant of Event

User Access to Profile Listings

Users / roles can be granted access to CiviCRM Profile Listings so that they can share selected information WITHOUT granting access CiviCRM permission (i.e. without allowing them to access the CiviCRM menus). This is a reasonable configuration choice for Drupal's built-in authenticated user role. If you want anonymous site visitors to view/search Profile Listings, the you would grant this access to the anonymous user role.

Task => Permission
  • Aucun