Separate "Administer comments and comment settings" into two distinct permissions. #336
Comments
|
Pull request submitted backdrop/backdrop#478 |
|
This didn't get into 1.0.0. We could put this into 1.1.x I think, but it's a little dicey. Is this an API change or not? We need to come up with criteria for what's acceptable. |
|
whoops, didn't mean to close. |
|
Would it be enough to simply provide an update hook thing (can't think of the proper name for |
|
Hmm, seems @quicksketch already suggested this: backdrop/backdrop#478 (comment) |
No, you're right 👍 ...these are called "update hooks". |
I think as long as the change is backwards-compatible, it can go into 1.x. If adding an update hook makes sites behave exactly the same before this change as after, then it should be able to go into 1.x. |
ghost
mentioned this issue
|
Here's a PR: backdrop/backdrop#3370 |
ghost
added
pr - needs code review
pr - needs testing
and removed
pr - needs work
labels
|
Several related tests are currently failing, so back to "needs work". |
indigoxela
added
pr - needs work
and removed
pr - needs code review
pr - needs testing
labels
|
Thanks, all fixed. |
@klonos I'm not sure the use-case you brought up here is a valid one. The only way this could be a problem is if you have people who have permission to administer settings, without administering comments themselves. Not only is this likely to be a very rare scenario, but because the settings-only permission did not exist before this change, the liklihood of that affecting existing sites is zero. (so, this is not a BC issue at all) For new sites, it is possible that someone could add this settings-only permission and get themselves into a pickle, but it's perhaps more likely that the contrib project would update the permission it requires before then. What's done in this PR is the way we've handled all permission updates in the past. If we want to add a backwards-compatible permission system to 2.x -- and I think that's a reasonable discussion to have! -- but let's not block this useful feature by doing it here :) Can you please open a new issue? (If you haven't already) |
@stpaultim this issue both needs code review and testing. And since the code change is minimal, those are both realistic for first time contributors. I'm going to add the label back since we have a shortage of people helping to test issues. |
|
This looks good to me. We now have precedent for adding/splitting permissions and have done the same thing in a few other places, such as: There was a fair amount of permissions additions added throughout File module's history too. |
|
One more comment @BWPanda if you could take a look: https://github.com/backdrop/backdrop/pull/3370/files#r825147313 |
|
Done. |
|
I tested the Pull Request and it seems to work as expected. I created a TEST account and gave them editor role. When I gave them Administer comments permission they were able to access to the admin/content/comment page. It all seems to work as expected. (I did this as part of an OpenForce2022 demo) |
yorkshire-pudding
added
pr - ready to be committed
and removed
good first issue
pr - needs code review
labels
…permissions. By @BWPanda, @klonos, @robbiethegeek, @jenlampton, @yorkshire-pudding, @indigoxela, @stpaultim, and @quicksketch.
quicksketch
added
status - fixed
and removed
pr - ready to be committed
pr - works for me
labels
|
Thanks folks! I have merged backdrop/backdrop#3370 into 1.x for 1.22.0! I don't think this qualifies as either a bug or UX improvement, so I have not pulled it back into 1.21.x. Huge thanks for knocking out this very old issue! |
ghost
changed the title
laryn
changed the title
Administer comments - should provide access to the
admin/content/commentpageAdminister comment settings - should provide access to the comment settings vertical tab on nodes
The text was updated successfully, but these errors were encountered: