Add permission for managing files to the Editor role by default. #4961
Comments
|
Added that to this list: #4339 I think this is reasonable and makes sense. |
|
I created a PR. Needs testing and code review. Should be pretty easy. This PR may conflict with PR in #6078 |
|
@stpaultim I've left a comment in the PR re the PHPCS complaint 😉 ...switch this back to "needs code review" once tests have passed (hopefully 🤞🏼). |
klonos
added
pr - needs work
and removed
needs - more feedback
pr - needs code review
labels
|
This PR has been updated and there should be a test sandbox. I think we just need one or two more folks to chime in on whether or not this change makes sense as a default setting? Atten: @olafgrabienski, @klonos, @kiamlaluno, @laryn, @Wylbur ? |
|
Since the Editor role seems to be for moderating content, I would also give the following permissions:
The role already has the following permissions. Giving the permission to replace any file or see any private file seems "coherent."
|
|
@stpaultim, I think that basic set of permissions makes sense - it's a safe approach, since we are not giving the editor the ability to delete any file. However, the new permissions lead to some inconsistencies that mostly should be addressed in follow-ups. I tested by logging in as editor, after giving the roles these 3 permissions (Access the manage files overview, Add and upload new files, View own files).
So, I would think that, now that the editor will be able to see the file overview table, we should:
And, we should possibly consider adding at least "View files" and "View own private files" (to be on the safer side) from the list @kiamlaluno posted above. |
I added the following to this PR:
These two seem pretty sensible and I think we have agreement from several people on them. I'm hesitant to add the other two permissions, without more discussion. |
|
Revised version of PR adds these permissions: RTBC anyone? |
|
It covers the permissions I suggested, so it works for me. I would still wait and see if there are objections from other people, though. I know that missing permissions can still be added from the user interface, for sites that need them, but I would rather change the permissions once in the right way, instead of getting different issues to get the right permissions for a single role. |
|
Let's bring this up at the next Design/UX meeting to see if anyone thinks we are missing anything or got anything wrong. If we have consensus there, we can push this forward. But, I agree that having a few more eyes on this issue would be helpful. |
jenlampton
added
pr - ready to be committed
pr - works for me
and removed
pr - needs testing
pr - needs code review
labels
|
PR looks good to me too. Let's put this into 1.28.0 only since it's a difference that impacts expected permissions. I rebased the PR and all tests are passing. Thanks @stpaultim, @jenlampton, @klonos, @docwilmot, @kiamlaluno, and @argiepiano! I merged backdrop/backdrop#4420 into 1.x for 1.28.0. |
quicksketch
added
status - fixed
and removed
pr - ready to be committed
pr - works for me
labels
jenlampton
changed the title
I am loving the new editor role, and the out-of-box permissions they give me for free on new sites. I would also love it if my editors had permissions to manage files.
These are the permissions I think we should add for editors:
Access the manage files overviewAdd and upload new filesView own filesThe text was updated successfully, but these errors were encountered: