New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: Role Delegation permissions #35
feat: Role Delegation permissions #35
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@callinmullaney I made it through all of your steps in testing. From a code and functional perspective it does everything you said it does. My only hesitation here is that I am not sure that ALL of our sites we build will need this ... using TLSC as an example, what would their use case be for using this module?
Also, for actual use the permission to see the admin toolbar would be helpful for the role who gets to delegate.
@ccjjmartin The main use case for most projects is to prevent users that have the In the example of TLSC. Even on simple/smaller projects we generally create a new role for the client that they use for day-to-day updates that isn't the In the context of the PR that blocks user 1 this becomes especially important as we don't want anyone to unblock that user. |
Updated PR purpose to reflect this. |
@callinmullaney Ok, looks good to me |
add comma for valid json
🎉 This PR is included in version 4.1.0 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
Purpose:
Administer roles and permissions
permission for specific role-to-role assigning. Allowing non-admins to create new users without and assign them to sub-roles without exposing theadministrator
role.Notes:
superuser
role is neededTesting:
Code changes:
/admin/modules
and verify the "Role Delegation" module is enabled by default/admin/people/permissions
and verify thesuperuser
role is present and assigned all the permissions related to "Role Delegation"module features:
/admin/people/roles/add
/admin/people/roles/add
that is intended to have restricted access/admin/people/permissions
and grant "Role Delegation" permission for the first role to assign the second role. As well as:/admin/people/create
and verify the only role available to assign is the second role you created from above