New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
2840664 - Create extra user management permissions #429
2840664 - Create extra user management permissions #429
Conversation
1) Create custom permissions 'view users', 'block users' 1) Added a new views access plugin to the 'admin/people' page, added conditions for checking by custom permissions. 2) Override a block user action with the custom plugin and added here conditions for checking by custom permissions. 3) Added update hook to set up new permissions for 'contentmanager' role. 4) Altered 'admin/people' form to show actions based on permissions. 5) Added Behat test 'content-manage-view-block-people-page' for testing.
…extra-user-permissions' into feature/2840664-content-managers-extra-user-permissions
@@ -36,6 +36,15 @@ function social_user_update_8001(&$sandbox) { | |||
} | |||
|
|||
/** | |||
* Add view, block users permissions for the content manager. | |||
*/ | |||
function social_user_update_8002() { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@A-Kom, please also add the same permissions for sitemanager role.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@ribel, this is fixed now.
Updated hook update to set permissions to all roles.
…extra-user-permissions' into feature/2840664-content-managers-extra-user-permissions
@ribel, you added the duplicate label to this pull request. Should we close it? What is the status? |
…ntent-managers-extra-user-permissions
* Add view, block users permissions for the content,site managers. | ||
*/ | ||
function social_user_update_8002() { | ||
_social_user_set_permissions(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We should just grant the new permissions here to the role that should have them (preferably based on the permission it's splitting off from if possible). Calling this function in an update hook might reset permissions that a site-administrator or developer has changed.
e.g. if a site using Open Social has revoked the "select account cancellation method" (which should probably not be given to all users anyway?) then this update hook will grant that permission again.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi, @Kingdutch, yup we could update method for setting permissions. If you want - you could fix it by yourself, otherwise, I could fix it later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just a friendly reminder that this still needs a little bit of work ;)
Removing the Duplicate tag as the duplicate of this (#427) has been closed unmerged. |
Had a small discussion with @jaapjan about granting these permissions to the CM. We agreed we shouldn't just give these permissions to the CM. Also the remarks from @Kingdutch are correct. So as far as I can see we need to change the following:
If there's the need in some project to grant these permissions to the CM, please do that in these projects, but not in the distro. |
@ribel @andrii-khomych-lemberg-co-uk could one of you make the changes to the pull request as suggested in @jochemvn's comment? |
… site manager role, fix some coding standards
…' of https://github.com/goalgorilla/open_social into feature/2840664-content-managers-extra-user-permissions
Works as described. Can be merged when the tests are 'green' |
I think the revised update hook does what it's supposed to. However, I think in the future we should try less to write 'clean code' vs more stable code. What I mean with this: Prefer:
Over:
The motivation for this is that the contents of We should strive for update hooks to be deterministic. It leads to slightly more lines of code but the upgrade path will be easier to reason about, now and in the future. |
Original PR: #427
Related issue: https://www.drupal.org/node/2840664
Summary
This PR changes some conditions for accessing 'admin/people' page by adding new permissions: 'view users', 'block users'. A user that has such permissions could view 'admin/people' page, use filters and use action 'Block the selected user(s)'.
Changes:
HTT
There are Behat test 'content-manage-view-block-people-page.feature' for testing.