Remove uneeded ACL checks in template manager #7353
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Issue
Currently, the template manager will refuse access if you don't have
core.admin
permissions in the template manager. This is due to some pointless check done in the extension entry point. If any of the checkscore.manager
,core.edit
,core.create
orcore.admin
fails, access is refused.The original plan was probably to fail if all of those checks fail, but it was written wrong.
Solution
This PR brings the checks in line with other backends where we only check for
core.manage
. Additional checks are performed already in the various tasks to make sure appropriate ACL checks are performed when needed.Testing
Note
Access to any file modification tasks (create overrides, edit files, ...) is restricted to global SuperUsers only. This is expected behavior as you can't really restrict a users permissions if that user has access to the files.