Problem/Motivation

It seems that we can use permissions to restrict people from defining custom permissions for groups of a given group type, but that admins will always be able to set them up for any group once the module is installed. Have you considered making that a group type configuration option?

Remaining tasks

Issue fork group_permissions-3276738

Command icon Show commands

Start within a Git clone of the project using the version control instructions.

Or, if you do not have SSH keys set up on git.drupalcode.org:

About issue forks

Comments

brad.bulger created an issue. See original summary.

msnassar’s picture

msnassar commented
Issue summary: View changes
Related issues: +#3360880: Routes are using non existing global permission

This will be easy to fix once Routes are using non existing global permission get merged

lobsterr’s picture

lobsterr commented

We already had such request, it didn't a lot of demand from users and it was postponed. We can comeback to it again

lobsterr’s picture

lobsterr commented
Assigned: Unassigned » lobsterr
msnassar’s picture

msnassar commented
Title: enabling per-group permissions by group type » Enabling per-group permissions by group type
Issue summary: View changes
Status: Active » Needs work

I have added a draft MR. The MR won't work without first having https://www.drupal.org/project/group_permissions/issues/3360880 merge .So change to "Needs work" for now...

monaw’s picture

monaw commented

hi, i see this patch is for Group 1.x; is there something similar for Group 3.x?

LOBsTerr opened merge request !26

msnassar’s picture

msnassar commented

I also believe that:
1- we should generate the permissions (we have only one for now "override group permissions") through "permission_callbacks". By doing it this way we can guarantee that the permissions are generated only when the group type supports group permissions.
2- Apply a custom validation on the group permission that validates the group type supports group permission. This will guarantee that the modules (e.g. group permissions parameter, group permissions flex, ...) using the group permissions module as API to only create group permissions entities if the group type support it.

@LOBsTerr what do you think?

lobsterr’s picture

lobsterr commented

Also there is a case, when we have already group permission and we decided to disable group permissions on the group type level.We don't handle this case here, we need to check

lobsterr’s picture

lobsterr commented
Assigned: lobsterr » Unassigned
Status: Needs work » Needs review
Related issues: +#3313220: permission_callbacks is not handled correctly

I have fixed everything and also merged #3360880: Routes are using non existing global permission

In order to use "permission_callbacks", please use this patch #3313220: permission_callbacks is not handled correctly. Unfortunately, Kristian doesn't want to support group 1 anymore :(

  • LOBsTerr committed 3c2a112c on 1.0.x 
    Issue #3276738: Enabling per-group permissions by group type
lobsterr’s picture

lobsterr commented
Status: Needs review » Fixed

Thank you for your contribution

msnassar’s picture

msnassar commented

@LOBsTerr Thanks for moving on with this issue. I looked quickly into the MR, I didn't see the application of _group_permissions_enabled to anything? Am I missing something?

Also as mentioned in #8 (point 2), I think we should applied custom validation on the group permission entity that prevent creating group permission entities in case the group permission is not enabled on the type of the group? This will be helpful for modules that uses group permission module as a api (We could do this in a follow up).

  • LOBsTerr committed 5b701428 on 1.0.x 
    Issue #3276738 by LOBsTerr: Enabling per-group permissions by group type

  • LOBsTerr committed 31e4b20e on 1.0.x 
    Issue #3276738 by LOBsTerr: Add constraint for entity to validate that...
lobsterr’s picture

lobsterr commented

Hi @msnassar,
1) After the merge _group_permissions_enabled requirement was removed, I brought it back.
2) I added entity validation as requested.

Please check 1.0.x dev branch all changes already pushed there, if everything is fine I will tag a new release.

  • LOBsTerr committed c3937026 on 1.0.x 
    Issue #3276738 by LOBsTerr: Fix checking of group permission enabling...

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.