Problem/Motivation

The storybook.render_story route checks access for the 'render storybook stories' permission. Since storybook calls this route as an anonymous user, it's necessary to give this permission to anonymous users. When using this only for development, its inconvenient to always re-set this permission after config-import.

Proposed resolution

Allow access per default when in development mode.

Data model changes

When in development mode, access is automatically granted for the storybook.render_story route

Issue fork storybook-3437025

Command icon Show commands

Start within a Git clone of the project using the version control instructions.

Or, if you do not have SSH keys set up on git.drupalcode.org:

About issue forks

Comments

raywalters created an issue. See original summary.

raywalters opened merge request !7

raywalters’s picture

raywalters commented
Status: Active » Needs review
agentrickard’s picture

agentrickard
he/him
Primary language English
Location Georgia (US)
commented
Status: Needs review » Reviewed & tested by the community

We were using this patch with CL_SERVER and really like it because it doesn't require config_split to separate permissions on the local or development server, which increases module security.

With this patch, you can still choose to use the permission, but do not need to configure it for local development.

hydra’s picture

hydra commented
Related issues: +#3422294: Allow access to the render route when in development mode

+1, thx @raywalters for taking this over here.

e0ipso’s picture

e0ipso
Primary language Catalan
Location Can Picafort
commented
Status: Reviewed & tested by the community » Fixed

I think this looks good!

  • e0ipso committed 4baeb09c on 1.x authored by raywalters 
    Issue #3437025: Allow access to the render route when in development...
e0ipso’s picture

e0ipso
Primary language Catalan
Location Can Picafort
commented

Merged and released. Something went sour with the commit credit :-(

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.