Hi, thanks for this module!

I see it creates a role "JSON:API User" on install, which I believe is not right. It should be up to the site owner to assign the permission to the role(s) that need it.

https://git.drupalcode.org/project/jsonapi_permission_access/-/blob/1.0....

Issue fork jsonapi_permission_access-3573758

Command icon Show commands

Start within a Git clone of the project using the version control instructions.

Or, if you do not have SSH keys set up on git.drupalcode.org:

About issue forks

Comments

vegardjo created an issue. See original summary.

aayushpathak’s picture

aayushpathak commented

working on it !

aayush7 opened merge request !4

aayushpathak’s picture

aayushpathak commented
Status: Active » Needs review

  • 2e88270f committed on 1.0.x 
    Issue #3573758: Do not create JSON:API User role on install.
dan612’s picture

dan612 commented

Hi @aayushpathak! Thanks for the issue 😄

I think this is fine. Initially this was included to provide a straightforward way for users to attach a role to JSON:API - but it is probably best to leave this up to the site builders / developers instead of forcing a new role into the system.

I do not think this should break any existing installations since the configuration is optional and if a site is using the role it should be committed as part of their default config.

dan612’s picture

dan612 commented
Status: Needs review » Reviewed & tested by the community
dan612’s picture

dan612 commented

Moving to RTBC for now. Going to evaluate if this module needs any other updates and then will release a new version with this included. Once new version is released I will mark this as fixed!

dan612’s picture

dan612 commented

Included as part of 1.0.2 tag - I am hoping to get Security Coverage for the module prior to the new release 🙂

Once that happens 🤞🏻 I will make the new release and mark this as fixed!