'View voting results' permission is misleading

The Bug replicated. Even when the the permission for "View Voting Results" is not checked the Results Tab are visible. The perm for "View Voting Results" not passed to _poll_menu_access.

Added patch for Drupal 7 & Drupal 8

I think the patch(es) from #2 are valid for the scope of this issue, they are fixing the actual bug. As for #3, that should be a feature request for D8 because I'm pretty sure we can't change the UX at this stage in D7.

Setting to NW because we could use a test here..

After taking another look at this issue and a talk with @webchik on IRC, the real problem is the human readable name of the permission, which is totally misleading:

function poll_permission() {
   ...
    'inspect all votes' => array(
      'title' => t('View voting results'),
    ),
  ...
}

We don't have the functionality to hide/view voting results, as the name would suggest (there's a long-standing feature request for it in #85840: Hide poll results). My proposal is to just change the human readable name of this permission.

How about 'View detailed voting results'?

I might suggest that we additionally add a permission description explaining just what the detailed results are?

Adding a permission description would indeed help to clarify this even more. How about 'View detailed info, such as username and time, about all recorded votes.'?

Uploaded wrong patch in previous comment.

Well, in the interface text, we should use the full word "information." I'd reword as:

View detailed information about all recorded votes (for example, username, submission time, etc.).

Any other proposals? :)

Edited.

Yes, that's better, changed patch accordingly.

Can we load load some of those specifics given in the description, add it to the label and not need the description anymore?

"View detailed vote information" or
"View detailed information for all votes" as variation on what xjm suggests, 'recorded' is not needed I think.
"View details for all votes" <- I think I like this one best

Tagging for the Usability team.

At the very least, we shouldn't need parentheses and 'etc.' in a description. Any thoughts on the suggestions in #11?

I like "View details for all votes" too, it's closer to the 'inspect all votes' machine name.

FYI the patch in #1 for D7 has the wrong directory structure:

diff --git a/core/modules/poll/poll.module b/core/modules/poll/poll.module
index ec5452e..a60511e 100644
--- a/core/modules/poll/poll.module
+++ b/core/modules/poll/poll.module
@@ -111,7 +111,7 @@ function poll_menu() {
     'page callback' => 'poll_results',
     'page arguments' => array(1),
     'access callback' => '_poll_menu_access',
-    'access arguments' => array(1, 'access content', TRUE),
+    'access arguments' => array(1, 'inspect all votes', TRUE),
     'weight' => 3,
     'type' => MENU_LOCAL_TASK,
     'file' => 'poll.pages.inc',

D7 doesn't have a directory named "core". Try this one instead.

Ignore #16, I hadn't read #4 yet. I guess to stop people being able to see the results page would take another permission, or a contrib module.

As you were.

X-)

FYI this module might help people who need more flexibility on poll permissions: http://drupal.org/project/poll_extras

So, do we have an agreement on 'View details for all votes'? :)

Agreed.

I'll take the plunge. :)

Given that at http://groups.drupal.org/node/210973 I didn't really get much pushback on the idea of having a looser standard of string translations for admin-facing strings, I think this is ok for D7.

Committed and pushed to 8.x and 7.x. Thanks for the clarification! Since this change breaks translations, tagging to mention in the 7.13 release notes.

Hmm, did we have replies from translators though? On the other hand, the string is clearly wrong so translations of it were probably wrong too.