At the moment each endpoint have different permissions (the default permissions given by the core rest
module). These permissions are good. But many people will use the Relaxed module without knowing what permission that are needed in order to successfully set up a replication between two sites.
So the idea that I have is that we introduce an additional high-level permission called something like perform content replication
that we will apply to all endpoints involved in the replication process. This way a site administrator only need to configure one permission to replication clients.
We should mark this new permission with restrict access: true
so that the end-user understands that the permission only should be given to trusted users/roles (since it will be able to create, update and delete content etc).
This issue should be moved to the Replication Web Service project once that project is taking shape: #2370337: Move replication code to new module and create ReplicationManager
Comments
Comment #1
jeqqComment #2
jeqqComment #3
jeqqI've created a pull request for this: https://github.com/dickolsson/drupal-relaxed/pull/28
Comment #4
dixon_Thanks @jeqq!