Problem/Motivation
Follow up to #576296: Remove redundant description for some permissions
Yoroy noted in comment #33 there that the descriptions on the "Revert all revisions", "Delete all revisions", and "Revert/delete TYPE revisions" permissions were confusing. These are in node.permissions.yml and the NodePermissions class, and they look something like this:
Role requires permission to <em>view revisions</em> and <em>edit rights</em> for nodes in question or <em>administer nodes</em>.
So I looked at the logic in the NodeRevisionAccessCheck class, which is the only place (outside of tests) in Core that these permission strings appear.... and I think that those descriptions are actually wrong.
What they should say is that in order to revert or delete revisions, you also need to either have 'administer nodes' permission, or permission to edit the given node. Actually the 'view revisions' permission is not needed, as far as I can tell.
Proposed resolution
All of these strings should be modified to say something like:
Reverting a revision also requires permission to edit the content.
Deleting a revision also requires permission to edit the content.
[Note: We should never use the word "node" in the UI! This wording would be consistent with the names/descriptions of other Node module permissions.]
Remaining tasks
Make a patch.
User interface changes
Correct descriptions for the node revision revert/delete permissions.
API changes
None.
Data model changes
None.
Comment | File | Size | Author |
---|---|---|---|
#47 | interdiff-2678178-44-47.txt | 1.26 KB | ritzz |
#47 | 2678178-47.patch | 2.42 KB | ritzz |
#44 | 2678178-44.patch | 2.45 KB | tameeshb |
#44 | interdiff-38-44.txt | 1.03 KB | tameeshb |
#38 | node_revision-2678178-38.patch | 2.47 KB | dimaro |
Comments
Comment #2
felribeiro CreditAttribution: felribeiro at CI&T commentedComment #3
jhodgdonLooks right to me, and thanks for the quick action!
I wonder if we should try to get this into 8.0.x as well. It's a UI text change, but it is a bug because the text is incorrect. Anyway... good for 8.1.x for sure.
Comment #5
catchWhile these might be technically wrong, is there actually a way to actually do this via the UI with just those permissions? As far as I know you need to be able to view revisions to be able to delete them in practice.
Comment #6
jhodgdonWell, in theory you could go directly to the URL for deleting a revision, without clicking on a Delete or Revert link in the UI.
Comment #7
jhodgdonAnd just as a note, we don't say on the "delete xyz type of node" permission that you need "view node" or "edit node" permission either, even though in the UI you would need to be on an Edit page to see the link that deletes it. In this case too, if you went to the URL directly, like node/123/delete, the only permission that would be checked is delete. So to me this seems to be consistent. If you go directly to the revision delete URL, it does check that you have permission to edit the node; it doesn't check that you have permission to view or edit or revert revisions.
Comment #8
catchWell that's also a bug, there's been an issue open to resolve it since just after the delete permission was added in 2007 #196758: Having delete as a button on the node edit form means certain users don't have access to it when they should. So we might make it consistent with the delete permission, but we could equally adjust the node delete permissions description to make it consistent with this one (or change both).
I think there's actually some other ways to get to the delete operation now like contextual links and admin/content maybe, but there's no such mechanism for revisions, so it's not entirely equivalent either.
Moving back to CNR and tagging 'needs usability review'.
Comment #9
yoroy CreditAttribution: yoroy commentedI'm losing track of which refers to what here :)
Comment #10
jhodgdonUmm.... Technically, you do not need View permission to delete a node, nor do you need View Revision permission to delete a node revision. You do need Edit permission on the node in order to delete a revision. You do not need Edit permission on the node in order to delete the node.
That is separate from the UI considerations (where the buttons are displayed in the default UI).... However, you can definitely make a UI using Views and bulk ops that will let you delete a node or a revision without being on a view or edit screen, and in that case, you would only need the permissions noted in the issue summary.
So... I think this patch is correct. After this patch, it will say that to delete/revert a revision, you need edit permissions on the content (which is correct, independent of a UI/View that you might be using to do the operation). And it will not have a similar note on the delete node permissions, because that permission is not required.
In other words, I believe #8 is incorrect -- I think we should *not* say that you need any additional permissions to delete nodes -- you don't (if you can access the links, type in the URL directly, or use bulk ops on a view). And for revisions, similarly, if you have some way to access the operation (like bulk ops on a view), you do need edit node permission to delete or revert a revision, but you don't need view revision permission.
Comment #12
jhodgdonUnrelated test failure.
Comment #13
xjmThis issue is still tagged for a usability review (@yoroy did not have enough information above to provide the review).
I confirmed that nodes can be deleted without permission to edit the node or to view revisions, and similarly, revisions can can be deleted without permission to edit. In both cases, visiting the link directly or a similar operation is allowed. So, it's misleading to have this description on only the revision permissions while the similar content permissions have none. I've attached a screenshot to illustrate.
Edit: What does appear to be true is that you must be able to delete the given content in order to be able to delete a revision of it.
I think the questions in scope for this issue are:
Comment #14
xjmEdit: incorporating above for clarity.
Comment #15
jhodgdonOh, you're right! I think the issue summary (and the patch) are incorrect...
Is this your understanding:
- To delete revisions, you also need permission to delete the node (but not to view or edit it).
- To revert revisions, you also need permission to edit the node (but not to view or delete it).
- To view revisions, you also need permission to view the node (but not to edit or delete it).
- To view/delete/edit nodes, you don't need any revision permissions.
- Administer nodes and bypass all node permissions override any of these.
Is that right? If so, I think we should update the patch.
Comment #16
jhodgdonComment #17
Sahil Khambra CreditAttribution: Sahil Khambra at Trigyn Technologies Ltd commentedI have made a path as per the suggestion. it's my first patch :)
Comment #18
Sahil Khambra CreditAttribution: Sahil Khambra commentedComment #19
jhodgdonThanks! This is a great start. I think it needs a bit of improvement though -- and these comments apply to all of the permission descriptions (just used the first one as an example):
a) Let's not put in all the (but....) parts in these permission descriptions. I think that pertains more to the discussion we had on the issue, but will just confuse users when they see it (without the context of this issue) in the Permissions page.
b) We don't use the word "node" in user-facing text.
Use "content item" instead.
c) There is a bit of a grammatical disconnect here. "To view revisions" and "the node" -- revisions is plural, but node is singular. Let's make them either both singular or both plural. I think singular is probably preferable?
So, something like: To view a revision, you also need permission to view the content item.
Comment #20
rajeshwari10 CreditAttribution: rajeshwari10 as a volunteer and at Blisstering Solutions commentedAdding Patch as per instructions in #19.
Thanks!!
Comment #21
jhodgdonAgain, please take out the (but not to...) part in all of these permissions.
Comment #22
rajeshwari10 CreditAttribution: rajeshwari10 as a volunteer and at Blisstering Solutions commentedHi Jhodgdon,
I have done the changes.
Please review,
Thanks!!
Comment #23
jhodgdonThis looks great to me. The descriptions are simple, clear, and correct.
I'll leave it for a few days at Needs Review and hopefully the Usability folks will give it a review, but otherwise I am ready to mark it RTBC. Thanks!
Comment #24
rajeshwari10 CreditAttribution: rajeshwari10 as a volunteer and at Blisstering Solutions commentedHi Jhodgdon,
Any updates??
Thanks!!
Comment #25
jhodgdonSorry, this is still waiting for a Usability team review (hence the "Needs usability review" tag). I could mark it RTBC but I think the core branch maintainers would just put it back to Needs Review if I did.
Comment #26
Bojhan CreditAttribution: Bojhan as a volunteer and commentedI am reviewing this but its difficult to understand all the complications. Sorry, that these reviews are sometimes slow - allocating required time for complex issues is not easy.
The challenges I see:
I am unable to really evaluate how it compares to the triangulation of permissions :) But each permission seems to clearly indicate which other permissions are required.
Would anyone want to provide a permission without doing the underlying step (e.g. not granting edit the content item when they want people to revert a revision)?
Overall it feels very close, and would not constitute another usability review before commit.
Comment #27
ftyre76 CreditAttribution: ftyre76 as a volunteer commented"also" seems necessary to me since you have to have both permissions, not just the "edit" permission.
I see no reason to prevent this patch from going through. If someone has the actual phrase that is perfect, then they should specifically put it here and we can go through the review process at that time.
However, at this time I see it as good enough. Someone coming up with an improved way of saying it can go through the review process at that time.
Comment #29
ftyre76 CreditAttribution: ftyre76 as a volunteer commentedRebuilt patch.
Comment #30
ftyre76 CreditAttribution: ftyre76 as a volunteer commentedRebuilt patch (without my email this time ... sigh).
Comment #31
ftyre76 CreditAttribution: ftyre76 as a volunteer commentedIs there any way to delete 2678178-29.patch ? Thanks.
Comment #33
ftyre76 CreditAttribution: ftyre76 as a volunteer commentedReuploading new patch for 8.3.x
Comment #35
ftyre76 CreditAttribution: ftyre76 as a volunteer commentedReuploading new patch for 8.3.x
Comment #36
felribeiro CreditAttribution: felribeiro at CI&T commentedComment #37
kiwimind CreditAttribution: kiwimind at Investis Digital commentedLooks like you might have had some tabs creep in there on line 66. The indentation is incorrect.
Comment #38
dimaro CreditAttribution: dimaro at La Drupalera by Emergya commentedPatch to fix indentation as discussed on #37.
Comment #40
Thew CreditAttribution: Thew at Google Code-In commentedThe patch passed.
Comment #42
quietone CreditAttribution: quietone as a volunteer commentedA usability review was done in #26, and the patch content has not changed since then, noting three points
The word 'node' has been removed. Using 'also' seems necessary as said by @ftyre76. There is no work done on making it more scannable. But even so, the usability review stated that these would not constitute another usability review before commit.
Way back in #23, jhodgdon, was ready to RTBC but after a usability to review. Since that has happened this should be good to go.
Finally, since I don't usually work with permissions I installed the patch and tried it. I found the new text an improvement.
Comment #43
xjmSo it does not really make sense use italics here. The original use of italics was to denote the labels of the permissions used in the UI. Let's remove them now that they are no longer labels.
Thanks!
Comment #44
tameeshb CreditAttribution: tameeshb at Google Summer of Code commentedRemoved
<em>
as per #43Comment #45
quietone CreditAttribution: quietone as a volunteer commented@tameeshb, thanks for making those fixes.
Comment #46
xjmStill
<em>
here.Comment #47
ritzz CreditAttribution: ritzz at Iksula commentedRemoved tags.
Comment #48
quietone CreditAttribution: quietone as a volunteer commentedAh, right. I see.
Comment #50
xjmAlright, this ended up in a good place I think. Thanks everyone! Committed to 8.4.x.