Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Problem/Motivation
As @Berdir mentioned here #6
I think we should also investigate this real item count stuff together with access.
I find that highly confusing, as I said before, If there are 3 texts and a text + item (which I do not have access to) on a field that allows 4 values then the one I don't have access to will be removed and I will be allowed to add a nother one?
IMHO, we need an access_denied state, that displays a message that you can't edit a paragraph. Similar to closed, but can't be opened.
Proposed resolution
I tested this with @Berdir and we deal that everything is working nice, and we only need test coverage
Remaining tasks
User interface changes
API changes
Data model changes
Comment | File | Size | Author |
---|---|---|---|
#11 | interdiff-2834829-7-11.txt | 2.33 KB | toncic |
#11 | add_tests_for_per_type-2834829-11.patch | 1.91 KB | toncic |
#7 | add_new_access_denied-2834829-7.patch | 1.75 KB | toncic |
#6 | interdiff-2834829-4-6.txt | 1.71 KB | toncic |
#6 | add_new_access_denied-2834829-6.txt | 1.75 KB | toncic |
Comments
Comment #2
miro_dietikerAdvanced access is challenging.
If a user has view permission on a paragraph but not edit, we can easily indicate each unediable paragraph just with the collapsed summary.
If a user wouldn't even be allowed to view a paragraph, then we have a problem.
For advanced content building, those things are very important.
We can place functional paragraphs (such as a view) and lock them down. The editor can then only edit the regular content fields.
This case needs more investigation combined with library, templates, and other cases.
In some projects, we had limitations about strict positioning. Thus, we would need not only lock editing of the paragraphs, but also make it non-drag-and-drop'able. It's hard to design something that works clean and easily with these requirements.
Mind that we have our Paragraphs Access plugin as a starting point.
We will need this to limit error in our future installation. Might need multiple dedicated issues.
Comment #3
BerdirYeah, but things like preventing drag & drop is pretty advanced and IMHO new features. If I'm correct then this is a bug and a pretty serious one.
Comment #4
toncic CreditAttribution: toncic at MD Systems GmbH commentedI tested this with @Berdir and we deal that everything is working nice, and we only need test coverage.
So I wrote test to check what is happening when we are access the edit page when we don't have admin permission.
Comment #5
johnchqueMissing space between "//" and "Check".
Let's use Paragraph instead of Paragraphs, otherwise "Paragraphs was" doesn't really make sense. Also don't create a new line after "." Continue the comment in the same line.
Comment #6
toncic CreditAttribution: toncic at MD Systems GmbH commentedImplementing comm #5.
Comment #7
toncic CreditAttribution: toncic at MD Systems GmbH commentedWrong extension for patch.
Comment #8
BerdirWe can do a bit better I think.
We should make sure that we can see the content of the image + text field, and that we can see the add button for image + text but not the one for the other type we don't have access to.
that *a* user
lover level? what is that exactly? ;)
also, this is supposed to comment the part where we decrement real item count
Comment #9
johnchqueIsn't this accomplished by the sub module "paragraphs type permissions"?
Comment #10
BerdirYes, we are just adding explizit tests and better because the current logic is very non-intuitive.
Comment #11
toncic CreditAttribution: toncic at MD Systems GmbH commentedImplementing comm #8.
Comment #12
miro_dietikerThe tests don't correspond to the issue summary.
Are we now trying to improve / overhaul the real item count or other internal counters?
We didn't add any access denied state.
And i guess we need a paragraph field with count limitation and make sure a user without access to one of the paragraphs is able to add one more.
And Berdir said that saving a host entity without access to a paragraph results in deletion of the items.
Lots of things to check and cover. :-)
Comment #13
Berdirdeal => confirmed ;)
But yes, issue summary needs to be updated.
Comment #14
toncic CreditAttribution: toncic at MD Systems GmbH commentedIssue summary updated.
Comment #16
miro_dietikerAnd we have some better tests of the access thingy! Committed! :-)