Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
We could create some standard roles that tie in with the functionality that will be build. Taken from the roadmap and modified slightly:
Attendee/checkin Organizer
Session Organizer
Sponsor Organizer
Attendee
Speaker
Sponsor
Comment | File | Size | Author |
---|---|---|---|
#20 | cod-better-detault-perms-d.patch | 8.11 KB | ezra-g |
#18 | cod-better-detault-perms-c.patch | 21.2 KB | ezra-g |
#16 | cod_support-cod_event-cod_base-1011844-10-b.patch | 22.29 KB | lisarex |
#13 | cod_support-cod_event-1011844-10.patch | 16.99 KB | lisarex |
#11 | 887338-perms.patch | 24.61 KB | ezra-g |
Comments
Comment #1
coltranePut roles in corresponding feature or make separate roles, with permissions, feature?
Comment #2
ezra-g CreditAttribution: ezra-g commentedDefinitely in the corresponding features.
Comment #3
ezra-g CreditAttribution: ezra-g commentedHow about "content administrator" or "publicist"? Right now, nobody can create or edit news items except user 1.
Comment #4
coltraneYeah 'site administrator' is something you only want to give out to trusted users (to not break your site). "content administrator" seems fine but since sessions are also content I'd think such a role would have the same permissions of "session organizer" role.
Comment #5
lisarex CreditAttribution: lisarex commented"Content manager" or "Content editor" seems about right for a content editing role. They don't have 'admin' permissions but they need to add, edit and delete content (I guess we should first define what content this role is allowed to edit... Page and News content? Comments?)
Comment #6
ezra-g CreditAttribution: ezra-g commented> "content administrator" seems fine but since sessions are also content I'd think such a role would have the same permissions of "session organizer" role.
Yeah - I think it could make sense to allow content administrators to edit sessions and presenters, but not the accepted field so that they don't have moderation powers.
I think (create/edit/delete any) page, news and comments are a reasonable start for a "content manager" role.
Comment #7
ezra-g CreditAttribution: ezra-g commentedChanging title to reflect the specific role being created. Let's discuss different roles in different issues as they come up.
Comment #8
ezra-g CreditAttribution: ezra-g commentedSo, role and permission exports are somewhat complex. It seems ideal to do this in as few commits/issues as possible ;).
I see the event manager as someone who manages lists of attendees and can edit dates. This doesn't prevent us from having a checkin manager at some other point.
Comment #9
lisarex CreditAttribution: lisarex commentedI'll work on this.
Comment #10
lisarex CreditAttribution: lisarex commentedPermissions for content manager:
* Create, edit and delete any news & page content
* View and Reverts revisions
* Administer taxonomy
* Administer comments, comment_notify and sitewide contact form
Permissions for event manager:
* edit event fields (date and image_cache)
* a lot of the ubercart order permissions
* administer users
Also includes in this revision to the cod_base Feature is #1134884: All administrative/organizer roles should have access to the Admin menu
Comment #11
ezra-g CreditAttribution: ezra-g commentedHere this is as a patch.
Comment #12
ezra-g CreditAttribution: ezra-g commentedPer comment #2, let's separate the permissions out into their corresponding features - ie the events permissions and roles in cod_events.
This patch also removes the 'cod' fragment on the "manage features" link in the conference admin menu.
Comment #13
lisarex CreditAttribution: lisarex commentedOK, this was painful but ezra-g was patient with me :)
This patch modifies cod_base and cod_events. In addition to the roles & permissions mentioned in #10, it also includes a new view for events that will be used on the home page...
Comment #14
ezra-g CreditAttribution: ezra-g commentedComment #15
ezra-g CreditAttribution: ezra-g commentedThis export only contains the "administer users" permission.
It also changes the "package" value from COD to "Features," but I can fix this before committing.
As mentioned in #12, it removes the 'cod' fragment from the administrative menu link.
Comment #16
lisarex CreditAttribution: lisarex commentedTake 2. Mistakenly thought that adding a role added the permissions too.
Same perms #10 except for Content manager, does not contain anything to do w/ sitewide contact form, and same perms as #10 for Event manager.
The package value and cod fragment from admin link are complete and utter mysteries that Ezra will sort out.
Comment #17
ezra-g CreditAttribution: ezra-g commentedMuch better!
A few points:
- No roles have the 'administer taxonomy' permission
- Could we grant every permission that is granted to other roles to the site administrator role? Does this seem like a good rule of thumb to folks?
Comment #18
ezra-g CreditAttribution: ezra-g commentedHere's a re-roll that fixes the package and menu link issues, and adds a few more permissions.
After spending some more time on this issue, I feel like we should commit an initial best effort and then fix specific missing or incorrectly allocated permissions in further issues. It's certainly not impossible to make a perfect commit here, but I don't think we should hold up progress for that.
Because of the number of permissions (especially with cck field permissions), export steps, and various considerations (which role/permission goes into which feature), there are a lot of places where human error comes into play. Features that automate the permission and role export process, like #875156: Include all permissions feature for role export, could help reduce this somewhat.
Comment #19
lisarex CreditAttribution: lisarex commentedCouldn't apply the patch (discussed IRL)
error: patch failed: cod_events/cod_events.info:56
Comment #20
ezra-g CreditAttribution: ezra-g commentedStrange!
I applied this with the old-fashioned patch -p0 workflow and it worked for me. Here's a re-roll as a git patch that "actually applies".
Comment #21
ezra-g CreditAttribution: ezra-g commentedI left out the cod_events permission and role changes.
No more multitasking while working on Features for me.
Comment #22
coltraneWhat's left here to do now that #1208914: Rename Reg Desk view to Check in Desk and put it in the Conference Management menu is in?
Comment #23
ezra-g CreditAttribution: ezra-g commentedThanks for minding the queue, coltrane.
Clarifying with title.
Comment #24
Tobbeswim CreditAttribution: Tobbeswim commentedI have the latest version of COD, i messed up the permissions. I need a picture of the settings as they came with the distribution. I do not want to redownload and set up the page again as we are in the middle of signup for the conference. If any body would like to help me, this is the problem: When people sign-up for the conference they do not show up as signed up. They pay and get confirmed and we can see that they paid. They can book there hotell but we can not see them as signed up. They also had a problem when they signed up for more than one person. I am sure this is a permission problem but I need to figure out what I screwed up.
Thanks
Comment #25
lisarex CreditAttribution: lisarex commentedUnassigning from myself
Comment #26
japerryThis is done as of Beta6