Currently a lot of permission descriptions say the same as their titles, apart from some slight differences in word choice. This patch removes or changes a lot of redundant descriptions and clarifies titles, either by merging them with the descriptions or by applying some other minor changes, one of them is notably the change from "Access (...)" to "View (...)" or "Use (...)". View has been used for permissions that only allow users to view something, like content or Aggregator feeds. Use has been used for permissions that imply actions, like "Use site-wide contact form".

There are a few descriptions left, most of which warnings and notes. I am not sure if we can shorten or remove the "View printer-friendly books", "Administer image styles" and "Bypass content access control" descriptions.

CommentFileSizeAuthor
#18 comment-post-permissions.png5.17 KBsun
#12 drupal.system-permission.patch725 bytessun
#8 permissions_before.png797.21 KBxano
#8 permissions_after.png502.47 KBxano
#8 rewrite_permission_descriptions_03.patch29.82 KBxano
#4 rewrite_permission_descriptions_01.patch29.41 KBxano
rewrite_permission_descriptions_00.patch29.41 KBxano

Comments

xano’s picture

xano
he/they
Primary language English
Location Southampton
commented
Assigned: Unassigned » xano
Issue tags: +Cleanup

No screen shots, because it's a terribly long page, my laptop screen is very small and I have no way to stitch images here :P

seutje’s picture

seutje commented 
-      'description' => t('Access the site-wide dashboard. Modifying the dashboard requires the "Administer blocks" permission.'),
+      'description' => t('Note: modifying the dashboard requires the !administer_blocks permission.', array('!administer_blocks' => l('Administer blocks', 'admin/config/people/permissions', array('fragment' => 'module-block')))),

this is a big no-go, ur causing the 'Administer blocks' bit to be untranslatable

seutje’s picture

seutje commented
Status: Needs review » Needs work

forgot status

xano’s picture

xano
he/they
Primary language English
Location Southampton
commented
Status: Needs work » Needs review
StatusFileSize
new rewrite_permission_descriptions_01.patch29.41 KB

/me headdesks like a ninja.

Status: Needs review » Needs work

The last submitted patch failed testing.

yoroy’s picture

yoroy commented

https://addons.mozilla.org/nl/firefox/addon/1146 for full page screengrabs

xano’s picture

xano
he/they
Primary language English
Location Southampton
commented
Status: Needs work » Needs review

Thanks for the tip. Submitting for retest because PHP errors don't usually pop up after five days.

xano’s picture

xano
he/they
Primary language English
Location Southampton
commented
StatusFileSize
new rewrite_permission_descriptions_03.patch29.82 KB
new permissions_after.png502.47 KB
new permissions_before.png797.21 KB

Follow-up patch. I also attached before and after screen shots. Note that the after screenshot is roughly 2000px shorter than the before screenshot.

whatdoesitwant’s picture

whatdoesitwant commented
Status: Needs review » Reviewed & tested by the community

I have reviewed this patch. (In order to do so I activated all modules and used the dev version of devel to generate sufficient content).
I have doublechecked for language errors with focus on interpunction.
I have doublechecked for translation issues (see comment #2 by seutje).
I checked the functionality of the links:
- at line 143 (dashboard module).
- at line 636 (user module).
I checked the functionality of the taxonomy label.

The patch serves its purpose.

eigentor’s picture

eigentor commented

good work. A lot of the descriptions did not make sense and so it is good they are removed, and many are clarified a lot in the patch.

dries’s picture

dries commented
Status: Reviewed & tested by the community » Fixed

Committed to CVS HEAD. Thanks!

sun’s picture

sun
Primary language German
Location Karlsruhe
commented
Status: Fixed » Needs review
StatusFileSize
new drupal.system-permission.patch725 bytes

Award winning patch.

sun’s picture

sun
Primary language German
Location Karlsruhe
commented
Status: Needs review » Reviewed & tested by the community

errr.

dries’s picture

dries commented
Status: Reviewed & tested by the community » Fixed

Committed to CVS HEAD. Thanks. But alas, no award for this patch. Happy to give you an award for other patches though. ;-)

xano’s picture

xano
he/they
Primary language English
Location Southampton
commented

Nice catch, Sun!

David_Rothstein’s picture

David_Rothstein commented
Priority: Normal » Critical
Status: Fixed » Needs work

This is a big change that went in without much discussion. The original change, that is - not @sun's award-winning followup :)

It should be discussed more. While there are definitely some great changes in the patch, the overall result is a near-rollback of the permission descriptions, which were introduced in Drupal 7 for an important reason.

In addition, the actual effect of this patch is to make many of the permission titles longer, which seems backwards. The idea is supposed to be that the permission titles are very short because everyone is supposed to read them, whereas the descriptions are intended to be ignored except when the user needs to focus on and carefully understand that particular permission. We already have a "hide descriptions" link on the permissions page and other methods could be explored for themes to make them less prominent, so making the page shorter is not a good reason to remove them.

To take a couple examples from up near the top of the patch of why this is problematic:

     'administer news feeds' => array(
       'title' => t('Administer news feeds'),
-      'description' => t('Add, edit or delete news feeds that are aggregated to your site.'),
     ),

...

     'administer blocks' => array(
       'title' => t('Administer blocks'),
-      'description' => t('Select which blocks are displayed, and arrange them on the page.'),
     ),

These deletions are fine for experienced users, but for someone who is still shaky on what a "news feed" and "block" even are, they absolutely need some kind of extra text to remind them.

***

In addition, there are a few bugs here.

  1. -    'title' => t('Administer filters'),
-    'description' => t('Manage text formats and filters, and use any of them, without restriction, when entering or editing content. %warning', array('%warning' => t('Warning: Give to trusted roles only; this permission has security implications.'))),
+    'title' => t('Administer and use any text formats and filters'),
+    'description' => theme('placeholder', array('text' => t('Warning: This permission may have security implications depending on how the text format is configured.'))),

    Seems like a copy-paste error: The "warning" text should not have been changed, since the security implications of this permission do not depend on any one particular text format. 

  2. -      'title' => t('Administer software updates'),
-      'description' => t('Run the update.php script.'),
+      'title' => t('Run software updates'),

    There was a long discussion at #67234: Update script access rights of why it is appropriate to put "administer" in this permission name.

    Also (not really caused by this patch), we need a new description here since it needs to be updated to reflect the way the update manager uses this permission to allow new modules to be uploaded to the site.

  3. The human-readable permission titles are often used in various other places in core (e.g., help text). This patch did not update any of those to reflect the new permission names. I'm not sure how many there are, but, for example, I know that the "Administer software updates" example mentioned above was not updated, because it is still appearing in user-facing text in update.php.
xano’s picture

xano
he/they
Primary language English
Location Southampton
commented
Category: task » bug

Marking this a bug report because of the problems that have arisen.

- The main reason for using administer in the update permission title is to make clear it should only be given to site admins. However, the permission itself does not have to do with administering anything, but rather running/executing/performing it. This was why I chose for run instead of anything else. What about we keep Run software updates and add a warning in the description, just like we do with the other descriptions that may have security implications?

- I removed a lot of descriptions for administrative permissions because in general administrative permissions allow you to add, delete, configure and arrange stuff. They are 'super' permissions that allow you do to anything there is to do regarding the features described after the word Administer as opposed to more specific descriptions like Add new blocks (fictitious permission). Also, if we describe permissions in too much detail, this may not be correct anymore if contrib uses the same permissions for features it adds.

sun’s picture

sun
Primary language German
Location Karlsruhe
commented
StatusFileSize
new comment-post-permissions.png5.17 KB

WTF?

comment-post-permissions.png

If I wouldn't know that I can't, then I would only assign the one without approval. And even knowing the logic behind those labels, I took me a couple of seconds to understand what I want to do.

jeff124578’s picture

jeff124578 commented

If the "Administer..." permissions are essentially meta-permissions -- that is, checking "Administer xyz" automatically checks each of "View xyz", "Post xyz", and "Edit xyz", then we really do need to include that fact in the permission descriptions.

To accomplish this,

Option 1 [easier]: Description for meta-permission "Administer xyz" should simply list which permissions it includes, similar to the initial patches here, but preferably with the conjunction "and" instead of "or".
e.g. "Add, edit, and delete news feeds that are aggregated to your site."
Where the Administer permission includes any permissions that subsume each other, list the least restrictive one.
e.g. "View and add comments to content (approval not required)."

Option 2: Just as the module listing page has "depends on" and "required by", add an extra tiny note to each permission that gets automatically checked (or unchecked) by an larger meta-permission. For example:
Administer comments and comment settings [x]
View comments [x] (included in "Administer comments and comment settings")
Ideally, checkboxes would never be disabled, but unchecking "View comments" would also automatically uncheck "Administer comments" while leaving "Post comments" checked.

xano’s picture

xano
he/they
Primary language English
Location Southampton
commented

The problem with option 1 is that module may reuse another module's permissions. I don't except things will get any simpler than they are now, but the page will surely get more cluttered.

Bojhan’s picture

Bojhan commented
Priority: Critical » Normal

This is not critical.

amc’s picture

amc commented
Status: Needs work » Active

All previous patches have been committed, and a rollback is under discussion but no patch yet...therefore setting to "active"

Stevel’s picture

Stevel commented
Status: Active » Fixed

#16: 1 and 2 are changed in CVS HEAD. 3 is probably addressed as well by now, but if anyone feels a compelling need to grep the old permission names through core, please do.

#18: comment permissions are being addressed in #438224: "Post comments without approval" permission name is completely misleading, Administer software updates had gotten back in place already.
#19: hierarchical permissions for D8 are being discussed in #381584: Hierarchical Permissions System.

Therefore, setting this back to fixed. I suggest that a new issue is opened if there are more follow-ups needed.

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.

xano’s picture

xano
he/they
Primary language English
Location Southampton
commented
Assigned: xano » Unassigned