group 2.0.0-alpha1

The "finally doing things right" release

A lot of code has gone into the 8.x-1.x branch that I later ended up regretting. Time to clean house and get rid of it!

This release contains several reworks, new features and new APIs for you to work with. Please check out the change records for a full list of changes, but I'll list the key parts below.

New dependency: Flexible permissions

Download and enable this first before you upgrade: https://www.drupal.org/project/flexible_permissions

This module takes care of calculating and caching permissions for you. I figured this can be helpful for more modules than just Group so it's now a standalone API module.

Roles and their UI have been reworked

No more advanced outsider roles or any of that nonsense. You can now define one of three roles:

• You have a specific global role and are not a member of the group: Outsider
• You have a specific global role and are a member of the group: Insider
• You are a member of a group and want extra permissions on top of the above: Individual

This takes care of the silly scenario where you'd have advanced outsider permissions and lost them when you joined a group. Furthermore, this means the previous Anonymous, Outsider and Member roles are no longer special and they can therefore be deleted if not in use.

Query access is now fully custom, no longer uses Entity API

Group is too complex to put into simple condition groups. Custom joins are way faster and that's what we're going with now.

GroupContentEnabler is dead, all hail GroupRelationType

The end goal is to end up naming the plugins "GroupRelation" and their definitions "GroupRelationType" and have GroupContent become GroupRelationship entities. The latter was too much of a pain in the ass for this release, so I settled on the former.

Having said that, the plugin manager for these plugins now looks and feels a lot like the EntityTypeManager:

• The definitions are classes rather than arrays
• Each plugin can support multiple handlers for various purposes
• The actual plugin class is rather empty and focused solely on plugin tasks (such as building a config form)

A key difference is that plugins do not define their handlers in their annotations, but rather as services. See my presentation at Drupal Dev Days 2022 for a full rundown.

Read the CRs to figure out how to update your plugin or look at the GroupMembership or GroupNode plugins and handlers to get an idea.

Access checks no longer deny access when Group doesn't care

Before, if something was grouped and entity access was being checked, Group would return Forbidden if it couldn't grant access. Now, it only does that if it knows that it should deal with the given entity operation. If an entity operation is not declared, Group will not deal with it. This should make Group play more nicely with modules that expose custom entity operations until a patch is written that informs Group about these operations.

Access bypass permission is gone

I don't like all-access permissions or accounts. You can now flag any group role as an admin role and they will allow any operation now and in the future.