Permission to view configuration page [#3048543]

Currently on 8.x-1.0, any role with the `access administration pages` permission is able to view and alter the configuration page located at `admin/config/menu-item-role-access`. In cases where editor roles have access to the administration pages, they shouldn't be able to alter these settings. A new permission should be built to allow access to the configuration page for this module for the appropriate roles.

Comment	File	Size	Author
#6	permission-to-view-configuration-page-3048543-6.patch	512 bytes	Vlad Stratulat
#4	menu_item_role_access-config-permission-3048543-4.patch	1.05 KB	drieder
#2	menu_item_role_access-config-permission-3048543-2.patch	1.03 KB	drieder

Comments

Comment #1

16 April 2019 at 13:22

drieder created an issue. See original summary.

Comment #2

drieder commented 16 April 2019 at 13:50

Status	File	Size
new	menu_item_role_access-config-permission-3048543-2.patch	1.03 KB

Added a initial patch

Comment #3

liampower commented 25 April 2019 at 08:24

Hi @drieder,

Thanks for picking up on this, I agree it shouldn't be the `access administration pages`.

Thank you also for the patch. My only query would be the name and title of the permission. I feel Administer would be a better word to use than access.

Comment #4

drieder commented 12 May 2019 at 22:58

Status	File	Size
new	menu_item_role_access-config-permission-3048543-4.patch	1.05 KB

Sorry about the delay, thanks for your response @LiamPower. I've added a new patch with better wording!

Comment #5

Vlad Stratulat commented 24 May 2019 at 10:09

I believe that changing it to Drupal's Administer site configuration which available by default, should be enough for this.
You don't want to spam with configuration specific checkboxes on permissions page when this is a site configuration.

- _permission: 'access administration pages'
+ _permission: 'administer site configuration'

Comment #6

Vlad Stratulat commented 24 May 2019 at 10:34

Status	File	Size
new	permission-to-view-configuration-page-3048543-6.patch	512 bytes

Comment #7

charginghawk commented 7 June 2019 at 21:12

Status:

Active

» Reviewed & tested by the community

I prefer the approach in #4 - a cursory glance of my installed contrib modules shows that using "administer site configuration" is pretty rare (4 modules) and defining your own administer permission is pretty common (a few dozen modules). Also there's a "need and not have worse than have and not need" thing IMO.

It applies and works as expected.

Comment #8

liampower commented 17 June 2019 at 07:29

#4 is also my preferred approach, but than you for your input Vlad.

Comment #9

17 June 2019 at 07:30

LiamPower committed 9abcb99 on 8.x-1.x authored by drieder

Issue #3048543 by drieder, Vlad Stratulat, LiamPower, charginghawk:...

Comment #10

liampower commented 17 June 2019 at 07:31

Status:

Reviewed & tested by the community

» Fixed

Committed to the 1.x dev branch.

Thank you for your input everyone.

Comment #11

1 July 2019 at 07:34

Status:

Fixed

» Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.

Permission to view configuration page

Comments

Comment #1

Comment #2

Comment #3

Comment #4

Comment #5

Comment #6

Comment #7

Comment #8

Comment #9

Comment #10

Comment #11

News items

Our community

Documentation

Drupal code base

Governance of community