Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Does Previous/Next API control the access to the module settings page?
User that has permissions to access admin area also can access and modify Previous/Next API settings page.
Thank you in advance
Comment | File | Size | Author |
---|---|---|---|
#16 | prev_next-user-perms-955098-14.patch | 1.27 KB | jesse.voogt |
#13 | prev_next_create_custom_permissions_01.patch | 1.27 KB | jesse.voogt |
#6 | prev_next-permission_fix-95509-3814846.patch | 1.06 KB | caspervoogt |
Comments
Comment #1
yooh CreditAttribution: yooh commentedI am using 6.x-1.x-dev (prev_next.info,v 1.1.2.1)
Modify prev_next.module in sites/all/module/prev_next
Replace
By
A new option in users/permissions is created.
It's work for me.
Comment #2
aasarava CreditAttribution: aasarava commented+1. Allowing administrators to restrict roles from the configuration settings of this module is an important addition. Fortunately it's a fairly simple tweak. Module maintainers, can you please add this in? Thanks for the handy module!
Comment #3
bhosmer CreditAttribution: bhosmer commentedI'm bumping this up to 7.x because it is in there too and support for D6 is nearing an end soon.
Comment #4
caspervoogt CreditAttribution: caspervoogt commentedThis looks simple enough, though I tried implementing this on the 2.x branch with no results. Even made a patch and everything... but it's not working unfortunately. Would be cool to see this implemented.
Comment #5
bhosmer CreditAttribution: bhosmer commentedToss your patch up here. Either I or someone else can probably can help you figure out why it isn't working for you.
Comment #6
caspervoogt CreditAttribution: caspervoogt commentedAdded my patch. See if you can do something with it
Comment #7
bhosmer CreditAttribution: bhosmer commentedYour patch worked fine for me. I'll get this pushed up as soon as I can. Thanks for the contribution! I mean, it at least applied fine and I can see your code looks good. I haven't tested it yet to see if it actually limits the permissions though.
Comment #8
bhosmer CreditAttribution: bhosmer commentedOne thing I just noticed,
hook_perm
, is a Drupal 6 function. The Drupal 7 version ishook_permission
Comment #9
caspervoogt CreditAttribution: caspervoogt commentedI just tested the permissions functionality. It seems to be working a little TOO well ... as an admin I can see the /admin/config/system/prev_next in the admin menu, but I get an "access denied" warning. I also set up another, more limited role which has bare-bones permissions, but I gave it prev_next permissions.. and the Configuration menu does not show up at all. I then gave that role the "Administer site configuration" permission in order to see that menu (?) but Prev/Next still doesn't show in the menu.
I am boarding my flight to DrupalCon ... will pick this up again in a few days. Maybe you can have a look too? I haven't dug very deep into the module code yet.
Comment #10
bhosmer CreditAttribution: bhosmer commentedOkay, so you're really close with this patch.
Check out how the Examples Module implements fine-grained access.
Comment #11
caspervoogt CreditAttribution: caspervoogt commentedI'll roll an updated patch in the new few days.
Comment #12
caspervoogt CreditAttribution: caspervoogt commentedUgh, I'm traveling. Will get to this soon!
Comment #13
jesse.voogt CreditAttribution: jesse.voogt at Plethora commentedI know this is old, and based on the lack of activity in years I'm not sure how many people need this, but I encountered the need to have custom permissions on a current effort.
I'm new to patching, and the code I'm working with is svn so that makes things slightly trickier, but I created this patch anyway -- please test to confirm the patch works properly. Casper's patch added function prev_next_perm, which was the D6-hook and did nothing in D7. So I added the proper "prev_next_permission" in order to implement D7's "hook_permission" instead (and changed the return value too). I've tested the changes on my project and so far it looks good. To generate the patch I did a git diff between the old and new file -- that seems like it produced the proper type of file...
Comment #14
bhosmer CreditAttribution: bhosmer as a volunteer commented@jesse.voogt I just tried to apply your patch, but I suspect you used the 7.x-1.x-dev to create your patch. Would you be so kind as to recreate it using the 7.x-2.x-dev branch?
Here's how to get you started:
In
sites/all/modules
:$ git clone --branch 7.x-2.x http://git.drupal.org/project/prev_next.git
$ cd prev_next
$ wget https://www.drupal.org/files/issues/prev_next-permission_fix-95509-3814846.patch
$ git apply prev_next-permission_fix-95509-3814846.patch
This will get you to the point of #6 and then you can implement your changes from that point on using the D7
hook_permission
instead.After you're satisfied with your new patch, you create a new one like this:
$ git diff 7.x-2.x > prev_next-user-perms-955098-14.patch
If you need more information on creating patches, or my instructions weren't clear enough, the Drupal Handbook has more detailed information on creating patches.
Thanks for your work on this by the way too.
Comment #15
caspervoogt CreditAttribution: caspervoogt at Plethora commentedI'm pretty sure Jesse's patch was from the 7.x-1.x branch, @bhosmer. Not sure what the issue is but https://www.drupal.org/node/707484 explains the procedure pretty well.
Comment #16
jesse.voogt CreditAttribution: jesse.voogt as a volunteer and at Plethora commentedI recreated my earlier patch in order to apply it to the 7.x-2.x-dev version of this module. I have not got a good environment for actually testing this specific patch out at the moment, but the basic code changes are in place (and appear to be working) on an actual project that's using the 7.x-1.x-dev branch. Please review.
The only slight improvement could be to have separate permissions for accessing the node edit page vs the re-indexing... not sure if that would be a value-add or just too much fine-grained control though, since most likely the same person would be responsible for both tasks on any given site?
Comment #17
bhosmer CreditAttribution: bhosmer commentedThanks a ton! I just applied the patch cleanly now. Let me look at it and test it and I'll try to get your updates pushed up.
Comment #18
bhosmer CreditAttribution: bhosmer commentedUpdated in 7.x-2.x with https://www.drupal.org/commitlog/commit/9898/f042805cbf8a33d0b52adf3f937...