As advancement of #513078: Flexible revision permissions., this patch implements even more fine-grained permissions: "view revisions of own content" is removed, and for any content type there are 2 additional permissions: "view revisions of any $contenttype" and "view revisions of own $contentype". This allows, for example, to let your authors see article revisions they work on, but hide revisions of forum posts, which you may store internally to keep audit history and for purposes of moderation. Also this allows to have local moderators, for example article editors which will have only "view revisions of any article content" permission, but not "view revisions" one.
Comment | File | Size | Author |
---|---|---|---|
#4 | rev-granular.patch | 2.08 KB | crea |
#3 | more-granular-perms-updated.patch | 2.13 KB | crea |
more-granular-perms.patch | 1.96 KB | crea | |
Comments
Comment #1
crea CreditAttribution: crea commentedAlso there may be additional changes required in Module Grants but I let Rik decide (cause I'm not expert of Module Grants internals)
Comment #2
crea CreditAttribution: crea commentedComment #3
crea CreditAttribution: crea commentedI updated patch with same access check as in #549588: "View revision of own content" should also check node access
It is against dev version without #549588: "View revision of own content" should also check node access applied.
Comment #4
crea CreditAttribution: crea commentedRemoved node module check to support node types implemented in other modules (e.g. faq, forum, blog etc).
Comment #5
RdeBoerThanks crea, this patch could come in very handy..
Rik
Comment #6
BenK CreditAttribution: BenK commentedHi crea and Rik,
I'm very excited about these new more granular permissions! It's just what I need. Is the latest patch in #4 applied against an old dev version? I have the latest dev version (2009-Aug-03), so I'm wondering if the patch will work if I try to apply it.
I'd love to get this feature committed to the 6.x-2.x-dev branch ASAP. Let me know if I can do any testing to speed up the process....
Cheers,
Ben
Comment #7
crea CreditAttribution: crea commentedWhy not try applying instead of asking ?
Comment #8
BenK CreditAttribution: BenK commentedHey crea,
I tried out the patch (did quite a bit of testing) and it works really well. It's great to have the ability to set permissions per content type.
In my testing, I did notice one possible bug, but I'm not sure if this is by design:
If a user does NOT have "edit any [contenttype]" or "edit own [contenttype]" permissions, but does have "view revisions of any [contentype]" and "edit revisions" permissions, then I would expect the user to be able to do the following:
* The "Edit Current" tab should be hidden.
* The "Revisions" tab should be visible.
* All revisions except the currently published revision should be editable.
In my testing of the above configuration, however, none of the revisions are editable. Is this the expected behavior or a possible bug?
Regardless, this is probably a minor edge case... nothing that should hold up implementation of the patch.
Thanks for your great work,
Ben
Comment #9
crea CreditAttribution: crea commentedIt's intended behavior. For "edit revisions" Module Grants module checks both if you have "edit revisions" permission and if you have "update" node grant on the node. If "update" node grant could be skipped it would make node access modules useless when used with revisions.
In case you disable "edit [contenttype]" permission, you need to have some access control module that grants "update" access.
Comment #10
BenK CreditAttribution: BenK commentedcrea,
Thanks for the explanation. Makes perfect sense now. In that case, I think this patch is ready. I've done pretty extensive testing with numerous configurations and everything works as expected.
Rik, is it possible to commit this patch ASAP?
Cheers,
Ben
Comment #11
RdeBoerThanks crea and Ben,
I may find some time this weekend or Monday. There's some other bits and pieces that need to go in as well, so it's not an entirely straightforward check-in.
Rik
Comment #12
BenK CreditAttribution: BenK commentedThanks, Rik, for your efforts! Really appreciate it....
--Ben
Comment #13
samchok CreditAttribution: samchok commentedsubscribe
Comment #14
RdeBoerSorry guys, didn't get round to doing it before my holidays.
Will look at ik on my return.
Rik
Comment #15
BenK CreditAttribution: BenK commentedRik,
When will you be back?
Have a great vacation,
Ben
Comment #16
samchok CreditAttribution: samchok commentedI think someone here could be interested, a "View revisions by content type" module has also been released: http://drupal.org/project/view_revisions_by_content_type
Comment #17
crea CreditAttribution: crea commentedHuh, I think it will conflict with Revisioning or even won't affect it at all, since we use special menu path containing "%vid" instead of just "%". There will probably be collision in permission namespace. Anyway I'm not going to change this patch to make it compatible.
Comment #18
BenK CreditAttribution: BenK commentedHey Rik,
Are you back yet from your vacation? I'd love to get crea's patch in this thread committed to the module as soon as you have a chance....
Thanks,
Ben
Comment #19
RdeBoerComitted.
Available in versions dated 21-Nov-09 or later.
Comment #20
crea CreditAttribution: crea commentedI think you will need to make some corresponding changes in module_grants_node_access() too...
Comment #21
RdeBoerHmm... I see what you mean.... It's been a while I looked at my own code....
Will update soon....
Comment #22
BenK CreditAttribution: BenK commentedHey Rik and crea,
I'm not sure I fully understand crea's comment in #20.... Does this mean that there needs to be a corresponding change in the Module Grants (http://drupal.org/project/module_grants) module as well?
Thanks,
Ben
Comment #23
RdeBoerCorrect.. I will do this soon....
Rik
Comment #24
BenK CreditAttribution: BenK commentedHey Rik,
Just wanted to check in to see the status of the corresponding change in the Module Grants module... Will there be problems if I upgrade to the latest -dev version of Revisioning, but Module Grants isn't yet updated?
Thanks,
Ben
Comment #25
RdeBoerHey Ben,
I have upgraded both Module Grants (which now includes Module Grants Monitor as an optional feature) and Revisioning so this feature should now be complete... Versions of 16-Dec-09 or later...
Rik