Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.Is possible to hide or disable the permissions to create or edit vocabularies?
To make Taxonomy Manager to work i must enable the "Administer vocabularies and terms" permission, but this grant access to my term editor role to create and admin vocabularies. I already use the Taxonomy access control and Vocabulary permissions per role modules without result because TM need "Administer vocabularies and terms" permission.
| Comment | File | Size | Author |
|---|---|---|---|
| #1 | taxonomy_manager_permissions-1988344-2.patch | 5.9 KB | marioangulo |
Comments
Comment #1
marioangulo CreditAttribution: marioangulo commentedHey, since I was facing the same issue I added my own separate access control permissions for the taxonomy manager module.
Comment #2
RAFA3L CreditAttribution: RAFA3L commentedThanks! work perfect!
Comment #3
RAFA3L CreditAttribution: RAFA3L commentedHello, I notice that when I try to expand the root of a vocabulary I get an ajax error...
The page at localhost says:
An AJAX error occurred. Reload the page and check your logs.
And in the log:
Failed to load resource: the server responded with a status of 403 (Forbidden)
http://localhost/mysite/admin/structure/taxonomy_manager/childform/taxon...…B%5D=taxonomy&form_parents%5B%5D=manager&form_parents%5B%5D=tree&language=
Comment #4
ñull CreditAttribution: ñull commentedI allow a role to access one vocabulary, still the "switch vocabulary" select box in the right top corner shows all the vocabularies, although when selecting a prohibited vocabulary it will say Access Denied. It would be better though when users can select only their permitted vocabularies to avoid confusion.
Also in core there is already a per vocabulary permission. Can't TM just use these?.
What is more dangerous is the fact that "double tree" allows you to open and manipulate all the vocabularies that you are not supposed to touch.
So it is still far from safe
Comment #5
marioangulo CreditAttribution: marioangulo commentedSince I still need to work on this for a client I can update my patch next week.
Comment #6
anouHello,
Since we are "next week" :-), have you manage to update your patch to make it more secure ?
Comment #7
carn1x CreditAttribution: carn1x commentedI think Double Tree should also have a separate permission, not just restricted to allowed vocabularies.
Comment #8
lukasss CreditAttribution: lukasss commentednot able to apply your patch
Comment #9
Leeteq CreditAttribution: Leeteq commentedComment #10
markusd1984 CreditAttribution: markusd1984 commentedInstalled Vocabulary Permissions Per Role , Taxonomy access fix and this patch and works a treat, thanks!
Enables us to remove the "Administer vocabularies and terms" which is normally required for Taxonomy Manager for editing terms and also gives full access to all vocabularies with the normal taxonomy editor /admin/structure/taxonomy.
Instead we have the "Administer Taxonomy Manager" permission to enable it and individual "Administer [XYZ] taxonomy manager vocabulary" permissions (and the core taxonomy editor access is denied for those roles).
Now only the terms I set permission to are possible to be managed by the Taxonomy Manager /admin/structure/taxonomy_manager.
Perhaps thus this patch is better than the approach to respect the core vocabulary permissions.
+1 re
#4 to hide/disable the other vocabulary names in the "Switch vocabulary" drop down that the user role has no permission for, which could prevent #7 as well to use the double tree to access restricted vocabularies.