Contrib.social

Incorrect access denied messages in branding block

Open on Drupal.org →
Created on 15 February 2017, over 8 years ago
Updated 18 January 2023, over 2 years ago

Error description refers to incorrect element

when a user does not have permission to edit site name or slogan, an incorrect access denied message is displayed: "Defined on the Site Information page. You do not have the appropriate permissions to change the site logo." it refers to "site logo".

Error refers to pages the user does not have access

When a user does not have permission to do something, we don't usually have an explanation message.

I'd like to propose removing the "You do not have the appropriate permissions to change the ...." message. I have a client that became confused why he was not granted permission to do something, despite being so close to being able to do it.

And remove "Defined on the XXX page." text if the user does not have permission to access it.

🐛 Bug report
Status

Needs work

Version

10.1

Component
System 

Last updated 1 day ago

No maintainer
Created by

🇦🇺Australia dpi Perth, Australia

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Merge Requests

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

  • Status changed to Needs review about 2 years ago
  • Comment about 2 years ago
    🇺🇸United States smustgrave

    Rerolled #27
    error: patch failed: core/modules/block/tests/src/Functional/BlockSystemBrandingTest.php:119
    error: core/modules/block/tests/src/Functional/BlockSystemBrandingTest.php: patch does not apply

  • Comment about 2 years ago
    🇮🇳India TanujJain-TJ

    tested and verified patch #38 on claro and olivero themes, patch applied successfully and fixed the 'Incorrect access denied messages in branding block', attaching screenshots for reference. need RTBC+1

  • Status changed to RTBC about 2 years ago
  • Comment about 2 years ago
    🇮🇳India saket-001

    patch #38 is working fine. also mentioned in #39 so moving status to RTBC.

  • Status changed to Needs work about 2 years ago
  • Comment about 2 years ago
    🇦🇺Australia larowlan 🇦🇺🏝.au GMT+10
    +++ b/core/modules/block/tests/src/Functional/BlockSystemBrandingTest.php
@@ -115,6 +115,17 @@ public function testSystemBrandingSettings() {
+    $this->assertSession()->responseNotContains('Defined on the Appearance or Theme Settings page. You do not have the appropriate permissions to change the site logo.');
+    $this->assertSession()->responseNotContains('Defined on the Site Information page. You do not have the appropriate permissions to change the site logo.');
+    $this->assertSession()->responseNotContains('Defined on the Site Information page. You do not have the appropriate permissions to change the site logo.');

    We never emit 'You do not have the appropriate permissions' anymore, so these assertions would still pass even if the patch didn't work.

    Let's change them to assert the new string isn't emitted.

    Let's also add some positive asserts for the user that does have the required permissions

  • Comment about 2 years ago
    🇮🇳India Akram Khan Cuttack, Odisha

    added updated patch and addressed #41

  • First commit to issue fork.
  • Merge request !12256Apply patch → (Open) created by mstrelan
  • Pipeline finished with Failed
    4 days ago
    Total: 643s
    #508025
  • Comment 4 days ago
    🇦🇺Australia mstrelan

    Applied the latest patch and converted to a merge request. Fixed the test coverage and found a bug with the active theme and fixed that too.

  • Pipeline finished with Success
    4 days ago
    #508031
  • Comment 4 days ago
    🇮🇳India sd9121

    I have reviewed and tested the patch against Drupal 11.x-dev, and it works as expected. The patch successfully removes the incorrect access denied messages that appeared in the Site Branding block when users lacked permission to edit certain elements. Specifically, users without the appropriate permissions no longer see misleading references such as "You do not have the appropriate permissions to change the site logo" when they only lack access to the site name or slogan.

contrib.social Blog FAQ Discussions
Production build 0.71.5 2024