Contrib.social

Add a setting to enable/disable inline editing and deletion of existing entities

Open on Drupal.org β†’
Created on 3 October 2017, about 7 years ago
Updated 16 June 2024, 6 months ago

Our userbase has a high turnover, and the concept of re-usable media assets has proven difficult to cement. To avoid users inadvertently impacting other users' pages we want to remove the ability to edit existing assets inline.

This functionality, coupled with the patch in the related issue β†’ , would provide a useful barrier to accidental alteration of assets. (Users can still update and even remove the assets via other methods.)

This patch (inbound shortly) creates a new setting which controls the display of the edit button. The setting does not apply to newly created entities -- they can be edited inline up until the node is saved and the entity is created in the DB.

✨ Feature request
Status

Needs work

Version

3.0

Component

Code

Created by

πŸ‡¬πŸ‡§United Kingdom jrsouth

Live updates comments and jobs are added and updated live.
  • Needs tests

    The change is currently missing an automated test that fails when run with the original code, and succeeds when the bug has been fixed.

Sign in to follow issues

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

  • Comment over 1 year ago β†’
    πŸ‡¬πŸ‡§United Kingdom jrsouth

    Rerolled to apply against RC15, however that version seems to introduce a related control (removed_reference) which renders this patch partly redundant.

    Needs unpicking, but this should keep anyone currently using this patch running for the time being.

  • Comment 11 months ago β†’
    πŸ‡ΊπŸ‡ΈUnited States dcam

    I suggest closing this issue as a "won't fix." This is a permission issue, not a reason to add more bloat to the field widget's settings. As noted in #20, Drupal Core includes granular permissions which may be configured to only allow access to edit or delete a user's own Media entities. In my opinion, this would need an explanation of how the permissions are insufficient enough to justify additional burden on maintainers and frankly every site builder who has to set up the widget.

  • Comment 11 months ago β†’
    πŸ‡¬πŸ‡§United Kingdom jrsouth

    I disagree, this suggested change directly addresses a common requirement of sites with large (and changing) user bases.

    No matter how good the training is, users make mistakes. This is exacerbated by a changing population of users, e.g. as staff leave and arrive at an organisation. As site builders/admins, if we can easily prevent a mistake from being made, we should, and this change enables us to do so.

    The classic example is a user creating a page containing a media item customised to that page. They then later create a separate new page and re-use the media item, editing it inline to be more suitable for this new page, without realising that it's now unsuitable for the original page.

    You could argue that this is simply user error, but the suggested change allows site maintainers to easily prevent this common mistake from being made, which directly improves the user experience.

    And yes, the permissions around editing/deleting a user's own media items are insufficient, as demonstrated by the example above β€” the unintended consequences are due to editing the user's own media entity. (And we certainly don't want to prevent editing wholesale, because that's still needed.)

    There would be no burden on site builders, since it defaults to the current behaviour, making it purely opt-in.

    The burden on maintainers is very likely to be minimal given the essentially static nature of this patch for the last 5+ years.

  • Comment 11 months ago β†’
    πŸ‡ΊπŸ‡ΈUnited States dww

    Yeah, I can see the benefit of allowing users to be able to edit their own entities (via other UI paths) but *not* to do so via IEF. I'm +1 to having these be widget settings. But for this to not be a maintenance burden, this feature *definitely* needs solid test coverage before it can be considered. Also, it should target the forthcoming 3.1.x series, since 3.0.0 is deep into RCs and IMHO it's too late to be adding new features there...

  • Comment 6 months ago β†’
    πŸ‡΅πŸ‡±Poland adr_p

    Rerolled against rc19 and:

    • Replaced empty($entity_id) calls (that don't work for entities with machine names) with $entity->isNew().
    • On the widget configuration form, dynamically hide "Keep or delete unreferenced..." if the "Allow users to delete existing..." checkbox is unchecked.
    • Don't display the "Keep or delete..." setting in the widget configuration summary if configured not to allow deleting existing entities.
contrib.social Blog FAQ Discussions
Production build 0.71.5 2024