Add a "Manage permissions" tab for each bundle that has associated permissions

Created on 7 January 2018, almost 7 years ago
Updated 12 April 2024, 8 months ago

Problem/Motivation

This is spun off from #2862422: Add per-media type creation permissions for media .

That issue added per-bundle permissions to the Media module, which raised a number of UX concerns, specifically around #2862422-61: Add per-media type creation permissions for media and #2862422-62: Add per-media type creation permissions for media . Anytime any module wants to add per-bundle permissions, the already intimidatingly large permissions table swells to an even greater size, like a large, poisonous bullfrog. Something must be done!

Proposed resolution

Several possible solutions have been discussed. In comments #21 through #29, we discussed and agreed a solution based on the work done in #3216341: Provide a module-specific permissions form and #2571235: [regression] Roles should depend on objects that are building the granted permissions .

The proposed resolution is to add a "Manage permissions" tab, similar to the "Manage fields" tab. The "Manage permissions" tab shows a filtered list of permissions that are specific to the given bundle.

Move the route enhancer from the field_ui module to Drupal\Core\Entity\Enhancer\EntityBundleRouteEnhancer so that it is always available to the new permissions form. The route enhancer applies to any route that adds the _field_ui option, but it is intended to be used with routes related to entities that specify the field_ui_base_route option, which is part of the core Entity API. I think that makes it appropriate to move the route enhancer out of the field_ui module.

Completed tasks

  • Add a "Manage permissions" option to the drop button on the page that lists bundles, such as /admin/structure/types. (See #39.)
  • What if there are no permissions depending on a bundle? An empty tab is the simplest solution. Can we figure it out when defining the route without duplicating a lot of code? (See #35, #39, and #45. Resolved in #48.)
  • Add documentation in user_help() and in the help_topics module.
  • Add test coverage.
  • Add a follow-up issue to rename the _field_ui route option: #3246064: Rename the _field_ui route option .

Remaining tasks

User interface changes

A new "Manage permissions" tab will be introduced on bundles, next to the "Manage fields" or "Manage display" tabs, and will display a curated/filtered permissions list. For example, here is the new tab for the Recipe content type in the Umami demo profile:

API changes

None, unless moving the route enhancer out of the field_ui module is considered an API change

Data model changes

None

Release notes snippet

When editing a content type, vocabulary, and so on, site administrators already have several tabs: Edit, Manage fields, and so on.

Starting with Drupal 9.4.0, there is a new tab, "Manage permissions", when appropriate. It lists just the permissions that depend on the given type. See Add "Manage permissions" tab after "Manage display" .

I added the "9.4.0 release highlights" tag as a suggestion to the release managers. If this issue does make it in to 9.4.0, then I think it is worth mentioning along with these other issues: some already fixed, some of which might also make it:

Feature request
Status

Fixed

Version

9.4

Component
User module 

Last updated 23 minutes ago

Created by

🇺🇸United States phenaproxima Massachusetts

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

Production build 0.71.5 2024