The Translate tab is shown even though the logged-in user doesn't have the permission to translate content

Created on 16 November 2018, about 6 years ago
Updated 27 April 2024, 8 months ago

Problem/Motivation

In a multilingual site I set content access to enable translation for Basic page and another content type called "Club".
Permissions for "Translate Basic page content" are set for administrator only.
I need an editor to be able to translate content type "club" so I set permission for editor to "Translate Club content".

Now I am facing two problems:
1. If I do not set the "Create translations" permission for editor, there is no local task for "Translate" when editor views a "Club" node.
2. If I do set the "Create translations" permission for editor, there is a local task for "Translate" and all works fine but this "Translate" local task is also showing on other content types (which are not configured for editor translations).
When editor clicks on "Translate" for other content types (like Basic page) he gets the translation table but not edit or add option i.e you cannot really translate.

Steps to reproduce

  • Enable translation for 2 content types
  • Create a role and give permission to translate 1 of them. Give the user permission to create/edit/delete translations
  • When using that role visit a node of the other content type where you do not have translation permission.
  • You will now see a translation tab there even if you don't have permission to translate into that entity. When you click on the translation tab you will see all translations listed, but you cannot perform any actions.

Proposed resolution

  • Add check for bundle permission to function content_translation_translate_access

Remaining tasks

  • Review patch

User interface changes

  • Translation overview tab is only visible if user have necessary permissions to translate.

API changes

  • None

Data model changes

  • None

Release notes snippet

🐛 Bug report
Status

Needs work

Version

11.0 🔥

Component
Content translation 

Last updated 1 day ago

No maintainer
Created by

🇮🇱Israel taitai

Live updates comments and jobs are added and updated live.
  • Novice

    It would make a good project for someone who is new to the Drupal contribution process. It's preferred over Newbie.

Sign in to follow issues

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

  • Status changed to Needs review almost 2 years ago
  • Status changed to Needs work almost 2 years ago
  • 🇺🇸United States smustgrave

    This issue is being reviewed by the kind folks in Slack, #needs-review-queue-initiative. We are working to keep the size of Needs Review queue [2700+ issues] to around 400 (1 month or less), following Review a patch or merge request as a guide.

    Think this is very close!

    For the ContentTranslationOperationsTest tests can we some additional assertions.

    $node = $this->drupalCreateNode(['status' => FALSE, 'type' => 'article']);
    Think this should be $article_node

    Then a basic_node should be created.

    Then during each user test should make sure they do have access to things but think we should also check to make they don't have access to other things.

    Example if I have access to all can we check both content types
    If I have access to just articles can we check that and check I can't translate basic pages.

  • First commit to issue fork.
  • 🇫🇮Finland tohesi

    Re-rolled for latest 10.1.x.

  • 🇩🇪Germany larskleiner

    The tests in #90 don't apply on Drupal 10.2.3, I removed them for now.

  • First commit to issue fork.
  • 🇮🇳India sakthi_dev

    Re-rolled for latest 11.x.

  • First commit to issue fork.
  • Assigned to kekkis
  • 🇫🇮Finland kekkis Pirkkala
  • Issue was unassigned.
  • 🇫🇮Finland kekkis Pirkkala

    I am working on adding back the tests that were removed because they no longer applied in #91. I'm running into a problem where, in core/modules/content_translation/tests/src/Functional/ContentTranslationContextualLinksTest.php, an operation is tried with an admin user on admin/config/regional/content-language but even though $this->drupalLogin($this->rootUser); has been run, the HTML output states that the user has no access to the page.

    I'm wondering whether the new Super user access policy could have something to do with this problem, but from what I've been able to deduce so far, the services.yml in use for these tests is the default.services.yml in sites/default and that has the policy set to true, meaning UID 1 should still be all-powerful. I would be grateful for assistance as this is currently blocking me from advancing with the tests.

Production build 0.71.5 2024