Contrib.social

Implementing missing edit/view/delete own permissions for crm entities

Open on Drupal.org β†’
Created on 11 November 2019, over 5 years ago
Updated 10 October 2023, almost 2 years ago

Currently a user can have the permission to create CRM entities but if you want the user to edit only his own entities, this is not possible.

If found some dead code about this feature and fixed it.

Here is a patch that introduced the "view / edit own crm entities" permissions.

✨ Feature request
Status

Active

Version

3.0

Component

Code

Created by

πŸ‡¨πŸ‡­Switzerland ayalon

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

  • Comment almost 2 years ago β†’
    πŸ‡ΊπŸ‡ΈUnited States bluegeek9
  • First commit to issue fork.
  • Comment about 1 month ago β†’
    πŸ‡³πŸ‡ΏNew Zealand RoSk0 Wellington

    This issue is quite outdated - I can see a bunch of changes have been done in #2928452: Add "uid" entity key to contacts and fix key check in CRMCorePermissions::entityTypePermissions β†’ back in January 2020.

    I will check what test coverage we do have already for permissions and try to progress that as much as I can today/tomorrow.

    Not using existing MR as it has too much unrelated changes I'm struggling to follow.

  • Comment about 1 month ago β†’
    πŸ‡³πŸ‡ΏNew Zealand RoSk0 Wellington

    Current permission test coverage:

    • administer individual types - IndividualUiTest.php
    • administer organization types - OrganizationUiTest.php
    • revert organization revisions -
    • view all crm_core_individual revisions - IndividualUiTest.php
    • revert all crm_core_individual revisions - ^
    • view all crm_core_organization revisions - OrganizationUiTest.php
    • administer crm_core_individual entities - IndividualUiTest.php
    • create crm_core_individual entities - IndividualUiTest.php
    • edit own crm_core_individual entities -
    • edit any crm_core_individual entity - IndividualUiTest.php
    • view own crm_core_individual entities -
    • view any crm_core_individual entity - IndividualUiTest.php
    • create crm_core_individual entities of bundle customer - IndividualUiTest.php
    • edit own crm_core_individual entities of bundle customer -
    • edit any crm_core_individual entity of bundle customer - IndividualEditFormTest.php
    • delete own crm_core_individual entities of bundle customer -
    • delete any crm_core_individual entity of bundle customer - IndividualEditFormTest.php
    • view own crm_core_individual entities of bundle customer -
    • view any crm_core_individual entity of bundle customer - IndividualEditFormTest.php
    • administer crm_core_organization entities - OrganizationUiTest.php
    • create crm_core_organization entities -
    • edit own crm_core_organization entities -
    • edit any crm_core_organization entity - OrganizationEditFormTest.php
    • view own crm_core_organization entities -
    • view any crm_core_organization entity - OrganizationEditFormTest.php, OrganizationUiTest.php
    • create crm_core_organization entities of bundle - ^
    • edit own crm_core_organization entities of bundle -
    • edit any crm_core_organization entity of bundle - OrganizationEditFormTest.php
    • delete own crm_core_organization entities of bundle -
    • delete any crm_core_organization entity of bundle -
    • view own crm_core_organization entities of bundle -
    • view any crm_core_organization entity of bundle - OrganizationEditFormTest.php

    From the list above, I believe only delete any crm_core_organization entity of bundle permission is mandatory to be added for the base line to be solid. Adding test coverage in https://git.drupalcode.org/project/crm_core/-/merge_requests/43 .

    All the own permissions are nice to have from my point of view , but are not crucial - most use cases require more sophisticated access controls anyway. So I will leave this issue open for anyone who would like to contribute test coverage for those.

  • Comment about 1 month ago β†’
    System Message
    • rosk0 β†’ committed bd1fdd39 on 8.x-3.x 
      Issue #3093781: Test "delete any crm_core_organization entity of bundle...
  • Comment about 1 month ago β†’
    πŸ‡³πŸ‡ΏNew Zealand RoSk0 Wellington

    Forgot to update the title.

  • Comment about 1 month ago β†’
    System Message
contrib.social Blog FAQ Discussions
Production build 0.71.5 2024