Add configuration form, permissions to allow override

Context

One of the primary reasons we use config_readonly is to prevent users from editing configuration on the live site, but on occasion it may be necessary or preferable to allow that for quick bugfixes/changes that may take some time to get from dev, through staging or CI, and finally onto the production environment.

Potential Solutions

There are several ways I've thought this might work:

A permission set that allows users to bypass the config_readonly. Sites could have a sort of "sudoer" role with this permission that could be added, and since user roles are content, not config, this could allow an admin quick and easy access to momentarily bypass the readonly status. One potential problem is users turning on the 'sudoer' role and not removing it again after changing the config.

Create an administration form to enable/disable the readonly lock for the site. This has a similar problem as option #1, but for all users, not just users that add the special role.

A third option (and I'm not sure this is achievable) is to create an admin form like in #2, but instead of changing site config or user roles, uses the current user's session to bypass configuration. This should allow a user to bypass the lock while logged in with their current session.

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

Comment 8 months ago →
🇦🇷Argentina hanoii 🇦🇷UTC-3
I think a permission would just work, it is config but you set it as part of your deploy, so a role that have a perm can be assigned/removed from the user as necessary.

I can't think of an issue with the permission.

I also wanted to provide another means of setting the read only lock (globally) and I wondered if using state is also a nice alternative, as that can be changed on the fly through drush or other means.