Contrib.social

Add the ability to include all taxonomy terms without having to select them

Open on Drupal.org β†’
Created on 15 March 2021, about 4 years ago
Updated 8 June 2023, almost 2 years ago

Problem/Motivation

When configuring a schema with roles that have access to terms in a vocabulary there is a challenge keeping the configuration up to date as terms are added to the vocabulary. This can be avoided if there was an option in the configuration.

✨ Feature request
Status

Needs work

Version

1.0

Component

Code

Created by

πŸ‡¨πŸ‡¦Canada joel_osc

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

  • Comment almost 2 years ago β†’
    codebymikey
  • @codebymikey opened merge request.
  • Status changed to Needs review almost 2 years ago
  • Comment almost 2 years ago β†’
    codebymikey

    Attached a patch which addresses point #5

  • Comment 12 months ago β†’
    πŸ‡«πŸ‡·France PhilY πŸ‡ͺπŸ‡ΊπŸ‡«πŸ‡· Paris, France

    Patch #9 works for using using Drupal 10.2.5

  • Comment 14 days ago β†’
    mvnovick

    Summary

    Patch #9 works for Drupal 10.4.4 for a single taxonomy. However, I found a serious problem when multiple taxonomies are involved. Selecting all taxonomy terms individually or selecting the "all" option produce different results when several taxonomy fields pointing to different taxonomies are present in a node.

    I tried the following on a clean Drupal 10.4.4 install with patch #9 applied:

    Scenario 1

    1. Created taxonomy vocabulary "Taxonomy 1" with terms "T1-1" and "T1-2".
    2. Created taxonomy vocabulary "Taxonomy 2" with terms "T2-1" and "T2-2".
    3. Added fields "Taxonomy 1 Field" and "Taxonomy 2 Field" to the "Basic page" content type referring to "Taxonomy 1" and "Taxonomy 2" vocabularies, respectively.
    4. Created and published a "Basic page" node with term "T2-1" assigned to "Taxonomy 2 Field", and left "Taxonomy 1 Field" blank.
    5. Added vocabularies "Taxonomy 1" and "Taxonomy 2" to the Tac Lite module.
    6. Created a Tac Lite scheme with "view" permissions.
    7. Granted permissions to terms "T1-1" and "T1-2" in "Taxonomy 1" for the "Anonymous user" role. The "all" option was not selected.
    8. Rebuilt content permissions and cleared caches.

    Now the "Basic page" node is not accessible by the Anonymous user. This is correct because this user doesn't have permission to access any terms from "Taxonomy 2", and no terms from "Taxonomy 1" were assigned to "Taxonomy 1 Field".

    Scenario 2

    The same as above, only in step 7 permission was granted to all terms in "Taxonomy 1" for the "Anonymous user" role by selecting the "all" option.

    Now the "Basic page" node is accessible by the Anonymous user. This is incorrect because this user doesn't have any permissions to access terms from "Taxonomy 2" and can only access "Taxonomy 1" terms, but none were assigned to the node.

    Conclusion

    It looks like Tac Lite grants access to content when the "all" option is selected for a taxonomy field that is blank in the content, while access would be denied based on taxonomy terms present in other taxonomy fields. This can create serious content access violations on sites that use multiple taxonomies to restrict content access. There should be no change in Tac Lite functionality when all taxonomy terms are selected individually or when the "all" option is used.

contrib.social Blog FAQ Discussions
Production build 0.71.5 2024