Move Access Tokens UI to an entity Local Task / Tab

Created on 23 January 2023, over 1 year ago
Updated 7 March 2024, 3 months ago

Problem/Motivation

Originally, the access tokens UI is on the entity's edit form. This is not ideal for the following reasons:

  • The access tokens created on the entity's edit form are created independently from the entity edit form. Meaning, you do not have to save the entity form in order to create the access tokens.
  • Having the access token form on the entity form is confusing to users for editing and creating the access tokens. Having it on the edit form implies that they have to save the entity form in order to save any change to the access tokens, however this is not true. Once you change anything for the access tokens that change has been made to the access tokens.
  • The access tokens fieldset visibility depends on the entity's published state. The user is editing the entity where they can change the published state when they save the entity form.
    Example:
    • Entity is published originally.
    • A user edits the entity. There are no access tokens displayed on the entity edit form.
    • The user saves the page as a Draft (when using moderation)
    • In order to get to the access tokens, the user must edit the entity again. Issues with this workflow:
      (1) This is counterintuitive since there is the entity does not need changed again at this point.
      (2) The user may not have access to edit the entity again depending on the moderation states / workflows / permissions configured on the site. Example: "Needs Reviewed" where only an editor can edit the entity.
  • Limiting the scope of the entity form alter can be programmatic as seen in #2912066: Only display unpublished access form elements on relevant forms β†’ and #3164509: Authenticated user can manage unpublished access tokens on node delete page β†’

Proposed User interface changes

  1. Add an entity local task / tab for the access tokens UI.
  2. Optional: Remove the original entity edit form fieldset for the access tokens.
✨ Feature request
Status

RTBC

Version

1.0

Component

User interface

Created by

πŸ‡ΊπŸ‡ΈUnited States recrit

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

  • Issue created by @recrit
  • @recrit opened merge request.
  • Status changed to Needs review over 1 year ago
  • πŸ‡ΊπŸ‡ΈUnited States recrit

    Attached is a static patch of MR 9 that can be used for builds.
    The changes made:

    • Adds an entity local task / tab for the access tokens UI.
    • Adds a config setting to enable the new local task. This config setting was added to be less obtrusive for existing sites using access_unpublished. Ideally, this config setting should be removed and then the entity edit form's access tokens fieldset should be removed - this would leave the only UI to be on the new local task.
  • πŸ‡ΊπŸ‡ΈUnited States recrit

    Screenshot for reference:

  • πŸ‡ΊπŸ‡ΈUnited States recrit

    Updated static patch of MR 9 to manage access tokens on a local task or the entity edit form, but not both.

  • πŸ‡ΊπŸ‡ΈUnited States recrit

    Updated static patch of MR 9

  • πŸ‡ΊπŸ‡ΈUnited States Dave Reid Nebraska πŸ‡ΊπŸ‡Έ

    +1 for this

  • πŸ‡ΊπŸ‡ΈUnited States dwisnousky

    #6 worked for us! Going to create a patch off of the MR diff to be safe. Nice work! Thank you!

  • πŸ‡ΊπŸ‡ΈUnited States dwisnousky

    #8 was a dirty patch. Sorry, fam!

  • Open in Jenkins β†’ Open on Drupal.org β†’
    Core: 9.5.x + Environment: PHP 7.4 & MySQL 8
    last update about 1 year ago
    11 pass
  • πŸ‡¬πŸ‡§United Kingdom smaz England, UK

    I've been using patch #9 in production for around 2 months now on a very active site & had no issues.

    Having a look at the code in more detail, just a couple of minor nitpicks:

    +/**
    + * Implements hook_entity_type_alter().
    + */
    +function access_unpublished_entity_type_alter(array &$entity_types) {
    +  // Provide link templates for the access-tokens route on all applicable
    +  // entity types.
    +  /** @var \Drupal\Core\Entity\EntityTypeInterface[] $entity_types */
    +  foreach ($entity_types as $entity_type) {
    +    if (AccessUnpublished::applicableEntityType($entity_type) &&
    +        $entity_type->hasLinkTemplate('canonical')) {
    +      if (!$entity_type->hasLinkTemplate('access-tokens')) {
    +        $entity_type->setLinkTemplate('access-tokens', $entity_type->getLinkTemplate('canonical') . '/access-tokens');
    +      }
    +    }
    +  }
    +}

    AccessUnpublished::applicableEntityType already checks for the entity type having the canonical link template, so we probably don't need to check that here too?

    + * Build the access token overview form for the provied entity.
    Typo in provided

    * Subscriber for entity access_unpublish routes.
    I think this should be access_unpublished

    Apart from that, all seems ok - will try to update the merge request with the above.

  • Open in Jenkins β†’ Open on Drupal.org β†’
    Core: 9.5.x + Environment: PHP 7.4 & MySQL 8
    last update 12 months ago
    11 pass
  • Open in Jenkins β†’ Open on Drupal.org β†’
    Core: 9.5.x + Environment: PHP 7.4 & MySQL 8
    last update 11 months ago
    11 pass
  • πŸ‡ΊπŸ‡ΈUnited States recrit

    adding a static patch of MR9 for builds to use.

  • Status changed to RTBC 11 months ago
  • πŸ‡ΊπŸ‡ΈUnited States recrit
  • πŸ‡ΊπŸ‡ΈUnited States DamienMcKenna NH, USA

    While this works well, I think it might be better to rename the tab to something more meaningful than "Access tokens".

Production build 0.69.0 2024