Contrib.social

Allow a role to be an administrator

Open on Drupal.org β†’
Created on 16 May 2023, over 1 year ago
Updated 28 July 2023, over 1 year ago

Problem/Motivation

The problem comes from πŸ“Œ Ensure no roles are "admin" roles (8.x) Fixed

Does it really add anything that there is no administrator role? This does not prevent you from assigning permissions considered as "dangerous" to users who should not have them.

From my point of view I see it as a delay rather than an advance, plus if the issue πŸ“Œ Add a container parameter that can remove the special behavior of UID#1 Fixed ends up going ahead, this will not be optional.

Steps to reproduce

Install paranoia and try to assign an 'administrator' role in /admin/config/people/accounts

Proposed resolution

Revert the development made in πŸ“Œ Ensure no roles are "admin" roles (8.x) Fixed

Remaining tasks

User interface changes

N/A

API changes

N/A

Data model changes

N/A

πŸ“Œ Task
Status

Needs review

Version

1.0

Component

Code

Created by

πŸ‡ͺπŸ‡ΈSpain dcimorra πŸ‡ͺπŸ‡Έ Spain

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

  • Issue created by @dcimorra
  • @dcimorra opened merge request.
  • Comment over 1 year ago β†’
    πŸ‡ͺπŸ‡ΈSpain dcimorra πŸ‡ͺπŸ‡Έ Spain
  • Assigned to dcimorra
  • Status changed to Needs review over 1 year ago
  • Comment over 1 year ago β†’
    πŸ‡ͺπŸ‡ΈSpain dcimorra πŸ‡ͺπŸ‡Έ Spain
  • Comment over 1 year ago β†’
    πŸ‡ΊπŸ‡ΈUnited States greggles Denver, Colorado, USA

    I think the feature you are trying to remove makes sense for this module. This module revokes some permissions from ever being assigned (I think? at least it used to) whereas the admin role concept grants all permissions to one role.

    So I'm against this proposal on concept.

  • Comment over 1 year ago β†’
    πŸ‡ͺπŸ‡ΈSpain dcimorra πŸ‡ͺπŸ‡Έ Spain

    Preventing a role from not being able to be assigned the admin privilege does not limit it from not being able to be assigned permissions that can lead to security breaches. The administrator role, like any other permission has to be assigned with care, but removing it is not a solution.

    The best solution, I think, would be to delegate the administrator privilege to that role, as proposed in the related issue 540008, and that only through this role, you have this privilege.

  • Comment over 1 year ago β†’
    solideogloria
contrib.social Blog FAQ Discussions
Production build 0.71.5 2024