Contrib.social

Ability to use a transition should respect entity admin permission if available

Open on Drupal.org β†’
Created on 20 September 2023, over 1 year ago
Updated 4 April 2024, 9 months ago

Problem/Motivation

If a user has permission to administer an entity type that is under content moderation, they may not be able to edit an entity. This is because \Drupal\content_moderation\StateTransitionValidation::getValidTransitions checks for transition access. If a user has permission to administer an entity, they should automatically be able to use any transition.

This also is needed in \Drupal\content_moderation\StateTransitionValidation::isTransitionValid

Steps to reproduce

Grant administer nodes and bypass node access to a role. Add content moderation to a content type. Try to edit the role without any content moderation permissions. Get access denied.

Proposed resolution

\Drupal\content_moderation\StateTransitionValidation::getValidTransitions should check if the entity type has an admin permission. If it does and the user has the permission, return all transitions.

Remaining tasks

User interface changes

API changes

Data model changes

Release notes snippet

✨ Feature request
Status

Needs work

Version

11.0 πŸ”₯

Component
Content moderationΒ  β†’

Last updated 6 days ago

  • Maintained by
  • πŸ‡¦πŸ‡ΊAustralia @Sam152
Created by

πŸ‡ΊπŸ‡ΈUnited States mglaman WI, USA

Live updates comments and jobs are added and updated live.
  • Needs tests

    The change is currently missing an automated test that fails when run with the original code, and succeeds when the bug has been fixed.

Sign in to follow issues

Merge Requests

Comments & Activities

contrib.social Blog FAQ Discussions
Production build 0.71.5 2024