webform_default permission

Created on 27 November 2023, about 1 year ago
Updated 12 December 2023, about 1 year ago

I am using Webform on D10 with CKE5. A user noticed that they are no longer able to edit the "Form open message" (and similar) filed and instead see the error message "This field has been disabled because you do not have sufficient permissions to edit it." The user in question has a fairly high level of permission on the site.

After some digging, it seems that this notice appears when a user does not have permissions to use a text format. In the Webform settings if I change the "Element text format" from "Default" to one of my custom text formats, this error message goes away.

I've read that there is now a "webform_default" text format that is meant to be used only in Webform and is not accessible anywhere else. It seems like what is happening is this user does not have permissions to use that. I have gone through the various Webform permissions available, and none of them seem to make this error go away. This leads me to believe that there is a bug in Webform.

๐Ÿ› Bug report
Status

Fixed

Version

6.2

Component

Code

Created by

๐Ÿ‡บ๐Ÿ‡ธUnited States srdtwc Skokie, IL

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Merge Requests

Comments & Activities

  • Pipeline finished with Skipped
    over 1 year ago
    #14539
  • Issue created by @srdtwc
  • Status changed to Postponed: needs info about 1 year ago
  • ๐Ÿ‡บ๐Ÿ‡ธUnited States jrockowitz Brooklyn, NY

    Are you able to replicate the issue using a plain vanilla instance of Drupal?

    I am willing to bet that the updated configuration for the new webform_default filter was not properly exported.

    You should compare the configuration on a working plain vanilla instance of Drupal to your instance of Drupal.

  • Status changed to Active about 1 year ago
  • ๐Ÿ‡จ๐Ÿ‡ญSwitzerland berdir Switzerland

    We are seeing this as well.

    Interestingly, something seems to have changed, a new install on 6.2 seems to correctly grant authenticated the permission for that format, while updated sites do not. And on 6.2.0-beta6 that we have some sites on, neither seems to work, new install nor update. The site with 6.2 is also on Drupal core 10.2, not sure if that's involved.

    The roles property is special, it only is used at install time and set in \Drupal\filter\Entity\FilterFormat::postSave(). The problem is that you use the low-level config storage API to write that config directly, bypassing config entity hooks and other processing.

    Config imports must go through the config entity api layer, there's a special API for it, which looks a bit like this:

      $module_handler = \Drupal::moduleHandler();
      $config_storage = new FileStorage($module_handler->getModule($module)->getPath() . '/config/' . $config_type);
      $config_record = $config_storage->read($config_name);
    
      $entity_type = \Drupal::service('config.manager')->getEntityTypeIdByName($config_name);
      /** @var \Drupal\Core\Config\Entity\ConfigEntityStorageInterface $storage */
      $storage = \Drupal::entityTypeManager()->getStorage($entity_type);
      $entity = $storage->createFromStorageRecord($config_record);
      $entity->save();
      }
    

    (copy pasted together from some helper functions in our install profile).

    Plus extra logic when updating, but I guess you don't need that with the delete approach.

  • ๐Ÿ‡จ๐Ÿ‡ญSwitzerland berdir Switzerland

    Ah, I realized that I was looking the code between beta6 or so and 6.2.0 does mostly use that API (except using createFromStorage()), but that didn't account for sites that were already using a broken beta version.

    We're working on a patch that adds a new post update to make sure this also works for these sites. 6.2.0-beta6 was out there for long time, still has 20k installs and I imagine a lot of the 40k 6.2.0 installs updated from beta.

  • Status changed to Needs review about 1 year ago
  • ๐Ÿ‡จ๐Ÿ‡ญSwitzerland mathilde_dumond

    I tried my hand at a patch.

    I could update from beta7 to 6.2.0 and have the correct permissions set.

  • ๐Ÿ‡จ๐Ÿ‡ญSwitzerland berdir Switzerland
    +++ b/webform.post_update.php
    @@ -132,3 +132,10 @@ function webform_post_update_multiple_categories() {
    +  user_role_change_permissions('authenticated', ['use text format webform_default' => TRUE]);
    

    you can also use grant_permissions(), then the argument is a bit easier and don't need '=> TRUE').

  • Open on Drupal.org โ†’
    Core: 10.1.x + Environment: PHP 5.3 & MySQL 5.5
    last update about 1 year ago
    Waiting for branch to pass
  • Status changed to RTBC about 1 year ago
  • ๐Ÿ‡จ๐Ÿ‡ญSwitzerland berdir Switzerland

    We tested this on our projects.

  • Pipeline finished with Skipped
    about 1 year ago
    #59906
  • Open in Jenkins โ†’ Open on Drupal.org โ†’
    Core: 10.1.x + Environment: PHP 8.1 & MySQL 8
    last update about 1 year ago
    536 pass
  • Status changed to Fixed about 1 year ago
  • ๐Ÿ‡บ๐Ÿ‡ธUnited States jrockowitz Brooklyn, NY
  • ๐Ÿ‡บ๐Ÿ‡ธUnited States jrockowitz Brooklyn, NY
  • ๐Ÿ‡ฉ๐Ÿ‡ชGermany ammaletu Bonn, Germany

    I just updated to webforms module version 6.2.1, and now our deploy process stops at the first step, with the database updates:

    > [notice] Update started: webform_post_update_authenticated_user_permission
    > [error] Adding non-existent permissions to a role is not allowed. The incorrect permissions are "use text format webform_default".
    > [error] Update failed: webform_post_update_authenticated_user_permission
    [error] Update aborted by: webform_post_update_authenticated_user_permission
    [error] Finished performing updates.

    Any ideas how to get this working?

  • ๐Ÿ‡จ๐Ÿ‡ญSwitzerland berdir Switzerland

    from which version did you update? The text format should have been created by another post update. post updates don't have a dependency, so maybe this one did run first?

    We could harden the post update to check if the text format exists before trying to add the permission?

  • ๐Ÿ‡บ๐Ÿ‡ธUnited States Daltyn

    Running into the same issue as #13. tried using 6.2.1 and 6.2.x-dev

  • We also ran into this issue and like Berdir mentions we think the updates are applying in an order that prevents the new permission assignment from completing correctly.

    Commenting out;

    function webform_post_update_authenticated_user_permission() {
      user_role_grant_permissions('authenticated', ['use text format webform_default']);
    }

    in /modules/contrib/webform/webform.post_update.php does allow the updates to proceed.

    We then ran the updates again with that final update available and it applied cleanly.

  • Status changed to Needs work about 1 year ago
  • ๐Ÿ‡บ๐Ÿ‡ธUnited States jrockowitz Brooklyn, NY

    Let's reopen this and make the needed changes. Then, I will tag a new release.

  • Merge request !386Check for existence of filter format โ†’ (Closed) created by berdir
  • Open in Jenkins โ†’ Open on Drupal.org โ†’
    Core: 10.1.x + Environment: PHP 8.1 & MySQL 8
    last update about 1 year ago
    536 pass
  • Status changed to Needs review about 1 year ago
  • ๐Ÿ‡จ๐Ÿ‡ญSwitzerland berdir Switzerland

    Ok, I think post updates are alphabetically sorted, so sites updating from 6.1 will reliably run this one first.

    We could rename, but we really only care about this one for sites that did intermediate updates to/from 6.2 beta versions, so I think it's fine if we just add a check on the text format existing, if not, we can safely skip as the improved other function will now actually assign the permission.

    Created a MR for this and also as a patch, to apply it with composer if necessary.

  • Status changed to RTBC about 1 year ago
  • ๐Ÿ‡ฆ๐Ÿ‡บAustralia alex.skrypnyk Melbourne

    @berdir
    Thank you for adding the patch. I can confirm that the patch fixes the issue. We have several upgrade test (based on UpdatePathTestBase) that started to fail and this patch has resolved issues.

    @jrockowitz
    Is there any chance to get this release soon so that we do not have to drag this patch through projects.

  • Status changed to Fixed about 1 year ago
  • ๐Ÿ‡บ๐Ÿ‡ธUnited States jrockowitz Brooklyn, NY

    I tagged a new release.

    @berdir thank you

  • ๐Ÿ‡ซ๐Ÿ‡ทFrance mchamps Finistรจre

    After updating to Webform lastest version : composer require 'drupal/webform:^6.2'

    When I run drush updb I get the following error:

     --------- ---------------------- ------------- ----------------------------- 
      Module    Update ID              Type          Description                  
     --------- ---------------------- ------------- ----------------------------- 
      webform   authenticated_user_p   post-update   Issue #3404493:              
                ermission                            webform_default permission.  
     --------- ---------------------- ------------- ----------------------------- 
    
    
     Do you wish to run the specified pending updates? (yes/no) [yes]:
     > y
    
    
    In BatchStorage.php line 157:
                                                 
      Serialization of 'Closure' is not allowed  
                                                 

    I'm running
    Drupal version : 10.1.7
    Drush version : 12.4.3.0
    PHP version : 8.1.22

    Cheers
    Thanks

  • ๐Ÿ‡จ๐Ÿ‡ญSwitzerland berdir Switzerland

    No idea what those errors mean. Run drush with -vvv or so to see backtraces and more details.

  • ๐Ÿ‡ซ๐Ÿ‡ทFrance mchamps Finistรจre

    drush updb -vvv
    [preflight] Redispatch to site-local Drush: '/home/clients/b1fb8301c36d715ffc1f2723d230ea52/sites/uat/vendor/drush/drush/drush'.
    [preflight] Config paths: /home/clients/b1fb8301c36d715ffc1f2723d230ea52/sites/uat/vendor/drush/drush/drush.yml
    [preflight] Alias paths: /home/clients/b1fb8301c36d715ffc1f2723d230ea52/sites/uat/web/drush/sites,/home/clients/b1fb8301c36d715ffc1f2723d230ea52/sites/uat/drush/sites
    [preflight] Commandfile search paths: /home/clients/b1fb8301c36d715ffc1f2723d230ea52/sites/uat/vendor/drush/drush/src
    [info] Starting bootstrap to full [0.38 sec, 9.67 MB]
    [info] Drush bootstrap phase 5 [0.38 sec, 9.67 MB]
    [info] Try to validate bootstrap phase 5 [0.38 sec, 9.67 MB]
    [info] Try to validate bootstrap phase 5 [0.38 sec, 9.67 MB]
    [info] Try to bootstrap at phase 5 [0.38 sec, 9.67 MB]
    [info] Drush bootstrap phase: bootstrapDrupalRoot() [0.38 sec, 9.67 MB]
    [info] Change working directory to /home/clients/-----/sites/uat/web [0.38 sec, 9.67 MB]
    [info] Initialized Drupal 10.1.7 root directory at /home/clients/-----/sites/uat/web [0.38 sec, 9.72 MB]
    [info] Try to validate bootstrap phase 5 [0.38 sec, 9.72 MB]
    [info] Try to bootstrap at phase 5 [0.38 sec, 10.16 MB]
    [info] Drush bootstrap phase: bootstrapDrupalSite() [0.38 sec, 10.16 MB]
    [debug] Could not find a Drush config file at sites/default/drush.yml. [0.39 sec, 10.33 MB]
    [info] Initialized Drupal site default at sites/default [0.39 sec, 10.33 MB]
    [info] Try to validate bootstrap phase 5 [0.39 sec, 10.33 MB]
    [info] Try to bootstrap at phase 5 [0.39 sec, 10.33 MB]
    [info] Drush bootstrap phase: bootstrapDrupalConfiguration() [0.39 sec, 10.33 MB]
    [info] Try to validate bootstrap phase 5 [0.39 sec, 10.58 MB]
    [info] Try to bootstrap at phase 5 [0.4 sec, 11.16 MB]
    [info] Drush bootstrap phase: bootstrapDrupalDatabase() [0.4 sec, 11.16 MB]
    [info] Successfully connected to the Drupal database. [0.4 sec, 11.16 MB]
    [info] Try to validate bootstrap phase 5 [0.4 sec, 11.16 MB]
    [info] Try to bootstrap at phase 5 [0.4 sec, 11.16 MB]
    [info] Drush bootstrap phase: bootstrapDrupalFull() [0.4 sec, 11.16 MB]
    [debug] Start bootstrap of the Drupal Kernel. [0.4 sec, 11.16 MB]
    [debug] Get container builder [0.46 sec, 13.54 MB]
    [debug] Finished bootstrap of the Drupal Kernel. [0.74 sec, 29.67 MB]
    [debug] Loading drupal module drush commands & etc. [0.74 sec, 29.67 MB]
    [debug] Found drush.services.yml for image_effects Drush commands [0.75 sec, 29.91 MB]
    [debug] Found drush.services.yml for simple_sitemap Drush commands [0.75 sec, 29.91 MB]
    [debug] Found drush.services.yml for token Drush commands [0.75 sec, 29.91 MB]
    [debug] Found drush.services.yml for typed_data Drush commands [0.75 sec, 29.91 MB]
    [debug] Found drush.services.yml for webform Drush commands [0.75 sec, 29.91 MB]
    [debug] Found drush.services.yml for webform_scheduled_email Drush commands [0.75 sec, 29.91 MB]
    [debug] Add a commandfile class: Drush\Drupal\Commands\sql\SanitizeCommands [1.01 sec, 45.74 MB]
    [debug] Add a commandfile class: Drush\Drupal\Commands\sql\SanitizeCommentsCommands [1.01 sec, 45.75 MB]
    [debug] Add a commandfile class: Drush\Drupal\Commands\sql\SanitizeSessionsCommands [1.01 sec, 45.75 MB]
    [debug] Add a commandfile class: Drush\Drupal\Commands\sql\SanitizeUserFieldsCommands [1.01 sec, 45.75 MB]
    [debug] Add a commandfile class: Drush\Drupal\Commands\sql\SanitizeUserTableCommands [1.01 sec, 45.76 MB]
    [debug] Add a commandfile class: Drupal\advagg\Commands\AdvaggCommands [1.01 sec, 45.76 MB]
    [debug] Add a commandfile class: Drupal\colorbox\Commands\ColorboxCommands [1.01 sec, 45.78 MB]
    [debug] Add a commandfile class: Drupal\image_effects\Commands\ImageEffectsCommands [1.01 sec, 45.78 MB]
    [debug] Add a commandfile class: Drupal\simple_sitemap\Commands\SimpleSitemapCommands [1.01 sec, 45.79 MB]
    [debug] Add a commandfile class: Drupal\smart_date\Commands\SmartDateDrushCommands [1.01 sec, 45.8 MB]
    [debug] Add a commandfile class: Drupal\token\Commands\TokenCommands [1.01 sec, 45.8 MB]
    [debug] Add a commandfile class: Drupal\typed_data\Commands\TypedDataCommands [1.01 sec, 45.81 MB]
    [debug] Add a commandfile class: Drupal\upgrade_status\Commands\UpgradeStatusCommands [1.01 sec, 45.82 MB]
    [debug] Add a commandfile class: Drupal\webform\Commands\WebformSubmissionCommands [1.01 sec, 45.83 MB]
    [debug] Add a commandfile class: Drupal\webform\Commands\WebformLibrariesCommands [1.02 sec, 45.86 MB]
    [debug] Add a commandfile class: Drupal\webform\Commands\WebformUtilityCommands [1.02 sec, 45.88 MB]
    [debug] Add a commandfile class: Drupal\webform\Commands\WebformDocumentationCommands [1.02 sec, 45.88 MB]
    [debug] Add a commandfile class: Drupal\webform\Commands\WebformDevelCommands [1.02 sec, 45.89 MB]
    [debug] Add a commandfile class: Drupal\webform\Commands\WebformSanitizeSubmissionsCommands [1.02 sec, 45.9 MB]
    [debug] Add a commandfile class: Drupal\webform_scheduled_email\Commands\WebformScheduledEmailCommands [1.02 sec, 45.9 MB]
    [debug] Add a commandfile class: Drupal\pathauto\Commands\PathautoCommands [1.02 sec, 45.9 MB]
    [info] Executing: /home/clients/-----/sites/uat/vendor/bin/drush updatedb:status --verbose --strict=0 --uri=default [1.23 sec, 53.75 MB]
    --------- ---------------------- ------------- -----------------------------
    Module Update ID Type Description
    --------- ---------------------- ------------- -----------------------------
    webform authenticated_user_p post-update Issue #3404493:
    ermission webform_default permission.
    --------- ---------------------- ------------- -----------------------------

    Do you wish to run the specified pending updates? (yes/no) [yes]:
    > y

    In BatchStorage.php line 157:

    [Exception]
    Serialization of 'Closure' is not allowed

    Exception trace:
    at /home/clients/-----/sites/uat/web/core/lib/Drupal/Core/Batch/BatchStorage.php:157
    serialize() at /home/clients/-----/sites/uat/web/core/lib/Drupal/Core/Batch/BatchStorage.php:157
    Drupal\Core\Batch\BatchStorage->doCreate() at /home/clients/-----/sites/uat/web/core/lib/Drupal/Core/Batch/BatchStorage.php:141
    Drupal\Core\Batch\BatchStorage->create() at /home/clients/-----/sites/uat/web/core/lib/Drupal/Core/ProxyClass/Batch/BatchStorage.php:107
    Drupal\Core\ProxyClass\Batch\BatchStorage->create() at /home/clients/-----/sites/uat/vendor/drush/drush/includes/batch.inc:146
    _drush_backend_batch_process() at /home/clients/-----/sites/uat/vendor/drush/drush/includes/batch.inc:55
    drush_backend_batch_process() at /home/clients/-----/sites/uat/vendor/drush/drush/src/Commands/core/UpdateDBCommands.php:410
    Drush\Commands\core\UpdateDBCommands->updateBatch() at /home/clients/-----/sites/uat/vendor/drush/drush/src/Commands/core/UpdateDBCommands.php:73
    Drush\Commands\core\UpdateDBCommands->updatedb() at n/a:n/a
    call_user_func_array() at /home/clients/-----/sites/uat/vendor/consolidation/annotated-command/src/CommandProcessor.php:276
    Consolidation\AnnotatedCommand\CommandProcessor->runCommandCallback() at /home/clients/-----/sites/uat/vendor/consolidation/annotated-command/src/CommandProcessor.php:212
    Consolidation\AnnotatedCommand\CommandProcessor->validateRunAndAlter() at /home/clients/-----/sites/uat/vendor/consolidation/annotated-command/src/CommandProcessor.php:176
    Consolidation\AnnotatedCommand\CommandProcessor->process() at /home/clients/-----/sites/uat/vendor/consolidation/annotated-command/src/AnnotatedCommand.php:391
    Consolidation\AnnotatedCommand\AnnotatedCommand->execute() at /home/clients/-----/sites/uat/vendor/symfony/console/Command/Command.php:326
    Symfony\Component\Console\Command\Command->run() at /home/clients/-----/sites/uat/vendor/symfony/console/Application.php:1081
    Symfony\Component\Console\Application->doRunCommand() at /home/clients/-----/sites/uat/vendor/symfony/console/Application.php:320
    Symfony\Component\Console\Application->doRun() at /home/clients/-----/sites/uat/vendor/symfony/console/Application.php:174
    Symfony\Component\Console\Application->run() at /home/clients/-----/sites/uat/vendor/drush/drush/src/Runtime/Runtime.php:110
    Drush\Runtime\Runtime->doRun() at /home/clients/-----/sites/uat/vendor/drush/drush/src/Runtime/Runtime.php:40
    Drush\Runtime\Runtime->run() at /home/clients/-----/sites/uat/vendor/drush/drush/drush.php:139
    require() at /home/clients/-----/sites/uat/vendor/drush/drush/drush:4

  • Automatically closed - issue fixed for 2 weeks with no activity.

  • Pipeline finished with Success
    9 months ago
    Total: 181s
    #131561
  • Pipeline finished with Success
    9 months ago
    Total: 246s
    #131569
  • Pipeline finished with Success
    about 2 months ago
    Total: 681s
    #327074
  • Pipeline finished with Failed
    about 2 months ago
    Total: 623s
    #329151
  • Pipeline finished with Success
    about 2 months ago
    Total: 483s
    #329237
  • Pipeline finished with Success
    about 2 months ago
    Total: 839s
    #330176
  • Pipeline finished with Success
    about 1 month ago
    Total: 662s
    #336661
  • Pipeline finished with Canceled
    about 1 month ago
    Total: 201s
    #338013
  • Pipeline finished with Success
    about 1 month ago
    Total: 727s
    #338014
  • Pipeline finished with Failed
    about 1 month ago
    Total: 543s
    #338066
  • Pipeline finished with Success
    about 1 month ago
    Total: 509s
    #338551
  • Pipeline finished with Failed
    about 1 month ago
    Total: 321s
    #340034
  • Pipeline finished with Failed
    about 1 month ago
    Total: 988s
    #340040
  • Pipeline finished with Failed
    about 1 month ago
    Total: 820s
    #340139
  • Pipeline finished with Success
    about 1 month ago
    Total: 499s
    #342428
  • Pipeline finished with Failed
    about 1 month ago
    Total: 512s
    #347584
  • Pipeline finished with Failed
    about 1 month ago
    Total: 461s
    #347785
  • Pipeline finished with Failed
    about 1 month ago
    Total: 326s
    #347793
  • Pipeline finished with Success
    about 1 month ago
    Total: 1037s
    #347798
Production build 0.71.5 2024