This issue is the D7 equivalent of 📌 Increase access level required for content permissions rebuilds Fixed . The description below is taken from that issue.
/admin/reports/status/rebuild is accessible to any user with the access administration pages permission. Rebuilding permissions can be a long and very disruptive process for sites with lots of content access permissions and should be restricted to a higher level of permission.
In fact, the final step of the rebuild process redirects the user to /admin/reports/status which requires the administer site configuration so for certain configurations the user will be redirected to a 403 Access Denied message after the rebuild completes.
access administration page permission but not the administer site configuration permission.Create a backport of 📌 Increase access level required for content permissions rebuilds Fixed :
Use the administer nodes permissions for access control to the rebuild form and operation.
This means the user could still end up with a 403 Access Denied without the additional administer site configuration permission but administer site configuration feels like it does not fit quite as well for the rebuild permission.
Create a branch with the propose change.
None.
None.
None.
Rebuilding permissions now requires the administer nodes permission →
. Previously only the access administration pages permission was required. Site owners should review and adjust permissions as necessary to ensure proper access to the rebuild permissions functionality.
Needs review
7.0 ⚰️