Non-admins should be able to view connection roles

Created on 15 May 2024, about 1 month ago

Updated 16 May 2024, about 1 month ago

Problem/Motivation

Households are a key feature of RedHen, and it should be possible to display household members and their role in the household to users in that household without them having to be administrators.

Steps to reproduce

SETUP

Build a view based on contacts with relationships to the contact's organization and the organization's connections.
Add a field to display the connection's role.
Add a contextual filter for contact's user ID, defaulting to the logged-in user.
Save the view.
Edit permissions for authenticated users to grant:
- RedHen Connections: Household Member: View active connections
- RedHen Connections: Contact: View own active connections
- RedHen Connections: View active connection entities
- RedHen Connections: View connection role entities

TEST
View the view as an administrator. Notice that you can see contact role for all members of the household.
View the view as an authenticated but non-admin user.

NOTICE: that you can see no contact roles for anyone in the household.
EXPECT: that you can see contact roles for all household members, given the permission grants mentioned above.

Proposed resolution

Observations:

The \Drupal\redhen_connection\Entity\ConnectionRole entity doesn't declare an access handler.
There is no ConnectionRoleAccessControlHandler class.

Proposed resolution:

Have the ConnectionRole entity declare an access handler.
Implement a \Drupal\redhen_connection\ConnectionRoleAccessControlHandler class to regulate access.
Use the available "view connection role entities" permission to grant view and view label access.
Use the available "administer connection role entities" permission for create, modify and delete operations.

User interface changes

None.

API changes

None.

Data model changes

None.

✨ Feature request

Status

Needs review

Version

2.1

Component

Connections

Created by

josephr5000

Live updates comments and jobs are added and updated live.

redhen

Merge Requests

!19Non-admins should be able to view connection roles
Open
josephr5000
updated about 1 month ago

Comments & Activities

Issue created by @josephr5000
Comment about 1 month ago →
josephr5000
Comment about 1 month ago →
josephr5000
Merge request !19Provide access control handler for ConnectionRole entities. #3447226 → (Open) created by josephr5000
Pipeline finished with Success
about 1 month ago
Total: 151s
#172982
Status changed to Needs review about 1 month ago4:58am 15 May 2024
Comment about 1 month ago →
josephr5000
Pipeline finished with Success
about 1 month ago
Total: 144s
#173007
Pipeline finished with Success
about 1 month ago
Total: 149s
#173561
Comment about 1 month ago →
🇺🇸United States gcb
Definitely seems appropriate, and the code looks good to me. Let's call it reviewed but not yet tested, once we get some testing in this should definitely get merged into a release.
Assigned to gcb
Comment about 1 month ago →
🇺🇸United States gcb
Comment about 1 month ago →
josephr5000
Adding a patch to snapshot current changes in MR19 so I can refer to it in my composer.json.

contrib.social Blog FAQ Discussions

Production build 0.69.0 2024

Non-admins should be able to view connection roles

Problem/Motivation

Steps to reproduce

Proposed resolution

Observations:

Proposed resolution:

User interface changes

API changes

Data model changes

Merge Requests

!19Non-admins should be able to view connection rolesOpen

Comments & Activities

!19Non-admins should be able to view connection roles
Open