Non-admins should be able to view connection roles

Open on Drupal.org →

Created on 15 May 2024, 7 months ago

Updated 16 May 2024, 7 months ago

Problem/Motivation

Households are a key feature of RedHen, and it should be possible to display household members and their role in the household to users in that household without them having to be administrators.

Steps to reproduce

SETUP

Build a view based on contacts with relationships to the contact's organization and the organization's connections.
Add a field to display the connection's role.
Add a contextual filter for contact's user ID, defaulting to the logged-in user.
Save the view.
Edit permissions for authenticated users to grant:
- RedHen Connections: Household Member: View active connections
- RedHen Connections: Contact: View own active connections
- RedHen Connections: View active connection entities
- RedHen Connections: View connection role entities

TEST
View the view as an administrator. Notice that you can see contact role for all members of the household.
View the view as an authenticated but non-admin user.

NOTICE: that you can see no contact roles for anyone in the household.
EXPECT: that you can see contact roles for all household members, given the permission grants mentioned above.

Proposed resolution

Observations:

The \Drupal\redhen_connection\Entity\ConnectionRole entity doesn't declare an access handler.
There is no ConnectionRoleAccessControlHandler class.

Proposed resolution:

Have the ConnectionRole entity declare an access handler.
Implement a \Drupal\redhen_connection\ConnectionRoleAccessControlHandler class to regulate access.
Use the available "view connection role entities" permission to grant view and view label access.
Use the available "administer connection role entities" permission for create, modify and delete operations.

User interface changes

None.

API changes

None.

Data model changes

None.

✨ Feature request

Status

Needs review

Version

2.1

Component

Connections

Created by

josephr5000@yahoo.com

Live updates comments and jobs are added and updated live.

redhen

Sign in to follow issues

Merge Requests

!19Non-admins should be able to view connection roles
Open
josephr5000@yahoo.com
updated 7 months ago

Comments & Activities

Issue created by @josephr5000@yahoo.com
Comment 7 months ago →
josephr5000@yahoo.com
Comment 7 months ago →
josephr5000@yahoo.com
Merge request !19Provide access control handler for ConnectionRole entities. #3447226 → (Open) created by josephr5000@yahoo.com
Pipeline finished with Success
7 months ago
Total: 151s
#172982
Status changed to Needs review 7 months ago4:58am 15 May 2024
Comment 7 months ago →
josephr5000@yahoo.com
Pipeline finished with Success
7 months ago
Total: 144s
#173007
Pipeline finished with Success
7 months ago
Total: 149s
#173561
Comment 7 months ago →
🇺🇸United States gcb
Definitely seems appropriate, and the code looks good to me. Let's call it reviewed but not yet tested, once we get some testing in this should definitely get merged into a release.
Assigned to gcb
Comment 7 months ago →
🇺🇸United States gcb
Comment 7 months ago →
josephr5000@yahoo.com
Adding a patch to snapshot current changes in MR19 so I can refer to it in my composer.json.

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024