Contrib.social

Dynamic scope with role granularity does not inherit authenticated permissions as expected

Open on Drupal.org →
Created on 31 May 2024, 6 months ago
Updated 25 June 2024, 5 months ago

Problem/Motivation

When creating a dynamic scope with role granularity for a custom role, the scope does not inherit authenticated permissions as it does in all other Drupal contexts. This is confusing.

The standard behavior for Drupal is this: if the authenticated role has "access content" permission, and another custom role called "premium" is created, it will inherit the “access content” permission from the authenticated role. All roles other than anonymous inherit permission from the authenticated role. Oddly, this inheritance does not appear to occur when a request is made with a simple oauth token. This leads to an inconsistent experience for users. A user with the premium role accessing the website through the browser will have different permissions than if they authenticate with the same account using a token with the same exact role.

This inheritance behavior is implicit in the Admin UI of Drupal. As an admin, I'm not even able to use the UI to explicitly assign the "access content" permission to the "premium" role if it’s already been granted to the authenticated role. The checkbox is already checked and in fact cannot be unchecked — inheritance is both default and mandatory.

Proposed resolution

The dynamic scope with role granularity should inherit permissions from the authenticated role, as it does in all other Drupal contexts.

🐛 Bug report
Status

Fixed

Version

6.0

Component

Code

Created by

🇺🇸United States grasmash

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Merge Requests

Comments & Activities

contrib.social Blog FAQ Discussions
Production build 0.71.5 2024