Add Role-Based Authentication for Sensitive Commands

Created on 5 November 2024, 3 months ago

Problem/Motivation

Currently, commands like drush pm:uninstall and drush updb can be run after a user is authenticated, but we need an additional layer of security to restrict command execution to specific user roles.

Steps to reproduce

Configure sensitive/critical Drush command like drush pm:uninstall
Run pm:uninstall module_name
Authenticate with valid credentials.
Observe that any authenticated user can run the command without any role-based restrictions.

Proposed resolution

Add a role-based authentication check to sensitive/critical Drush commands to ensure that only users with specific roles can execute them.

✨ Feature request

Status

Active

Version

1.0

Component

Code

Created by

🇮🇳India dev2.addweb

Live updates comments and jobs are added and updated live.

user roles

Merge Requests

!1Add Role-Based Authentication for Sensitive Commands
Open
Unnamed author
updated 3 months ago

Comments & Activities

Issue created by @dev2.addweb
Merge request !1Added Role based authentication. → (Open) created by Unnamed author
Comment 3 months ago →
🇮🇳India dev2.addweb
I have added Role-Based Authentication, Please review it.

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024