Display implicit roles of group memberships

Created on 20 November 2024, about 1 month ago

Problem/Motivation

This is a follow-up to 🐛 An already assigned individual role can be made out/insider, leading to a crash in the permission calculation Needs review and 📌 Disallow the programmatic assignment of insider/outsider roles to members Active . At several places like group members view, view/edit group membership etc. only individual roles assigned to a group membership are displayed but no implicit roles (group roles with outsider and insider scope) and for subgroup roles inherited from a parent group.

Proposed resolution

All group roles a user "has" (because "assigned" is only correct for individual group roles) should be displayed at these places for usability purposes, or site/group admins might think something is wrong and these persons might not have the related permissions and create additional individual roles to assign to the users to fix an issue which doesn't exist.

In case of edit forms (like group membership) those roles should be listed there as well with the role name and scope of the role (eventually even the global/parent group inherited role name). There are multliple ways to do it, like checked and disabled checkboxes (which are not submitted to the form processing) or using a similar approach and the icons as for the entity.group_role.permissions_form form.

Feature request
Status

Active

Version

3.3

Component

User interface

Created by

🇦🇹Austria mvonfrie

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Production build 0.71.5 2024