Contrib.social

Make it possible to hide the token field by default

Open on Drupal.org →
Created on 15 January 2025, 3 months ago

Problem/Motivation

If I wanted to make this available to our technical internal team, but not to the client, then I would write a couple lines of code to do that in a custom module.

Would be really nice to just have a checkbox :)

Steps to reproduce

Proposed resolution

Remaining tasks

User interface changes

API changes

Data model changes

Feature request
Status

Active

Component

Code

Created by

🇳🇴Norway eiriksm Norway

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Merge Requests

Comments & Activities

  • Issue created by @eiriksm
  • Comment 2 months ago
    🇬🇧United Kingdom marcelovani London

    This is a very good idea, I will put in my list of todos.
    If you want to contribute, feel free to send a PR and I will review.

  • Comment about 2 months ago
    🇬🇧United Kingdom marcelovani London

    @eiriksm, now that I am reading this again, I have a different comment.

    The access token is configured on the user's profile.
    This tokens are not supposed to be shared between users, each user should generate their own access token on their repositories and save on their own user accounts.

    The token can be scoped to specific repos and you can limit the permissions to allow only reading the repo and creating pull requests. There is no big danger.

    What are your concerns?

  • Comment about 2 months ago
    🇳🇴Norway eiriksm Norway

    Oh my concerns are more towards usability and confusion.

    If I have a colleague, for whom it will be faster to click a couple buttons on stage or prod and then get a PR out of it. Great. They can add a token to their user

    The administrator of my client website however. They will see the words access token and think this looks like an error or is noisy. They don't have a GitHub user. Heck, they don't know what GitHub is

    So it's rather easy for me to fix this in custom code, but I wanted to hear if this was a scenario the actual contrib project wanted to cater for directly 🤓

  • Merge request !9#3499909 Hide access token field from users that do not have the required permission. → (Merged) created by marcelovani
  • Comment about 2 months ago
    System Message
    • marcelovani committed 54fd4bd5 on 8.x-1.x 
      #3499909 Hide access token field from users that do not have the...
  • Comment about 2 months ago
    🇬🇧United Kingdom marcelovani London

    Thanks for the explanation.

    But on your use case, you are saying that people that log in as admin should not see the field. This is not a common pattern and people that log in as admin need to know what they are doing and will see a lot of configurations that may not make sense to non technical users.

    I agree that the field should not be visible to users that do not have the permission to create pull requests. This makes sense and I committed the code for that.

    If you want to hide the field from admin users, I recommend that you implement the same hook on a custom module.

    function my_module_form_user_form_alter(&$form, FormStateInterface $form_state, $form_id) {
  $field_name = 'field_config_pr_auth_token';
  if (isset($form[$field_name])) {
    $form[$field_name]['#access'] = FALSE;
  }
}
  • Comment about 2 months ago
    🇳🇴Norway eiriksm Norway

    What you committed is more or less exactly what I have been implementing only in custom code. So this is actually perfect!

    Thanks!

  • Comment about 1 month ago
    System Message

    Automatically closed - issue fixed for 2 weeks with no activity.

contrib.social Blog FAQ Discussions
Production build 0.71.5 2024