Contrib.social

Access bug on edit terms form

Open on Drupal.org β†’
Created on 21 March 2025, about 2 months ago

Problem/Motivation

My client would like editors to have access to the taxonomy manager but not have the "administer taxonomy" permission (so that they can edit terms but not vocabularies).

Currently, users without that permission get an ajax error when they select any terms on the TaxonomyMangerForm. This is because when they select a term, they get the _taxonomy_manager_access_check on the Edit taxonomy term form but the access check doesn't check the correct route parameter, which is 'tid'. So they get the loading spinner infinitely.

Steps to reproduce

  1. Create a user that has the permission "edit vocabulary [vocabulary]" but not "administer taxonomy"
  2. Go to /admin/structure/taxonomy_manager/voc/{taxonomy_vocabulary} and click on a term
  3. Witness the spinning wheel of death

Proposed resolution

Check for the 'tid' parameter, load the vocabulary, check 'edit vocabulary [vocabulary]' permission

Remaining tasks

User interface changes

API changes

Data model changes

πŸ› Bug report
Status

Active

Version

2.0

Component

Code

Created by

πŸ‡¨πŸ‡¦Canada laura.j.johnson@gmail.com Toronto

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Merge Requests

Comments & Activities

contrib.social Blog FAQ Discussions
Production build 0.71.5 2024