Access bug on edit terms form

Created on 21 March 2025, 26 days ago

Problem/Motivation

My client would like editors to have access to the taxonomy manager but not have the "administer taxonomy" permission (so that they can edit terms but not vocabularies).

Currently, users without that permission get an ajax error when they select any terms on the TaxonomyMangerForm. This is because when they select a term, they get the _taxonomy_manager_access_check on the Edit taxonomy term form but the access check doesn't check the correct route parameter, which is 'tid'. So they get the loading spinner infinitely.

Steps to reproduce

Create a user that has the permission "edit vocabulary [vocabulary]" but not "administer taxonomy"
Go to /admin/structure/taxonomy_manager/voc/{taxonomy_vocabulary} and click on a term
Witness the spinning wheel of death

Proposed resolution

Check for the 'tid' parameter, load the vocabulary, check 'edit vocabulary [vocabulary]' permission

Remaining tasks

User interface changes

API changes

Data model changes

🐛 Bug report

Status

Active

Version

2.0

Component

Code

Created by

🇨🇦Canada laura.j.johnson@gmail.com Toronto

Live updates comments and jobs are added and updated live.

Merge Requests

!69Access bug on edit terms form
Open
Unnamed author
updated 26 days ago

Comments & Activities

Issue created by @laura.j.johnson@gmail.com
Merge request !69#3514624 Check if there is a tid parameter in the access checker → (Open) created by Unnamed author
Pipeline finished with Failed
26 days ago
Total: 193s
#454016
Pipeline finished with Success
26 days ago
Total: 162s
#454034
Comment 26 days ago →
🇨🇦Canada laura.j.johnson@gmail.com Toronto
Comment 26 days ago →
🇨🇦Canada laura.j.johnson@gmail.com Toronto
Comment 13 days ago →
🇺🇸United States alfattal Minnesota
Comment 13 days ago →
🇺🇸United States alfattal Minnesota
I'm having the same issue and the patch in MR !69 and it's fixed the issue for me.

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024