- Issue created by @John Franklin
- π³πΏNew Zealand quietone
Changes are made on 11.x, the main development branch first. Thanks.
The Access Policy API makes customized fine grained access easy to implement on any site. Modules can write policy services that grant or revoke permissions to any or all users, depending on context, such as time of day or what page they're on.
As someone who needs to audit the policies, it would be useful to have a list of the Policy services on a single page under Admin > Reports, similar to the field list report.
Add a couple functions to the AccessPolicyInterface that requires the policy to return a list of the affected permissions and a short description of what it is trying to accomplish. Add a page that collects the affected permissions and descriptions from each of the AccessPolicy services.
public function getAffectedPermissions(): array to AccessPolicyInterface
public function getPolicyDescription(): string to AccessPolicyInterface.
The initial implementation can log a warning that no permissions list or description is available for the policy. In Drupal 12, the two functions should be required.
Alternate implementation: use annotations for the permissions list and description.
Addition of an Access Policy report page.
"Access Policy API." (seriously, no one knows what this is.)
Active
11.2 π₯
other
Changes are made on 11.x, the main development branch first. Thanks.