Closed (duplicate)
Project:
Drupal core
Version:
8.0.x-dev
Component:
user system
Priority:
Major
Category:
Bug report
Assigned:
Unassigned
Issue tags:
Reporter:
Created:
22 Dec 2010 at 21:00 UTC
Updated:
29 Jul 2014 at 19:15 UTC
Jump to comment: Most recent file
Comments
Comment #1
mattyoung commentedIt addition to not getting the new content create/edit/delete permission, it seems the administrator role also does not get any new permission from newly install modules.
Comment #2
mr.baileysI'm unable to reproduce the "permission not added when installing modules"-bit of this issue (tried it on a fresh RC3 and permissions for a newly installed module where correctly added to the Administrator role).
It is correct though that the Administrator role does not pick up dynamic permissions (those permissions that are generated in hook_permission per content type, vocabulary, etc.). I'm not sure how to fix this as there doesn't seem to be a way to pick up on newly created permissions.
Comment #3
mattyoung commented>I'm unable to reproduce the "permission not added when installing modules"-bit of this issue (tried it on a fresh RC3 and permissions for a newly installed module where correctly added to the Administrator role).
what happen was I updated the module which included a new hook_permission in it.
I think we might also have this problem if module add new permission in new update.
Comment #4
scotwith1tWow, I'm really surprised this hasn't come up more. Fresh install of D7, no added modules, nothing. Administrator role has permissions to everything (duh). Add a new content type and/or taxonomy vocab and the permissions for that new content type (create, edit own, edit any, delete own, delete any) and for the new taxonomy vocab (edit terms, delete terms) are not automatically assigned to the administrator role. Ironically enough, many contrib modules do this just fine (views and ctools for example, admin gets administer views and bypass views access controls when modules are enabled. Flagging as
criticalcause this could confuse the crap out of new adopters!! Even more strange, you can still create these types of content as long as you have the admin role, even though the permission isn't checked. Tried with user 1 and added admin user as well.Comment #5
scotwith1tEDIT: changed back to normal, don't wanna ruffle any feathers, since technically it doesn't stop you from doing anything...
Comment #6
scotwith1tHow 'bout somewhere in between...not critical, but major. Certainly not intended behavior. Maybe this will get some love now :)
Comment #7
robloachIt's better to be specific with issue titles.
Comment #8
steven jones commentedI believe that the correct process is that bugs get fixed in D8, then backported to D7.
Also, this issue needs tests.
Comment #9
Désiré commentedI think this solution (#7) is wrong, because it will grant the permissions for all content types and vocabularies to the admin role, even if this permissions were taken previously.
Comment #10
Désiré commentedOh, and it will grant all permissions if a node type or a vocabulary was edited...
Comment #11
scotwith1tthat's totally intentional. the idea is to have a role that has all powers and doesn't have to be maintained to keep that "user 1" power from drupal 6 (accomplished via admin_role module in D6). you just need to set up a new role with less permissions than the administrator role.
Comment #12
David_Rothstein commentedSee #787152: Dynamic permissions cannot be automatically assigned to or removed from roles