I'm on a project that needs delete revision permission for node authors. Right now this is only possible by giving them admin node permissions which is far more than needed. I would like to see node_revision_delete function to be accessible by node authors. This is the actual function in node.module:
function node_revision_delete($nid, $revision) {
if (user_access('administer nodes')) {
$node = node_load($nid);
if (node_access('delete', $node)) {
...
}
}
}
drupal_access_denied();
}
wouldn't it be enough to delete the first 'if (user_access('administer nodes'))'?? Are there any other implications in core on doing this? Is there any especial reason to restrict this function to 'administer nodes' permission?
I enclose a patch for this without this restriction to administer nodes for thsi function.
Comment | File | Size | Author |
---|---|---|---|
#4 | node_71.patch | 4.84 KB | robertgarrigos |
#2 | node_69.patch | 1.06 KB | robertgarrigos |
#1 | node_68.patch | 1.05 KB | robertgarrigos |
node_67.patch | 2.18 KB | robertgarrigos | |
Comments
Comment #1
robertgarrigos CreditAttribution: robertgarrigos commentedwouldn't it be better to have a new 'delete revision' permission? This is the patch for it.
Comment #2
robertgarrigos CreditAttribution: robertgarrigos commentedeven better with an 'administer revisions' one, so other modules working on revisions (ie: revision_moderation.module) only have to change their 'administer nodes' with an 'administer revisions'.
Comment #3
toemaz CreditAttribution: toemaz commentedYou have my support on this matter. The patch looks good.
We might have to work all together (diff & revision_moderation devs) to enhance the revision system in core. This is just one of several issues concerning the core revision system.
Comment #4
robertgarrigos CreditAttribution: robertgarrigos commentedI'm changing this to the 5.1 version which is the one I'm using. This new patch adds some changes to the node_access() function in order to have a new delete permission.
Comment #5
robertgarrigos CreditAttribution: robertgarrigos commentedComment #6
StevenPatznew features go in cvs
Comment #7
BioALIEN CreditAttribution: BioALIEN commentedYou also get my +1 for this. As toemaz pointed out, there are a few modules related to the revision system. Essentially some of these should be committed back into core because the current Drupal revision system sucks and is flawed in my opinion.
New patches need to go into HEAD then backported to 5.x and maybe 4.7.x.
Comment #8
robertgarrigos CreditAttribution: robertgarrigos commentedyou need to apply a patch to book.module also if you use revisions on book pages and this node patch
Comment #9
Leeteq CreditAttribution: Leeteq commented+1 for this
fyi - I mentioned this in the request for suggestions for v6 here:
http://drupal.org/node/148757#comment-243111
Comment #10
catchThere are now seperate "delete [node]" permissions from "edit [node]" which I think this tried to introduce. This seems enough of a change to bump it a version, and needs a reroll anyway.
Comment #11
PanchoLike catch said, let's bump it a version.
Comment #12
xmacinfoMarking this as fixed since this request is now part of D7 in Node permissions.
/admin/config/people/permissions#module-node
:-)