String freeze: "Access" versus "View" in Permissions

In cases like the contact form, view sounds quite bad, access seems more appropriate. While I agree that these can be improved, since these are permission names, it is past the point we can modify them (they need update functions, contrib modules might depend on them etc). We already did some permission modifications late, and now we are past the point where this would be workable. This would be a great improvement in Drupal 7 though.

Interesting improvement. I agree that there should be consistency here. I think that 'access' should be used when the user can do something with the permission while view should be used when the user can only see information. The following is a list of permissions using 'access' or 'view' (and the odd 'inspect' from poll.module) with a few modifications based on that definition.

• Aggregator: Access View news feeds
• Book: Access View printer-friendly version
• Contact: Access site-wide contact form
• Node: Access View content
• Node: View revisions
• Poll: Inspect View all votes
• Statistics: Access View statistics
• Statistics: View post access counter
• System: Access administration pages
• System: Access View site reports
• Upload: View uploaded files
• User: Access View user profiles

If others agree that these changes are good, I'll put together a quick patch.

tagging for novice queue

Since the last person mentioning a patch was at the end of January, I took a shot at creating a patch with the necessary changes.

P.S. - Please be kind as this is my first patch :)

I tweaked my GREPs to find some missing permissions and tests.

Nice work so far. Definitely a solid start. I believe you have successfully changed all of the perms to the new wording throughout the code, but there is still a bit of work to do.

@@ -87,7 +87,7 @@ function book_update_6000() {

This was probably just an overlooked changed by a bulk change, you should not be touching old update functions.

Secondly, you need to account for updates. When a site is being updated from Drupal 6, it is going to have the old permission strings stored in the database. Any permission string you change also needs an associated update in the .install file in hook_update_7000().

See the book_update_6000() referenced above for an example of this. Permissions for book were changed a bit from D5=>D6, so you can use this as a starting point for all of these changes.

Added Update functions and fixed an update which I should not have touched...

Very good, especially for a first patch! Few minor things:

+ * Update permissions to use new names

Needs a period at the end.

+  // Fix role permissions to account for the changed names
+  // Setup the array holding strings to match and the corresponding
+  // strings to replace them with.

Also needs a period. Newlines for new sentences are not necessary. You can just keep on going until you hit the 80 characters.

+    // Replace all the old permissions with the corresponding new permissions.
+    $fixed_perm = strtr($role->perm, $replace);
+    // Only save if the permissions have changed.
+    if ($fixed_perm != $role->perm) {
+      $ret[] = update_sql("UPDATE {permission} SET perm = '$fixed_perm' WHERE rid = $role->rid");
+    }

This can be done simpler:

// Only save if the permissions have changed.
if (isset($replace[$role->term])) {
  $ret[] = update_sql("UPDATE {permission} SET perm = '$replace[$role->term]' WHERE rid = $role->rid");
}

Keep up the good work! :)

It seems that the only two from that list that weren't changed were:

Contact: Access site-wide contact form
System: Access administration pages

I personally don't see a problem with using 'View' for these. As English is my native tongue, I don't see these as being clunky to say.

Contact: View site-wide contact form
System: View administration pages

While I can understand the OP position with using "Access" to describe an action (i.e it sounds like it gives permission to do something). I would opt for renaming "Access" to "Use", but thats another issue, I suppose.

Contact: Use site-wide contact form
System: Use administration pages

Should we open another issue for these two cases? Or should the discussion stay within this issue?

I'm not sure, although I have already rolled the "use" changes into the next patch...

status to needs review then

Full updated, applied the patch, fixed issues, created new patch, and *remembered to change status*. :)

Correction, I forgot to change the status...

The wording change seems solid, it is a good thing we are using more clear language for this - acces sounds to heavy for that cause.

This is a good idea, but I think it's too late for 7.x code slush.

If we re-rolled and applied this patch now, it would break the api that modules are relying on these access permissions.

I'm all for intelligent naming conventions. The notes about "use" and "view" are good. use/access imply read/write. view implies read.

Let's do this in 8.x first thing, so that it doesn't get any bigger (103k patch is alot). Or, break into smaller issues. Maybe module by module?

Moving to 8.x

We can still do this for the permission titles.