When you add or edit a nodequeue, you can select what roles are allowed to manipulate that queue. Unfortunately, this UI doesn't consider roles with "manipulate all queues" permissions. A few options:

A) Clarify this in the help text with something like "Note, roles with manipulate all queues permission will always be able to manipulate this queue, so they are not listed".

B) Put such roles into the UI with selected checkboxes which are disabled, with a note much like the one above, only "... so you can not prevent those roles from manipulating this queue unless you remove that permission first." (or something). This is slightly more self-evident UI, but will be more work.

I'm happy to work on a patch. In IRC, we decided (A) was probably good enough, but then Earl got excited about (B). So, I'm just awaiting marching-orders from Earl before I work on a patch. ;)

Comments

merlinofchaos’s picture

I would happily accept either A or B, dependign upon how much effort you are willing to put into it. I think B would be good UI (and we could actually leave all roles; disabled and checked for roles with ALL, disabled and unchecked for roles without manipulate permissions).

ezra-g’s picture

Priority: Minor » Normal

@dww: FYI, I have started working towards solution B.

[edit]Now that nodequeue supports modular access control, it makes sense to add a new hook, nodequeue_api_eligible_perms, which receives an array of permissions that are specific to manipulating a particular smartqueue. The motivation for this new hook is to maintain the consistency of this UI change for smartqueues.

For example: smartqueue_users.module defines 2 permissions that are specific to manipulating its own queues: "manipulate own user queue" and "manipulate all user queues". It wouldn't make sense to have enabled checkboxes for roles that have the "manipulate queues" permission but neither of these user queue-specific permissions.

Proposed hook definition:

function nodequeue_api_eligible_perms($queue = NULL) {
  $function = $queue->owner ."_eligible_perms";
  if (function_exists($function)) {
    $perms = $function();
  }
  return is_array($perms) ? $perms : array();
}

Example hook implementation with smartqueue_users:

function smartqueue_users_eligible_perms() {
  return array('manipulate user queues', 'manipulate all user queues');
}

Suggestions for improvements to this new hook are welcome.

ezra-g’s picture

Status: Active » Closed (duplicate)

Marked as a duplicate of #213074: Usability: Permissions are confusing, since this is a proposed solution to the problem at that larger thread.