When you add or edit a nodequeue, you can select what roles are allowed to manipulate that queue. Unfortunately, this UI doesn't consider roles with "manipulate all queues" permissions. A few options:
A) Clarify this in the help text with something like "Note, roles with manipulate all queues permission will always be able to manipulate this queue, so they are not listed".
B) Put such roles into the UI with selected checkboxes which are disabled, with a note much like the one above, only "... so you can not prevent those roles from manipulating this queue unless you remove that permission first." (or something). This is slightly more self-evident UI, but will be more work.
I'm happy to work on a patch. In IRC, we decided (A) was probably good enough, but then Earl got excited about (B). So, I'm just awaiting marching-orders from Earl before I work on a patch. ;)
Comments
Comment #1
merlinofchaos commentedI would happily accept either A or B, dependign upon how much effort you are willing to put into it. I think B would be good UI (and we could actually leave all roles; disabled and checked for roles with ALL, disabled and unchecked for roles without manipulate permissions).
Comment #2
ezra-g commented@dww: FYI, I have started working towards solution B.
[edit]Now that nodequeue supports modular access control, it makes sense to add a new hook, nodequeue_api_eligible_perms, which receives an array of permissions that are specific to manipulating a particular smartqueue. The motivation for this new hook is to maintain the consistency of this UI change for smartqueues.
For example: smartqueue_users.module defines 2 permissions that are specific to manipulating its own queues: "manipulate own user queue" and "manipulate all user queues". It wouldn't make sense to have enabled checkboxes for roles that have the "manipulate queues" permission but neither of these user queue-specific permissions.
Proposed hook definition:
Example hook implementation with smartqueue_users:
Suggestions for improvements to this new hook are welcome.
Comment #3
ezra-g commentedMarked as a duplicate of #213074: Usability: Permissions are confusing, since this is a proposed solution to the problem at that larger thread.