Today the "administer site configuration" defined in the system module rules the access to the different configuration forms.

The problem is that these configuration pages have very different use and can be used by different people.

For example :
admin/settings/site-information : is a page that could be (should be) used by webmasters and site owners with little skill in Drupal administration. The same for the themes configuration page (global or specific).

On the contrary : admin/settings/clean-urls is a page that should be accessed by skilled administrator only. The same with admin/settings/performance or admin/settings/file-system.

Therefore I would suggest to split the current "administer site configuration" into two permissions :
* "Administer basic configuration" : for configuration page that require little skills and with no risk of bugging the site.
--> pages such as : site config, theme global config, theme specific setting, date settings

* "Administer advanced configuration" : for pages that requires advanced Drupal knowledge and that have an impact on site behaviour
--> other pages...

Then same reasonning may be done in the menu module and the block module (but it may be in a different issue).

Comments

ineation’s picture

ineation commented
Status: Active » Needs work

Sorry, I do not know (yet) how to patch.
Just doing the above would be quite simple.

First change the hook_perm for the system module :

/**
 * Implementation of hook_perm().
 */
function system_perm() {
  return array(
    'administer site configuration' => array(
      'title' => t('Administer site configuration'),
      'description' => t('Configure site-wide settings such as module or theme administration settings.'),
    ),
    'administer basic settings' => array(
      'title' => t('Administer basic settings'),
      'description' => t('Configure basic settings such as site title or date settings.'),
    ),

then modify the hook menu still for the system module :

For site settings admin page :


  $items['admin/settings/site-information'] = array(
    'title' => 'Site information',
    'description' => 'Change basic site information, such as the site name, slogan, e-mail address, mission, front page and more.',
    'page callback' => 'drupal_get_form',
    'page arguments' => array('system_site_information_settings'),
    'access arguments' => array('Administer basic settings'),

For date settings :

  $items['admin/settings/date-time'] = array(
    'title' => 'Date and time',
    'description' => "Settings for how Drupal displays date and time, as well as the system's default timezone.",
    'page callback' => 'drupal_get_form',
    'page arguments' => array('system_date_time_settings'),
    'access arguments' => array('Administer basic settings'),
  );

With that we allow non skilled webmasters to change the site title or slogan easily without giving them acess to complicate and risky settings such as performance...

sun’s picture

sun
Primary language German
Location Karlsruhe
commented
Status: Needs work » Closed (won't fix)

Sorry, but "basic" and "advanced" are too vague. There are a bunch of other issues that already try to limit the scope of "administer site configuration" in the queue already, which is why I'm marking this won't fix.