Create permission dependencies ("post comments without approval" should set "access comments")

Old issue with no feedback.
Probably doesn't apply to current version.

Moving it to fixed.

I reopen this issue, lest opening a new one would create a duplicate.

From an usability standpoint, "post comments without approval" should be a "child" of "post comments". Because the former implies the latter.

I tried it. I check "post comments without approval" while leaving "post comments" unchecked. Result is: no comment allowed at all. I can understand there is one case where this combo would be useful (one presently doesn't want comments, but once one will, comments will be unmoderated), but this is hardly a common case.

I suggest either to obey the 80/20 rule (work for the 80% of people) or to rephrase the "post comments without approval" permission (at least with a popup title tag)

There is no code to review here, so it is not Code Needs Review.

(dealing with first post) In some work flows, accessing comments may not be wanted even if people can post them.

The permission name can probably be clearer though.

OK, I did not know Needs review was for Code needs review.

When talking about "some workflows", something else comes to my mind: in 80% of cases, people who have the right to edit all nodes shall have the right their own post to (for instance: a forum). Now, I perfectly understand that there may be workflows where this is not the case (for instance, you can only correct others' contributions, not yours).

I think this is a case of 80 % of the uses for just 20 % of the cognitive complexity. I am not arguing Drupal shall ignore the special cases (like the correct-other-not-yourself example). I am just wondering if it could be possible to both continue allowing any scenario and making it simpler for most people. Versatility and simplicity at the same time.

I have a hard time understanding how it could be done, but I'm convinced there is a way. The best I can see right now is a popup menu saying something like "are you sure you really want a given user to be unable to edit every comment/post/projet/node SAVE its own? - yes, all sawe its own - no, all including its own - cancel"

But then, it would add another layer of coding complexity because of the wizard/pop-up thing.

Or maybe this wizard thing is not that stupid after all. But I have a tendancy to avoid piling up layers to make up for the complexity of the layer below. I see this as poisoned chalices.

Do you thing I should post this somewhere else? Where?

Reference: #438224: "Post comments without approval" permission name is completely misleading

As discussed in reference, we will need a new dependencies system attached to permissions. For example, setting Post without approval would automatically set Post comment.

Right now this is the only example I can see. But if and when we have dependencies in permissions, that could open the door to new permissions.

Yes, like automatically checking and graying custom roles once a permission is given to "authenticated user".

I think it's safe to mark this one as a duplicate of #381584: Hierarchical Permissions System.

I agree this is a duplicate.