Include all permissions feature for role export

I can reproduce this problem. I believe the issue is that the permission component rebuild is occurring before the role rebuild so the roles do not exist when the permissions are saved.

This patch reverses the order of these two. Brief testing seems to reveal it works... would love some more eyes on this.

Greato http://drupal.org/cvs?commit=402998

I'm having the same problem with the latest version. I made a bunch of features with roles in them and installed the resulting modules in another site. The roles were all created, but they're all empty, no permissions assigned.

Just took another look and it's not just that permissions aren't assigned, they're missing completely. The content types were created, but the create/edit/delete permissions that should go along with them were not created. But then, I did assign permission to access content, and that as well is blank in the new role.

A sample feature is attached.

Vungar, considering enable order, was the feature with the roles enabled and had cache clear before/after/around some time as ones with permissions? Does doing a feature revert restore permissions?

Subscribe, been curious lately about how best to deal with when something needs to be rebuild/reverted due to something being enabled that produces a need for something being reverted; say enabling a feature with a content type, where as an earlier enabled feature as a field for it now, or like this, if a feature containing a role enabled when another feature contains permissions for it was already enabled for.

hefox, sorry, I'm not sure what you mean. None of the roles created by the features had any of their permissions enabled. Are you saying it makes a difference what order you enable the features in? I enabled all of them at the same time.

If a role does not exist before the permissions are done, then it does not assign the permissions. In the previous fix, it looks like yhahn changed the order so that for an individual feature, role would be done before. However, if a module is enabled that contains permissions before a module is enable that contains the roles, then the permissions would be built but cannot be assigned to non-existent role.

OK. I made a feature and I added a role to it. I didn't go into the permissions dropdown at all because all I wanted was for the role to be recreated with the permissions that I'd already assigned to it. I downloaded the feature, then uploaded it into another site. The role was created, but it had no permissions. Maybe I just don't understand how Features is supposed to work, but it seems to me that if the role has permissions in it and you recreate it, the permissions should be the same in the new version. Do I have to assign permissions to the role, and then assign them all over again in the feature? And anyway, suppose you make a new feature and you add a couple of roles to it and a couple of permissions. How does it know which permissions go with which roles?

Ah this is not related to the bug.

when you export a role, you just export the role existing. If you need a map to the permissions, you need to export the permission it has.

Exporting permissions is the map between permissions and roles.

Thanks hefox.

Hi Hefox. I'm still confused. Can you help me with a newbie version of the above and answer these questions, please:

If I create a Feature how can I assign permissions to each role?

Anonymous user?
Authenticated user?
Blogger (newly created role)?

Can I assign different permission per role in Features or if not, how do you do it? How do you export permissions?

Thanks.

#13 davecharles1966:

At #10, hefox is saying, at least I think, that
- exporting Roles with Features module just export "Roles". A role is just an entity in the roles table in the database, I guess. It has no additional data about what a user with that role can do on your site.
- If you want to export roles and their associated permissions you set on your development environment, you have to export Roles AND Permissions. You can do export Permissions with Features, too.

I am also a newbee of Features module, so I may be wrong, but hefox's words sounds like above to me.

I didn't play around with the patch at the top of the page here, so maybe that fixes things.

From what I can see (from our own experimentation), it looks like a Role 'Feature' does not include any associated permissions from that role. This was a bit of a gotcha to me and it would certainly be nice to be able to click a box and make this magically work ("include all permissions" box). Why would you want to export a role without the permissions? We certainly did want to include the permissions in the feature that exported the role.

Basically, we see that you have to include the permissions in the feature.

It was a little strange that during the permissions selection in the feature generation, we had to choose which permissions we would export. Once again, why would we only want to export _some_ of the permissions. Wouldn't a "check all" box here in the permissions export be great?

So the feature request is an : "Include all permissions" box somewhere when exporting a role.

Once we figured it out, it wasn't really too tricky to get what we wanted into the feature.

It would likely be easier using features hooks (there's a hook to add in new exports based on current exports, forget atm which one) to add all permissions for that exported role. I generally don't use the UI so not sure how hard it would be to implement via that.

However, I really just want to respond to 'why would you want to export a role without the permissions?' To us, roles are sorta meta data/top level and stored in a separate feature ('member', 'admin'), whereas our permissions are generally stored with the feature that relates to it, like create blog content permissions with the module that defines blog.

(I've seen a lot of criticism of Drupal, contrib modules, etc. because it's missing such and such feature, using phrasing like that to imply that it is obvious that it should be so, which generally seems (to me) inaccurate and ... overly aggressive?)

Certainly no aggression intended (perhaps slight frustration didn't migrate to the text interface). I was just trying to express that I (at that exact point in time when comment was written) conceptualised roles as a dynamic grouping of permissions.

Although, thinking about it, they are also sort of a user taxonomy in some cases. And no doubt other things when even more thought is put into it.

Fair call on the meta data angle.

The same problem, exporting role and permission doesn't work properly.

Closing this for lack of activity. Please re-open this issue if you can reproduce it in the latest version.