This is a hold-over from the Drupal < 5 days when clicking the "administer" link led you to the list of watchdog logs. However, it's not intuitive at all that merely giving someone "access administration pages" permission is going to allow them to see everything under the watchdog menu, including the "status report" which can potentially give someone less trusted (say with "access administration pages" and "administer comments") sensitive information about the server and how it's configured.
I propose adding a new permission, "view watchdog information" (or something like that) and instead tying that menu item to that permission. That way it must be assigned explicitly, as opposed to being given out to anyone with access to the administration pages.
| Comment | File | Size | Author |
|---|---|---|---|
| #11 | access_reports.patch | 1.09 KB | pasqualle |
| #7 | logs_1.patch | 1.11 KB | webchick |
| #6 | logs_0.patch | 1.1 KB | webchick |
| #1 | logs.patch | 1.1 KB | webchick |
Comments
Comment #1
webchickUpdating version, and here's a patch.
Comment #2
joshk commented+1 for granularity; also, way to improve the style on the array there.
Comment #3
joshk commentedApplied clean and works as advertised.
Comment #4
dries commentedMakes sense. The only minor gripe I have is that "access logs" makes my brain think that i'll have access to "statistics logs" too. Or in other words, the line between 'access logs' and 'access statistics' might be thin. Or not?
The bigger trend is that we are slowly getting rid of the 'access administration pages'. That's a great change, and one I've been advocating for a couple years. After this patch, there are only 2 occurrences left. Not sure we can remove those.
Anyway, I decided not to commit this patch yet, so we can talk about this a little bit more. Maybe other people have additional recommendations or insights.
Good job webchick. :)
Comment #5
webchickHey, thanks!
I have no problem changing the permission name to something more descriptive (access system logs?). I too struggled with whether to restrict access to _all_ logs or just the status log, but that seemed the safest way to go at this point.
Though I actually _like_ the idea of keeping "access administration pages" around (or something equivalent for the "administer" menu), because now 5 comes with almost a built-in "dashboard" for anyone who has any type of admin access at all (administer comments/nodes, for example, which is common) -- a one-stop place to find all of the administrative tasks they have access to.
Comment #6
webchickHere's a re-roll with "access system logs" as the permission name. We might ultimately decide on a better one, but either way that's better than just "access logs" :)
Comment #7
webchickAhem. Should probably change the check in hook_menu too, huh? :P
Comment #8
dries commentedI've thought about this some more and I'm no longer convinced that the current behavior might be confusing. Going to think about it some more.
Comment #9
drummThe access administration pages permission is a bit useless. There is a series of other permissions which really determine access, such as this one we might add. I tried removing this permission awhile ago, http://drupal.org/node/11958, but couldn't think of a good enough solution.
Lets save permission rearrangement for later.
Comment #10
bdragon commentedAutopatch Results for logs_1.patch:
patching file modules/system/system.module
Hunk #1 FAILED at 49.
Hunk #2 FAILED at 279.
2 out of 2 hunks FAILED -- saving rejects to file modules/system/system.module.rej
Comment #11
pasquallererolled, with minor changes
not tested
Comment #12
pasquallehttp://drupal.org/node/203509