Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
It would be nice to allocate the "adminster OG menus" permission by group roles rather than drupal roles.
Comment | File | Size | Author |
---|---|---|---|
#9 | og_menu_og_permission-1278060-9.patch | 3.03 KB | jgraham |
#8 | og_menu_og_permission-1278060-8.patch | 3.04 KB | jgraham |
#5 | og_menu_og_permission-1278060-7.x-2.x.patch | 1.01 KB | zengenuity |
Comments
Comment #1
izmeez CreditAttribution: izmeez commentedsubscribing
Comment #2
rv0 CreditAttribution: rv0 commentedInteresting, will look into it.
Can you provide an example use case where this would be useful?
Comment #3
bulldozer2003You may want a group moderator/editor who can add/edit/remove menu items without being a group administrator.
You may want to restrict which OG members can add content links to the menu.
I suggest two OG permissions be created:
and the current role permission removed.
Comment #4
rv0 CreditAttribution: rv0 commentedThis will be postponed for the next branch as it will break existing setups when upgrading.
Comment #5
zengenuity CreditAttribution: zengenuity commentedAttached is a patch that implements this, without changing the actual permissions levels. This doesn't do as much as suggested in #3. It just exposes the existing "administer og menu" permission through the Organic Groups custom permissions interface. This allows you to designate a non-group-admin role that can manage the menu. It works in my setup. One question I had though is in og_menu_access() you are checking for:
A non-group-admin is not going to be able to do that and it prevents that user from even seeing the Menus tabs on the group. So, I replaced with it with:
That more explicitly checks for og menu admin permission, but there may be something I'm missing here. Why did you have it checking for node update access before?
This patch is again og_menu-7.x-2.x-dev.
Comment #6
jgraham CreditAttribution: jgraham commentedThe patch in comment 5 applies cleanly and provides the functionality as defined in the initial ticket. Also as far as I can tell it addresses the functionality described in comment 3 too. I think I might be missing something on the functionality described in 3 though.
I cannot tell how this would break existing sites.
Steps for setup:
As long as no og roles are given the 'Administer OG Menus' permission I cannot think of a way this would break existing installs.
I don't see why this patch can't be committed now. Setting to "needs review" for further input but this is RTBC IMO.
Comment #7
rv0 CreditAttribution: rv0 commentedIn #5
suggestion to replace
to
makes no sense, if you scroll up in the code you'll see that snippet is already part of an if statement which begins with
tbh, I don't know exactly why or how the node_access check got there.
Comment #8
jgraham CreditAttribution: jgraham commentedI took a bit of time to more closely review og_menu_access, and found a few things.
Several issues are addressed in this re-rolled patch;
I think it is worth adjusting the entries for og_menu_menu() to always pass the $op parameter to og_menu_access(). As it stands right now we only ever get NULL or 'new-menu'. I think the resulting code would be much more easy to read if we switched to always expect the op parameter and branch the access control logic accordingly. In the attached patch we punt and return TRUE in the event that $op=NULL and the user has access to global 'administer og menu' or og level 'administer og menu'.
Comment #9
jgraham CreditAttribution: jgraham commentedre-roll of patch in 8 to account for recent commit.
Comment #10
rv0 CreditAttribution: rv0 commentedPatch reviewed and pushed to latest dev.
Thanks