Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.Currently, each flag stores its access to the flag and unflag actions as a list of roles in the flag object, and thus in the {flags} table.
This is arguably a bit crusty.
There are several good arguments for moving these over into regular user permissions:
- All permissions can be grouped into Features (I personally steer clear of permissions in Features, but that's just me :)
- The user permissions page gives a clear view of what a user can achieve; permissions hidden away in different modules' admin UI does not
- Storing role IDs in a flag doesn't seem like a terribly portable thing, and could lead to exported flags having the wrong roles.
- More philosophically, keeping what are effectively permissions inside a flag means that flag is managing its own permissions system rather than letting Drupal core do it. Yes, permissions aren't nicely exportable, but that's something that should be solved system-wide, not per-module.
Comments
Comment #1
joachim CreditAttribution: joachim commented#1525242: Allow using standard permissions table for flags