Add permission to run update.php [#382874]

I'm the system administrator for a growing multisite drupal installation. One of the things we need to do in our development environment is allow the developers, who have administrator privileges, to run update.php. They need to do this pretty frequently when they upgrade modules. While we want to give them administrator privileges, we need to reserve the UID 1 administrator account for system administrators. The problem for us is that update.php has two modes which are set via settings.php; either the UID 1 account can run it, or anybody can. To use the latter mode, one must edit settings.php by hand, run update.php, and then edit it again. This is pretty awkward for the developers.

A reasonable, simple solution would seem to be to add an 'administer site updates' permission to the system module, and add a check for that in update.php. While the update.php script isn't part of any module, the system module seems to be the logical place for this. I've included a patch for the current development tree.

Comment	File	Size	Author
#3	update_perms_drupal7.patch	3.96 KB	durist
#3
	update_perms_drupal7.patch	2.22 KB	durist

Support from Acquia helps fund testing for Drupal Acquia logo

Comments

Comment #1

lilou CreditAttribution: lilou commented 24 February 2009 at 23:55

Status:

Active

» Needs review

we need also to change this message :

http://drupal.org/update.php?op=info

Comment #2

greggles

he/him

English

Denver, Colorado, USA

CreditAttribution: greggles commented 25 February 2009 at 05:05

Status:

Needs review

» Needs work

One simplification: user_access returns true for UID 1 every time, so

if (!empty($update_free_access) || $user->uid == 1 || user_access('administer site updates')) {

could be

if (!empty($update_free_access) || user_access('administer site updates')) {

Comment #3

durist CreditAttribution: durist commented 3 March 2009 at 18:23

File	Size
update_perms_drupal7.patch	3.96 KB

Here's an updated patch that addresses comments #1 and #2.

Comment #4

greggles

he/him

English

Denver, Colorado, USA

CreditAttribution: greggles commented 4 March 2009 at 02:02

Status:

Needs work

» Needs review

Comment #5

Dave Reid

he/him

English

Nebraska USA

CreditAttribution: Dave Reid commented 17 March 2009 at 20:57

Status:

Needs review

» Closed (duplicate)

Duplicate of #382874: Add permission to run update.php.

Comment #6

greggles

he/him

English

Denver, Colorado, USA

CreditAttribution: greggles commented 17 March 2009 at 23:03

Status:

Closed (duplicate)

» Needs review

Duplicate of itself?

Comment #7

Dave Reid

he/him

English

Nebraska USA

CreditAttribution: Dave Reid commented 17 March 2009 at 23:09

Status:

Needs review

» Closed (duplicate)

Hows that for meta linking? :)

I really meant #67234: Update script access rights.

Comment #8

networkgamer CreditAttribution: networkgamer commented 5 July 2010 at 14:26

I have the same problem with drupal 6. Is it possible to give another user the permissions for update.php than user 1 ?

Add permission to run update.php

Comments

Comment #1

Comment #2

Comment #3

Comment #4

Comment #5

Comment #6

Comment #7

Comment #8

Thank you to these Drupal contributors

News items

Our community

Documentation

Drupal code base

Governance of community