Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

More intellegent access control #470

Merged
merged 40 commits into from
Jul 23, 2024

Conversation

ekes
Copy link
Member

@ekes ekes commented May 28, 2024

Sets to finish:

ekes added 2 commits May 26, 2024 16:42
…tent types.

Requires localgovdrupal/localgov_geo#118

Notes:

 - Should switch to use the user and group roles we define in the
   submodules.
 - Why does Log Out not work? It does outside of tests.

 - Adding tests for global (non-group path) creation of content when
   it's included in the access per domain.
Sometimes the repeated / from domain and path matter. Sometimes they
don't. Here they do.
ekes added 17 commits May 28, 2024 15:20
In addition to disabling modules per domain. Remove permissions to
create (group) content on the control domain.
New route option for redirecting when access is denied to a CSRF protected route
https://www.drupal.org/node/3152693

Not sure what it was doing in 10.2 now to work. But this shouldn't break
that as it checks for the form first.
Already exists in optional in localgov_microsites_group_term_ui and
localgov_microsites_blogs. Depending on install order one of these can
be already existing in configuration when the news config is installed.
@ekes ekes marked this pull request as ready for review June 1, 2024 13:19
@finnlewis finnlewis self-assigned this Jun 4, 2024
@finnlewis
Copy link
Member

@ekes how best to address:

FILE: ...localgov_microsites_group/src/Access/MicrositeContentTypesAccessPolicy.php
--------------------------------------------------------------------------------
FOUND 0 ERRORS AND 2 WARNINGS AFFECTING 2 LINES
--------------------------------------------------------------------------------
 115 | WARNING | \Drupal calls should be avoided in classes, use dependency
     |         | injection instead
 133 | WARNING | \Drupal calls should be avoided in classes, use dependency
     |         | injection instead
--------------------------------------------------------------------------------

Copy link
Member

@finnlewis finnlewis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The tests pass, the codings standards and deprecations pass, and the access control works! I think this is ready to merg.

Thank you @ekes and @rupertj and @stephen-cox and @millnut !

@ekes
Copy link
Member Author

ekes commented Jul 22, 2024

Anyone objections to getting this merged on Tuesday? Anyone want to manually test before then?

@stephen-cox
Copy link
Member

I vote for getting this merged

@stephen-cox stephen-cox merged commit a0c800b into 4.x Jul 23, 2024
8 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
Status: Done
Development

Successfully merging this pull request may close these issues.

4 participants