Update docs around Drupal permissions for Preview Mode #584
Conversation
Update docs around Drupal permissions
|
@tjheffner is attempting to deploy a commit to the Chapter Three Team on Vercel. A member of the Team first needs to authorize it. |
| - Bypass content access control | ||
| - Issue subrequests | ||
| - View user information | ||
|
|
There was a problem hiding this comment.
The tests run eslint and prettier format checks against the code base. And the tests are failing because you've accidentally added an extra blank line to this mdx file.
There was a problem hiding this comment.
Oh sorry, I was just editing through the web ui and didn't notice. Hopefully resolved now!
clean up whitspaces?
Perfect! And good catch on noticing the additional The tests are failing now. But they aren't because of this PR. I'll fix them and then merge this PR. Thanks! |
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎
|
| - 'view all revisions' | ||
| - 'view any unpublished content' | ||
| - 'view latest version' | ||
| - 'view media' |
There was a problem hiding this comment.
I tried out these new permissions on a Drupal 10.1 site and ran into a snag.
What version of Drupal did you use to create this list?
In Drupal 10.1 some of those permissions don't exist. Best I can tell the permissions are:
- 'View all media revisions'
- 'View media'
- 'View own unpublished media'
- 'View all revisions'
- 'View published content'
- 'View own unpublished content'
- 'Issue subrequests'
- 'View user information'
What heading is "view latest version" under? I don't see anything in 10.1 that matches that.
There was a problem hiding this comment.
These were from a Drupal 9.5.11 site.
On our site, view latest version is underneath the Content Moderation heading, and was required for viewing forward revisions (i.e. new draft revision of previously published content) in our setup
Also, the preview user will likely still want view any unpublished content, not necessarily just their own
There was a problem hiding this comment.
On our site, view latest version is underneath the Content Moderation heading
Aha! I didn't have that installed. That module is also required for the "View any unpublished content" permission. Without that module, the only perms that mention "unpublished" are the ones under the "Node"/"Media" modules for "own unpublished".
And, yes, having the "View any unpublished content" permission is required to allow the Next.js User to view unpublished content owned by regular content editors.
I think we should add the module heading for each of these permission so that users (like me!) don't get confused about which permissions to use. Adding the module heading will also give a hint on how to get that permission if it isn't listed on a user's website.
There was a problem hiding this comment.
Hmm… I still don't see a 'access content' permission even on a Drupal 9 site. I'm using Node module's 'View published content' permission instead.
I've tested these permissions on a Drupal 10.1 site and they seem to be sufficient:
- 'Content Moderation: View any unpublished content'
- 'Content Moderation: View the latest version'
- 'Media: View all media revisions'
- 'Media: View media'
- 'Node: View all revisions'
- 'Node: View published content'
- 'Subrequests: Issue subrequests'
- 'User: View user information'
There was a problem hiding this comment.
Ah, I think some of the confusion is my list is coming from the exported config (uses machine names of perms), and the permissions list in the UI doesn't surface those, using the titles instead.
access content is originally coming from Core's system.permissions.yml, and is equivalent to View published content
# Note that the 'access content' permission is moved to the Node section of the
# permission form when the Node module is enabled.
access content:
title: 'View published content'
| - 'view all revisions' | ||
| - 'view any unpublished content' | ||
| - 'view latest version' | ||
| - 'view media' |
There was a problem hiding this comment.
Hmm… I still don't see a 'access content' permission even on a Drupal 9 site. I'm using Node module's 'View published content' permission instead.
I've tested these permissions on a Drupal 10.1 site and they seem to be sufficient:
- 'Content Moderation: View any unpublished content'
- 'Content Moderation: View the latest version'
- 'Media: View all media revisions'
- 'Media: View media'
- 'Node: View all revisions'
- 'Node: View published content'
- 'Subrequests: Issue subrequests'
- 'User: View user information'
|
Is the requested change just asking that we use the readable names instead of the machine names exported in the config? |
Update docs around Drupal permissions.
This pull request is for: (mark with an "x")
examples/*modules/nextpackages/next-drupalstarters/basic-starterstarters/graphql-starterGitHub Issue: #589
https://drupal.slack.com/archives/C01E36BMU72/p1698865058084659
Describe your changes
Docs update, preview user shouldn't require administrator access.