Skip to content

Commit

Permalink
D8CORE-4551: updated permissions for contributors and site editors (#690
Browse files Browse the repository at this point in the history 
)
  • Loading branch information
@imonroe
imonroe authored Sep 12, 2023
1 parent b689c81 commit 527ef64
Show file tree
Hide file tree
Showing 7 changed files with 51 additions and 9 deletions.
12 changes: 7 additions & 5 deletions config/sync/user.role.contributor.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ dependencies:
config:
- filter.format.stanford_html
- filter.format.stanford_minimal_html
- media.type.embeddable
- media.type.file
- media.type.google_form
- media.type.image
Expand All @@ -25,7 +26,6 @@ dependencies:
- editoria11y
- filter
- media
- menu_admin_per_menu
- node
- paragraphs
- pathauto
Expand All @@ -49,21 +49,17 @@ permissions:
- 'access user profiles'
- 'add citation entities'
- 'add content to books'
- 'administer main menu items'
- 'break content lock'
- 'create file media'
- 'create google_form media'
- 'create image media'
- 'create media'
- 'create policy log'
- 'create stanford_course content'
- 'create stanford_event content'
- 'create stanford_event_series content'
- 'create stanford_gallery_images media'
- 'create stanford_news content'
- 'create stanford_page content'
- 'create stanford_person content'
- 'create stanford_policy content'
- 'create stanford_publication content'
- 'create video media'
- 'delete citation entities'
Expand All @@ -82,6 +78,9 @@ permissions:
- 'delete own stanford_publication content'
- 'delete own video media'
- 'dropzone upload files'
- 'edit any embeddable media'
- 'edit any file media'
- 'edit any google_form media'
- 'edit any image media'
- 'edit any stanford_course content'
- 'edit any stanford_event content'
Expand All @@ -92,8 +91,10 @@ permissions:
- 'edit any stanford_person content'
- 'edit any stanford_policy content'
- 'edit any stanford_publication content'
- 'edit any video media'
- 'edit behavior plugin settings'
- 'edit citation entities'
- 'edit own embeddable media'
- 'edit own file media'
- 'edit own google_form media'
- 'edit own image media'
Expand All @@ -112,6 +113,7 @@ permissions:
- 'mark as ok in editoria11y'
- 'notify of path changes'
- 'schedule publishing of nodes'
- 'update any media'
- 'update media'
- 'use text format stanford_html'
- 'use text format stanford_minimal_html'
Expand Down
5 changes: 5 additions & 0 deletions config/sync/user.role.site_editor.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -139,6 +139,9 @@ permissions:
- 'delete terms in stanford_publication_topics'
- 'delete terms in su_shared_tags'
- 'dropzone upload files'
- 'edit any embeddable media'
- 'edit any file media'
- 'edit any google_form media'
- 'edit any image media'
- 'edit any stanford_course content'
- 'edit any stanford_event content'
Expand All @@ -149,6 +152,7 @@ permissions:
- 'edit any stanford_person content'
- 'edit any stanford_policy content'
- 'edit any stanford_publication content'
- 'edit any video media'
- 'edit behavior plugin settings'
- 'edit citation entities'
- 'edit field_media_embeddable_code'
Expand Down Expand Up @@ -188,6 +192,7 @@ permissions:
- 'revert stanford_policy revisions'
- 'revert stanford_publication revisions'
- 'schedule publishing of nodes'
- 'update any media'
- 'update media'
- 'use text format stanford_html'
- 'use text format stanford_minimal_html'
Expand Down
14 changes: 14 additions & 0 deletions config/sync/user.role.su_site_embedder.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
uuid: 9dedbe8e-27b6-40de-95fd-29e4efe67be4
langcode: en
status: true
dependencies:
module:
- field_permissions
id: su_site_embedder
label: 'Site Embedder'
weight: 1
is_admin: false
permissions:
- 'create field_media_embeddable_code'
- 'edit field_media_embeddable_code'
- 'edit own field_media_embeddable_code'
4 changes: 2 additions & 2 deletions tests/codeception/acceptance/Content/EventsSeriesCest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,9 +63,9 @@ public function testContentTypeExists(AcceptanceTester $I) {
public function testContributorPerms(AcceptanceTester $I) {
$I->logInWithRole('contributor');

// Can create a node.
// D8CORE-4551: Can NOT create a node.
$I->amOnPage('/node/add/stanford_event_series');
$I->canSeeResponseCodeIs(200);
$I->canSeeResponseCodeIs(403);

// Can not delete a node that is not theirs but can edit.
$node = $this->createEventSeriesNode($I);
Expand Down
12 changes: 10 additions & 2 deletions tests/codeception/acceptance/Content/PolicyCest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,14 @@ public function testPolicyAccess(AcceptanceTester $I) {
$I->logInWithRole('contributor');
$I->amOnPage('/node/add/stanford_policy');
$I->cantSee('Create a new book');
// D8CORE-4551 - removed create policy permission for contributors
$I->canSee('Access Denied');
$book = $I->createEntity([
'type' => 'stanford_policy',
'su_policy_title' => $this->faker->words(2, TRUE) . '-baz-foo',
'su_policy_auto_prefix' => 1,
]);
$I->amOnPage($book->toUrl('edit-form')->toString());
// This indicates they can add to an existing book.
$I->canSeeOptionIsSelected('Book', '- None -');
$I->cantSee('Policy Prefix');
Expand All @@ -63,7 +71,7 @@ public function testPolicyAccess(AcceptanceTester $I) {
/**
* Test book title changes.
*/
public function testPolicyTitle(AcceptanceTester $I){
public function testPolicyTitle(AcceptanceTester $I) {
$title = $this->faker->words(4, TRUE) . ' foo bar';
$I->logInWithRole('administrator');
$I->amOnPage('/node/add/stanford_policy');
Expand Down Expand Up @@ -231,7 +239,7 @@ public function testPolicyHeirarcy(AcceptanceTester $I) {
$I->canSee($chapter_two->label(), '.breadcrumb');
$I->canSee($article_one->label(), '.breadcrumb');

$I->canSee( $data_formatter->format($fifteen_days_ago, 'custom', 'F d, Y', self::getTimezone()));
$I->canSee($data_formatter->format($fifteen_days_ago, 'custom', 'F d, Y', self::getTimezone()));
$I->canSee($data_formatter->format($time, 'custom', 'F d, Y', self::getTimezone()));
$I->canSee($authority);

Expand Down
12 changes: 12 additions & 0 deletions tests/codeception/acceptance/Media/MediaPermissionsCest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,18 @@ public function testAdminPerms(AcceptanceTester $I) {
$I->canSee('Embed Code');
}

/**
* Test site embedder perms
*/
public function testSiteEmbedderPerms(AcceptanceTester $I) {
$user = $I->createUserWithRoles(['su_site_embedder', 'site_manager']);
$I->logInAs($user->getAccountName());
$I->amOnPage('/media/add/embeddable');
$I->canSeeResponseCodeIs(200);
$I->canSee('oEmbed URL');
$I->canSee('Embed Code');
}

/**
* Test site manager perms
*/
Expand Down
1 change: 1 addition & 0 deletions tests/codeception/acceptance/Users/RolesCest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ public function testRolesExist(AcceptanceTester $I) {
$I->canSee('Site Builder');
$I->canSee('Site Developer');
$I->canSee('Administrator');
$I->canSee('Site Embedder');
}

/**
Expand Down

0 comments on commit 527ef64

Please sign in to comment.