From cc023189cc71a97d315e55bbf6e7bc06a778b482 Mon Sep 17 00:00:00 2001 From: Igor Biki <ibiki@uwaterloo.ca> Date: Wed, 26 Aug 2020 09:07:38 -0400 Subject: [PATCH] ISTWCMS-4036: First pass of permissions updates. --- config/install/user.role.anonymous.yml | 1 + config/install/user.role.authenticated.yml | 2 + .../user.role.uw_role_content_author.yml | 79 ++++++++++++++-- .../user.role.uw_role_content_editor.yml | 78 ++++++++++++++-- .../user.role.uw_role_site_manager.yml | 90 ++++++++++++++++--- .../install/user.role.uw_role_site_owner.yml | 19 ++-- uw_cfg_common.info.yml | 3 + 7 files changed, 233 insertions(+), 39 deletions(-) diff --git a/config/install/user.role.anonymous.yml b/config/install/user.role.anonymous.yml index bbfcb201..3d242834 100644 --- a/config/install/user.role.anonymous.yml +++ b/config/install/user.role.anonymous.yml @@ -6,6 +6,7 @@ label: 'Anonymous user' weight: -10 is_admin: false permissions: + - 'access comments' - 'access content' - 'access news feeds' - 'display eu cookie compliance popup' diff --git a/config/install/user.role.authenticated.yml b/config/install/user.role.authenticated.yml index 9a4f5a0b..62395211 100644 --- a/config/install/user.role.authenticated.yml +++ b/config/install/user.role.authenticated.yml @@ -9,7 +9,9 @@ permissions: - 'access content' - 'access news feeds' - 'access toolbar' + - 'bypass honeypot protection' - 'display eu cookie compliance popup' + - 'skip CAPTCHA' - 'use text format uw_tf_basic' - 'use text format uw_tf_standard' - 'view media' diff --git a/config/install/user.role.uw_role_content_author.yml b/config/install/user.role.uw_role_content_author.yml index 5dec982b..c918713f 100644 --- a/config/install/user.role.uw_role_content_author.yml +++ b/config/install/user.role.uw_role_content_author.yml @@ -7,34 +7,97 @@ weight: -4 is_admin: null permissions: - 'access administration pages' + - 'access content overview' + - 'access contextual links' + - 'access files overview' + - 'access media overview' + - 'access media_entity_browser entity browser pages' + - 'access media_entity_browser_modal entity browser pages' + - 'access shortcuts' + - 'access taxonomy overview' + - 'access uw_ebr_image entity browser pages' + - 'administer special alert' + - 'can override my_dashboard dashboard' + - 'can view my_dashboard dashboard' + - 'cancel smart date recur instances' + - 'configure all uw_ct_blog node layout overrides' + - 'configure all uw_ct_event node layout overrides' + - 'configure all uw_ct_news_item node layout overrides' + - 'configure all uw_ct_web_page node layout overrides' + - 'configure editable uw_ct_blog node layout overrides' + - 'configure editable uw_ct_event node layout overrides' + - 'configure editable uw_ct_news_item node layout overrides' + - 'configure editable uw_ct_web_page node layout overrides' + - 'create and edit custom blocks' - 'create media' - 'create paragraph content uw_para_call_to_action' - 'create paragraph content uw_para_call_to_action_text' + - 'create paragraph content uw_para_fact_figure' - 'create paragraph content uw_para_fact_point' - 'create paragraph content uw_para_fact_text' - 'create paragraph content uw_para_facts_and_figures' - - 'create uw_mt_image media' - - 'create uw_mt_remote_video media' + - 'create paragraph content uw_para_ff' + - 'create terms in uw_tax_event_tags' + - 'create terms in uw_tax_event_type' + - 'create terms in uw_vocab_blog_tags' + - 'create terms in uw_vocab_news_tags' + - 'create url aliases' + - 'create uw_ct_blog content' + - 'create uw_ct_event content' + - 'create uw_ct_news_item content' + - 'create uw_ct_site_footer content' + - 'create uw_ct_web_page content' - 'create uw_news_item content' - - 'delete media' - - 'delete own uw_mt_image media' - - 'delete own uw_mt_remote_video media' - 'delete own uw_news_item content' - 'delete paragraph content uw_para_call_to_action' - 'delete paragraph content uw_para_call_to_action_text' + - 'delete paragraph content uw_para_ec_item' + - 'delete paragraph content uw_para_fact_figure' - 'delete paragraph content uw_para_fact_point' - 'delete paragraph content uw_para_fact_text' - 'delete paragraph content uw_para_facts_and_figures' - - 'edit own uw_mt_image media' - - 'edit own uw_mt_remote_video media' + - 'delete paragraph content uw_para_ff' + - 'edit any uw_ct_blog content' + - 'edit any uw_ct_event content' + - 'edit any uw_ct_news_item content' + - 'edit any uw_ct_site_footer content' + - 'edit any uw_ct_web_page content' + - 'edit own uw_ct_blog content' + - 'edit own uw_ct_event content' + - 'edit own uw_ct_news_item content' + - 'edit own uw_ct_site_footer content' + - 'edit own uw_ct_web_page content' - 'edit own uw_news_item content' - - 'update media' + - 'edit terms in uw_tax_event_tags' + - 'edit terms in uw_tax_event_type' + - 'edit terms in uw_vocab_blog_tags' + - 'edit terms in uw_vocab_news_tags' + - 'make smart dates recur' + - 'reschedule smart date recur instances' + - 'revert uw_ct_blog revisions' + - 'revert uw_ct_event revisions' + - 'revert uw_ct_news_item revisions' + - 'revert uw_ct_site_footer revisions' + - 'revert uw_ct_web_page revisions' - 'update paragraph content uw_para_call_to_action' - 'update paragraph content uw_para_call_to_action_text' + - 'update paragraph content uw_para_ec_item' + - 'update paragraph content uw_para_fact_figure' - 'update paragraph content uw_para_fact_point' - 'update paragraph content uw_para_fact_text' - 'update paragraph content uw_para_facts_and_figures' + - 'update paragraph content uw_para_ff' - 'use uw_workflow transition needs_review' + - 'use workbench access' + - 'view all media revisions' - 'view all revisions' + - 'view any unpublished content' + - 'view latest version' - 'view own unpublished content' - 'view own unpublished media' + - 'view unpublished paragraphs' + - 'view uw_ct_blog revisions' + - 'view uw_ct_event revisions' + - 'view uw_ct_news_item revisions' + - 'view uw_ct_site_footer revisions' + - 'view uw_ct_web_page revisions' diff --git a/config/install/user.role.uw_role_content_editor.yml b/config/install/user.role.uw_role_content_editor.yml index 28198e82..f9b39f39 100644 --- a/config/install/user.role.uw_role_content_editor.yml +++ b/config/install/user.role.uw_role_content_editor.yml @@ -7,41 +7,103 @@ weight: -5 is_admin: null permissions: - 'access administration pages' + - 'access content overview' + - 'access contextual links' + - 'access files overview' + - 'access in-place editing' + - 'access media_entity_browser entity browser pages' + - 'access media_entity_browser_modal entity browser pages' + - 'access shortcuts' + - 'access taxonomy overview' + - 'access uw_ebr_image entity browser pages' + - 'administer special alert' - 'can override my_dashboard dashboard' - 'can view my_dashboard dashboard' + - 'cancel smart date recur instances' + - 'configure all uw_ct_blog node layout overrides' + - 'configure all uw_ct_event node layout overrides' + - 'configure all uw_ct_news_item node layout overrides' + - 'configure all uw_ct_web_page node layout overrides' + - 'configure editable uw_ct_blog node layout overrides' + - 'configure editable uw_ct_event node layout overrides' + - 'configure editable uw_ct_news_item node layout overrides' + - 'configure editable uw_ct_web_page node layout overrides' + - 'create and edit custom blocks' - 'create media' - 'create paragraph content uw_para_call_to_action' - 'create paragraph content uw_para_call_to_action_text' + - 'create paragraph content uw_para_ec_item' + - 'create paragraph content uw_para_fact_figure' - 'create paragraph content uw_para_fact_point' - 'create paragraph content uw_para_fact_text' - 'create paragraph content uw_para_facts_and_figures' - - 'create uw_mt_image media' - - 'create uw_mt_remote_video media' + - 'create paragraph content uw_para_ff' + - 'create terms in uw_tax_event_tags' + - 'create terms in uw_tax_event_type' + - 'create terms in uw_vocab_blog_tags' + - 'create terms in uw_vocab_news_tags' + - 'create url aliases' + - 'create uw_ct_blog content' + - 'create uw_ct_event content' + - 'create uw_ct_news_item content' + - 'create uw_ct_site_footer content' + - 'create uw_ct_web_page content' - 'create uw_news_item content' - - 'delete media' - - 'delete own uw_mt_image media' - - 'delete own uw_mt_remote_video media' - 'delete own uw_news_item content' - 'delete paragraph content uw_para_call_to_action' - 'delete paragraph content uw_para_call_to_action_text' + - 'delete paragraph content uw_para_ec_item' + - 'delete paragraph content uw_para_fact_figure' - 'delete paragraph content uw_para_fact_point' - 'delete paragraph content uw_para_fact_text' - 'delete paragraph content uw_para_facts_and_figures' - - 'edit own uw_mt_image media' - - 'edit own uw_mt_remote_video media' + - 'delete paragraph content uw_para_ff' + - 'edit any uw_ct_blog content' + - 'edit any uw_ct_event content' + - 'edit any uw_ct_news_item content' + - 'edit any uw_ct_site_footer content' + - 'edit any uw_ct_web_page content' + - 'edit own uw_ct_blog content' + - 'edit own uw_ct_event content' + - 'edit own uw_ct_news_item content' + - 'edit own uw_ct_site_footer content' + - 'edit own uw_ct_web_page content' - 'edit own uw_news_item content' + - 'edit terms in uw_tax_event_tags' + - 'edit terms in uw_tax_event_type' + - 'edit terms in uw_vocab_blog_tags' + - 'edit terms in uw_vocab_news_tags' + - 'make smart dates recur' + - 'reschedule smart date recur instances' + - 'revert uw_ct_blog revisions' + - 'revert uw_ct_event revisions' + - 'revert uw_ct_news_item revisions' + - 'revert uw_ct_site_footer revisions' + - 'revert uw_ct_web_page revisions' - 'revert uw_news_item revisions' - - 'update media' - 'update paragraph content uw_para_call_to_action' - 'update paragraph content uw_para_call_to_action_text' + - 'update paragraph content uw_para_ec_item' + - 'update paragraph content uw_para_fact_figure' - 'update paragraph content uw_para_fact_point' - 'update paragraph content uw_para_fact_text' - 'update paragraph content uw_para_facts_and_figures' + - 'update paragraph content uw_para_ff' - 'use uw_workflow transition archived' - 'use uw_workflow transition draft' - 'use uw_workflow transition needs_review' - 'use uw_workflow transition published' + - 'use workbench access' + - 'view all media revisions' - 'view all revisions' + - 'view any unpublished content' + - 'view latest version' - 'view own unpublished content' - 'view own unpublished media' + - 'view unpublished paragraphs' + - 'view uw_ct_blog revisions' + - 'view uw_ct_event revisions' + - 'view uw_ct_news_item revisions' + - 'view uw_ct_site_footer revisions' + - 'view uw_ct_web_page revisions' - 'view uw_news_item revisions' diff --git a/config/install/user.role.uw_role_site_manager.yml b/config/install/user.role.uw_role_site_manager.yml index 19ca7ae8..d3ec94d9 100644 --- a/config/install/user.role.uw_role_site_manager.yml +++ b/config/install/user.role.uw_role_site_manager.yml @@ -7,63 +7,127 @@ weight: -6 is_admin: null permissions: - 'access administration pages' + - 'access content overview' + - 'access contextual links' - 'access files overview' + - 'access in-place editing' - 'access media overview' - 'access media_entity_browser entity browser pages' - 'access media_entity_browser_modal entity browser pages' + - 'access shortcuts' + - 'access taxonomy overview' - 'access uw_ebr_cta entity browser pages' - 'access uw_ebr_image entity browser pages' - - 'administer menu' + - 'administer special alert' - 'can override my_dashboard dashboard' - 'can view my_dashboard dashboard' + - 'cancel smart date recur instances' + - 'configure all uw_ct_blog node layout overrides' + - 'configure all uw_ct_event node layout overrides' + - 'configure all uw_ct_news_item node layout overrides' + - 'configure all uw_ct_web_page node layout overrides' + - 'configure editable uw_ct_blog node layout overrides' + - 'configure editable uw_ct_event node layout overrides' + - 'configure editable uw_ct_news_item node layout overrides' + - 'configure editable uw_ct_web_page node layout overrides' + - 'create and edit custom blocks' - 'create media' - 'create paragraph content uw_para_call_to_action' - 'create paragraph content uw_para_call_to_action_text' + - 'create paragraph content uw_para_ec_item' + - 'create paragraph content uw_para_fact_figure' - 'create paragraph content uw_para_fact_point' - 'create paragraph content uw_para_fact_text' - 'create paragraph content uw_para_facts_and_figures' - - 'create uw_mt_image media' - - 'create uw_mt_remote_video media' + - 'create paragraph content uw_para_ff' + - 'create terms in uw_tax_event_tags' + - 'create terms in uw_tax_event_type' + - 'create terms in uw_vocab_blog_tags' + - 'create terms in uw_vocab_news_tags' + - 'create url aliases' + - 'create uw_ct_blog content' + - 'create uw_ct_event content' + - 'create uw_ct_news_item content' + - 'create uw_ct_site_footer content' + - 'create uw_ct_web_page content' - 'create uw_news_item content' - 'delete all revisions' - 'delete any media' - - 'delete any uw_mt_image media' - - 'delete any uw_mt_remote_video media' + - 'delete any uw_ct_blog content' + - 'delete any uw_ct_event content' + - 'delete any uw_ct_news_item content' + - 'delete any uw_ct_site_footer content' + - 'delete any uw_ct_web_page content' - 'delete any uw_news_item content' - - 'delete media' - 'delete orphan revisions' - - 'delete own uw_mt_image media' - - 'delete own uw_mt_remote_video media' + - 'delete own uw_ct_blog content' + - 'delete own uw_ct_event content' + - 'delete own uw_ct_news_item content' + - 'delete own uw_ct_site_footer content' + - 'delete own uw_ct_web_page content' - 'delete own uw_news_item content' - 'delete paragraph content uw_para_call_to_action' - 'delete paragraph content uw_para_call_to_action_text' + - 'delete paragraph content uw_para_ec_item' + - 'delete paragraph content uw_para_fact_figure' - 'delete paragraph content uw_para_fact_point' - 'delete paragraph content uw_para_fact_text' - 'delete paragraph content uw_para_facts_and_figures' + - 'delete paragraph content uw_para_ff' + - 'delete terms in uw_tax_event_tags' + - 'delete terms in uw_tax_event_type' + - 'delete terms in uw_vocab_blog_tags' + - 'delete terms in uw_vocab_news_tags' - 'delete uw_news_item revisions' - - 'edit any uw_mt_image media' - - 'edit any uw_mt_remote_video media' + - 'edit any uw_ct_blog content' + - 'edit any uw_ct_event content' + - 'edit any uw_ct_news_item content' + - 'edit any uw_ct_site_footer content' + - 'edit any uw_ct_web_page content' - 'edit any uw_news_item content' - - 'edit own uw_mt_image media' - - 'edit own uw_mt_remote_video media' + - 'edit own uw_ct_blog content' + - 'edit own uw_ct_event content' + - 'edit own uw_ct_news_item content' + - 'edit own uw_ct_site_footer content' + - 'edit own uw_ct_web_page content' - 'edit own uw_news_item content' + - 'edit terms in uw_tax_event_tags' + - 'edit terms in uw_tax_event_type' + - 'edit terms in uw_vocab_blog_tags' + - 'edit terms in uw_vocab_news_tags' + - 'make smart dates recur' + - 'reschedule smart date recur instances' - 'revert all revisions' + - 'revert uw_ct_blog revisions' + - 'revert uw_ct_event revisions' + - 'revert uw_ct_news_item revisions' + - 'revert uw_ct_site_footer revisions' + - 'revert uw_ct_web_page revisions' - 'revert uw_news_item revisions' - 'update any media' - - 'update media' - 'update paragraph content uw_para_call_to_action' - 'update paragraph content uw_para_call_to_action_text' + - 'update paragraph content uw_para_ec_item' + - 'update paragraph content uw_para_fact_figure' - 'update paragraph content uw_para_fact_point' - 'update paragraph content uw_para_fact_text' - 'update paragraph content uw_para_facts_and_figures' + - 'update paragraph content uw_para_ff' - 'use uw_workflow transition archived' - 'use uw_workflow transition draft' - 'use uw_workflow transition needs_review' - 'use uw_workflow transition published' + - 'use workbench access' - 'view all media revisions' - 'view all revisions' - 'view any unpublished content' - 'view latest version' - 'view own unpublished content' - 'view own unpublished media' + - 'view unpublished paragraphs' + - 'view uw_ct_blog revisions' + - 'view uw_ct_event revisions' + - 'view uw_ct_news_item revisions' + - 'view uw_ct_site_footer revisions' + - 'view uw_ct_web_page revisions' - 'view uw_news_item revisions' diff --git a/config/install/user.role.uw_role_site_owner.yml b/config/install/user.role.uw_role_site_owner.yml index dcf7202d..f1b46d33 100644 --- a/config/install/user.role.uw_role_site_owner.yml +++ b/config/install/user.role.uw_role_site_owner.yml @@ -8,17 +8,16 @@ is_admin: null permissions: - 'access administration pages' - 'access content access form' + - 'access content overview' + - 'access contextual links' - 'access files overview' - - 'access media_entity_browser entity browser pages' - - 'access media_entity_browser_modal entity browser pages' - - 'access uw_ebr_image entity browser pages' - - 'administer menu' + - 'access shortcuts' + - 'access site reports' + - 'access user profiles' + - 'administer role expire' + - 'administer shortcuts' - 'can override my_dashboard dashboard' - 'can view my_dashboard dashboard' + - 'create and edit custom blocks' + - 'customize shortcut links' - 'delete orphan revisions' - - 'use uw_workflow transition archived' - - 'use uw_workflow transition draft' - - 'use uw_workflow transition needs_review' - - 'use uw_workflow transition published' - - 'view any unpublished content' - - 'view latest version' diff --git a/uw_cfg_common.info.yml b/uw_cfg_common.info.yml index 5bc0af8f..01567213 100644 --- a/uw_cfg_common.info.yml +++ b/uw_cfg_common.info.yml @@ -6,12 +6,15 @@ dependencies: - captcha - core_event_dispatcher - features + - field - field_event_dispatcher - hcaptcha - hook_event_dispatcher + - layout_builder - layout_builder_browser - layout_builder_modal - layout_builder_restrictions - layout_builder_styles + - node - preprocess_event_dispatcher - user -- GitLab