diff --git a/config/install/user.role.uw_role_site_manager.yml b/config/install/user.role.uw_role_site_manager.yml
index 6cbd7ec8fe96971cd71815b74fe0e88570e03580..c658dca7dd6395e799bad17878f6374f9fb93db0 100644
--- a/config/install/user.role.uw_role_site_manager.yml
+++ b/config/install/user.role.uw_role_site_manager.yml
@@ -71,7 +71,6 @@ permissions:
- 'delete any uw_ct_site_footer content'
- 'delete any uw_ct_web_page content'
- 'delete any uw_news_item content'
- - 'delete orphan revisions'
- 'delete own uw_ct_blog content'
- 'delete own uw_ct_catalog_item content'
- 'delete own uw_ct_event content'
diff --git a/config/install/user.role.uw_role_site_owner.yml b/config/install/user.role.uw_role_site_owner.yml
index 9c4e9499e1bff363ec4cf667045cab81a5d4ed51..ac8e4e830acde20a6b1eb18325c5770daf92332a 100644
--- a/config/install/user.role.uw_role_site_owner.yml
+++ b/config/install/user.role.uw_role_site_owner.yml
@@ -24,4 +24,3 @@ permissions:
- 'can view my_dashboard dashboard'
- 'create and edit custom blocks'
- 'customize shortcut links'
- - 'delete orphan revisions'
diff --git a/src/Access/UwNodeAccessCheck.php b/src/Access/UwNodeAccessCheck.php
index af8a0b17da5e28f95454ab58baf4bec94ead3d9c..cc0368d8e64db4c093646d4bbbb1924439504b48 100644
--- a/src/Access/UwNodeAccessCheck.php
+++ b/src/Access/UwNodeAccessCheck.php
@@ -55,6 +55,16 @@ class UwNodeAccessCheck implements AccessInterface {
}
}
+ // Role Expire config: admin/config/system/role-expire.
+ if ($route_name === 'role_expire.config') {
+ return $account->hasPermission('administer role expire configuration') ? AccessResult::allowed() : AccessResult::forbidden();
+ }
+
+ // Dashboard config: admin/config/dashboards/dashboardssettings.
+ if ($route_name === 'dashboards.dashboards_settings_form') {
+ return $account->hasPermission('access dashboard config') ? AccessResult::allowed() : AccessResult::forbidden();
+ }
+
// Get the node object, which is in the route match variable.
$node = $route_match->getParameter('node');
diff --git a/src/Routing/UwNodeAccessRouteSubscriber.php b/src/Routing/UwNodeAccessRouteSubscriber.php
index d9a15672ab2e67c67fcd608b749e977162509755..9fab550c2461e1a84a0c10b1920595d3896c6667 100644
--- a/src/Routing/UwNodeAccessRouteSubscriber.php
+++ b/src/Routing/UwNodeAccessRouteSubscriber.php
@@ -16,12 +16,16 @@ class UwNodeAccessRouteSubscriber extends RouteSubscriberBase {
*/
protected function alterRoutes(RouteCollection $collection) {
$access_route_names = [
+ // Dashboard config: admin/config/dashboards/dashboardssettings.
+ 'dashboards.dashboards_settings_form',
// Node pages (/node/{nid}).
'entity.node.canonical',
- // Menu link edit pages.
- 'menu_ui.link_edit',
// Node delete pages.
'entity.node.delete_form',
+ // Menu link edit pages.
+ 'menu_ui.link_edit',
+ // Role Expire config: admin/config/system/role-expire.
+ 'role_expire.config',
];
foreach ($access_route_names as $route_name) {
if ($route = $collection->get($route_name)) {
diff --git a/uw_cfg_common.permissions.yml b/uw_cfg_common.permissions.yml
index 35b905c1b759a6d4b603e450698e186d428aa0eb..0657662837eeba26772aa1c73e980fda8fa1bcb4 100644
--- a/uw_cfg_common.permissions.yml
+++ b/uw_cfg_common.permissions.yml
@@ -1,6 +1,13 @@
'access content access form':
title: 'Access content access form'
description: 'Allows access to the content access form.'
+'access dashboard config':
+ title: 'Access dashboard configuration'
+ description: 'Allows access to admin/config/dashboards/dashboardssettings.'
+'administer role expire configuration':
+ title: 'Administer role expire configuration'
+ description: 'Allows access to admin/config/system/role-expire.'
+ restrict access: true
'bypass home page protection':
title: 'Bypass home page protection'
description: 'Allows taking actions that are not normally allowed for the home page, such as unpublishing.'