Skip to content

Commit

Permalink
Merge pull request #2072 from vrk-kpa/AV-2055_cleanup_drupal_permissions
Browse files Browse the repository at this point in the history 
AV-2055: Cleanup drupal permissions
  • Loading branch information
@Zharktas
Zharktas authored Oct 10, 2023
2 parents cc7bcbd + 56bf297 commit 504ed07
Show file tree
Hide file tree
Showing 7 changed files with 38 additions and 213 deletions.
19 changes: 7 additions & 12 deletions docker/.env.template
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,21 +50,16 @@ SENTRY_ENV="local"

# drupal + ckan roles
ROLES_CKAN_ADMIN=ckan_admin
ROLES_EDITOR=editor
ROLES_PUBLISHER=publisher

# initial users
USERS_0_USER=test-editor
USERS_0_PASS=test-editor
USERS_0_EMAIL=editor@localhost
USERS_0_ROLES="ckan_admin editor"
USERS_1_USER=test-publisher
USERS_1_PASS=test-publisher
USERS_1_EMAIL=publisher@localhost
USERS_1_ROLES="publisher"
USERS_2_USER=test-user
USERS_2_PASS=test-user
USERS_2_EMAIL=user@localhost
USERS_0_USER=test-publisher
USERS_0_PASS=test-publisher
USERS_0_EMAIL=publisher@localhost
USERS_0_ROLES="publisher"
USERS_1_USER=test-user
USERS_1_PASS=test-user
USERS_1_EMAIL=user@localhost

# postgres
DB_CKAN_HOST=postgres
Expand Down
29 changes: 29 additions & 0 deletions drupal/scripts/init_drupal.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,35 @@ drush language:default -y "fi"
# enable base theme
drush theme:enable -y bootstrap

# remove some configurations
# NOTE: ansible role skips errors with this condition:
# result.rc == 1 and 'Config {{ item }} does not exist' not in result.stderr
echo "delete configurations.."
drush config:delete easy_breadcrumb.settings || true
drush config:delete node.type.page || true
drush config:delete core.entity_form_display.node.page.default || true
drush config:delete core.entity_view_display.node.page.default || true
drush config:delete pathauto.settings || true
drush config:delete captcha.captcha_point.contact_message_feedback_form || true
drush config:delete core.base_field_override.node.article.promote || true
drush config:delete editor.editor.full_html || true
drush config:delete block.block.avoindata_collapsiblesearch || true
drush config:delete block.block.avoindata_infobox || true
drush config:delete disqus.settings || true
drush config:delete field.field.node.avoindata_guide_page.field_guide_comments || true
drush config:delete field.field.node.avoindata_article.field_article_comments || true
drush config:delete field.field.node.avoindata_event.field_event_comments || true
drush config:delete field.storage.node.field_article_comments || true
drush config:delete field.storage.node.field_basic_page_comments || true
drush config:delete field.storage.node.field_event_comments || true
drush config:delete field.storage.node.field_guide_comments || true
drush config:delete core.entity_view_display.node.page.search_index || true
drush config:delete core.entity_view_display.node.page.search_result || true
drush config:delete core.entity_view_display.node.page.teaser || true
drush config:delete field.field.node.page.field_basic_page_comments || true
drush config:delete field.storage.node.field_basic_page_comments || true
drush config:delete user.role.editor || true


# uninstall modules
echo "uninstall modules.."
Expand Down
116 changes: 1 addition & 115 deletions drupal/site_config/user.role.administrator.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,118 +5,4 @@ id: administrator
label: administrator
weight: 2
is_admin: true
permissions:
- 'access administration pages'
- 'access all views'
- 'access comments'
- 'access content'
- 'access content overview'
- 'access contextual links'
- 'access dashboard'
- 'access draggableviews'
- 'access overlay'
- 'access rules debug'
- 'access site in maintenance mode'
- 'access site reports'
- 'access toolbar'
- 'access user profiles'
- 'administer CAPTCHA settings'
- 'administer actions'
- 'administer blocks'
- 'administer ckeditor'
- 'administer comment blocks'
- 'administer comments'
- 'administer content translations'
- 'administer content types'
- 'administer custom username validation'
- 'administer features'
- 'administer fields'
- 'administer filters'
- 'administer honeypot'
- 'administer image styles'
- 'administer imce'
- 'administer languages'
- 'administer menu'
- 'administer modules'
- 'administer node expire'
- 'administer nodes'
- 'administer pathauto'
- 'administer permissions'
- 'administer recaptcha'
- 'administer rules'
- 'administer search'
- 'administer services'
- 'administer sharethis'
- 'administer shortcuts'
- 'administer site configuration'
- 'administer software updates'
- 'administer taxonomy'
- 'administer themes'
- 'administer url aliases'
- 'administer users'
- 'administer uuid'
- 'administer views'
- 'administer xmlsitemap'
- 'block IP addresses'
- 'bypass honeypot protection'
- 'bypass node access'
- 'bypass rules access'
- 'cancel account'
- 'change own username'
- 'create article content'
- 'create page content'
- 'create url aliases'
- 'customize ckeditor'
- 'customize shortcut links'
- 'delete any article content'
- 'delete any page content'
- 'delete own article content'
- 'delete own page content'
- 'delete revisions'
- 'delete terms in 1'
- 'display admin pages in another language'
- 'edit any article content'
- 'edit any page content'
- 'edit node expire'
- 'edit own article content'
- 'edit own comments'
- 'edit own page content'
- 'edit terms in 1'
- 'export nodes'
- 'export own nodes'
- 'generate features'
- 'get a system variable'
- 'get any binary files'
- 'get own binary files'
- 'import or export menu'
- 'manage features'
- 'notify of path changes'
- 'opt-in or out of tracking'
- 'override custom username validation'
- 'perform unlimited index queries'
- 'post comments'
- 'rename features'
- 'revert revisions'
- 'save file information'
- 'search content'
- 'select account cancellation method'
- 'services menu retrieve menu'
- 'set a system variable'
- 'skip CAPTCHA'
- 'skip comment approval'
- 'switch shortcut sets'
- 'translate admin strings'
- 'translate blocks'
- 'translate content'
- 'translate interface'
- 'translate user-defined strings'
- 'use PHP for tracking visibility'
- 'use PHP to import nodes'
- 'use advanced search'
- 'use all enabled languages'
- 'use ctools import'
- 'use text format filtered_html'
- 'use text format full_html'
- 'view own unpublished content'
- 'view revisions'
- 'view the administration theme'
permissions: {}
4 changes: 1 addition & 3 deletions drupal/site_config/user.role.anonymous.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,4 @@ permissions:
- 'access comments'
- 'access content'
- 'access site-wide contact form'
- 'search content'
- 'services menu retrieve menu'
- 'use text format filtered_html'

2 changes: 0 additions & 2 deletions drupal/site_config/user.role.authenticated.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,4 @@ permissions:
- 'access content'
- 'access site-wide contact form'
- 'post comments'
- 'search content'
- 'skip comment approval'
- 'use text format filtered_html'
57 changes: 0 additions & 57 deletions drupal/site_config/user.role.editor.yml
View file

This file was deleted.

24 changes: 0 additions & 24 deletions drupal/site_config/user.role.publisher.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,6 @@ permissions:
- 'access administration pages'
- 'access comments'
- 'access content overview'
- 'access draggableviews'
- 'access shortcuts'
- 'access taxonomy overview'
- 'access toolbar'
Expand All @@ -26,71 +25,49 @@ permissions:
- 'administer url aliases'
- 'administer user display'
- 'administer user form display'
- 'bypass protected submissions validation'
- 'create avoindata_article content'
- 'create avoindata_event content'
- 'create avoindata_guide_page content'
- 'create avoindata_servicemessage content'
- 'create content translations'
- 'create event content'
- 'create page content'
- 'create service_alert content'
- 'create terms in tags'
- 'create tutorial content'
- 'create url aliases'
- 'customize shortcut links'
- 'delete any article content'
- 'delete any avoindata_article content'
- 'delete any avoindata_event content'
- 'delete any avoindata_guide_page content'
- 'delete any avoindata_servicemessage content'
- 'delete any event content'
- 'delete any page content'
- 'delete any service_alert content'
- 'delete any tutorial content'
- 'delete content translations'
- 'delete own article content'
- 'delete own avoindata_article content'
- 'delete own avoindata_event content'
- 'delete own avoindata_guide_page content'
- 'delete own avoindata_servicemessage content'
- 'delete own event content'
- 'delete own page content'
- 'delete own service_alert content'
- 'delete own tutorial content'
- 'delete revisions'
- 'delete terms in tags'
- 'edit any article content'
- 'edit any avoindata_article content'
- 'edit any avoindata_event content'
- 'edit any avoindata_guide_page content'
- 'edit any avoindata_servicemessage content'
- 'edit any event content'
- 'edit any page content'
- 'edit any service_alert content'
- 'edit any tutorial content'
- 'edit own article content'
- 'edit own avoindata_article content'
- 'edit own avoindata_event content'
- 'edit own avoindata_guide_page content'
- 'edit own avoindata_servicemessage content'
- 'edit own comments'
- 'edit own event content'
- 'edit own page content'
- 'edit own service_alert content'
- 'edit own tutorial content'
- 'edit terms in tags'
- 'post comments'
- 'revert revisions'
- 'search content'
- 'translate avoindata_guide_page node'
- 'translate content'
- 'translate interface'
- 'translate page node'
- 'translate user-defined strings'
- 'update content translations'
- 'use text format basic_html'
- 'use text format filtered_html'
- 'use text format full_html'
- 'use text format ckeditor5'
- 'use text format restricted_html'
Expand All @@ -107,5 +84,4 @@ permissions:
- 'view own unpublished content'
- 'view page revisions'
- 'view page unpublished content'
- 'view revisions'
- 'view the administration theme'

0 comments on commit 504ed07

Please sign in to comment.