Added a new role called 'GO Editor' (go_editor) which will be used

for handling GO specific content and configuration. Also added a new custom permission to the dpl_unilogin configuration route and enabled the permission for the new "GO Editor" role. Lastly we removed the "Bypass content access control" permission, and instead added specific content access permissions for each content type to each role.
danskernesdigitalebibliotek · Jan 14, 2025 · 5d3567d · 5d3567d
1 parent bf59a00
commit 5d3567d
Show file tree

Hide file tree

Showing 10 changed files with 188 additions and 41 deletions.
diff --git a/config/sync/administerusersbyrole.settings.yml b/config/sync/administerusersbyrole.settings.yml
@@ -9,3 +9,4 @@ roles:
   external_system: safe
   bnf_graphql_client: unsafe
   go_graphql_client: unsafe
+  go_editor: unsafe
diff --git a/config/sync/system.action.user_add_role_action.go_editor.yml b/config/sync/system.action.user_add_role_action.go_editor.yml
@@ -0,0 +1,14 @@
+uuid: 898ac13b-ae50-4933-b48b-73253f6b6275
+langcode: en
+status: true
+dependencies:
+  config:
+    - user.role.go_editor
+  module:
+    - user
+id: user_add_role_action.go_editor
+label: 'Add the GO Editor role to the selected user(s)'
+type: user
+plugin: user_add_role_action
+configuration:
+  rid: go_editor
diff --git a/config/sync/system.action.user_remove_role_action.go_editor.yml b/config/sync/system.action.user_remove_role_action.go_editor.yml
@@ -0,0 +1,14 @@
+uuid: 1cac38fa-25f6-4dbe-94fd-dbc268990be6
+langcode: en
+status: true
+dependencies:
+  config:
+    - user.role.go_editor
+  module:
+    - user
+id: user_remove_role_action.go_editor
+label: 'Remove the GO Editor role from the selected user(s)'
+type: user
+plugin: user_remove_role_action
+configuration:
+  rid: go_editor
diff --git a/config/sync/user.role.administrator.yml b/config/sync/user.role.administrator.yml
@@ -6,13 +6,13 @@ dependencies:
     - filter.format.basic
     - filter.format.limited
     - filter.format.underlined_title
+    - media.type.audio
     - media.type.document
     - media.type.image
     - media.type.video
     - node.type.article
     - node.type.branch
     - node.type.campaign
-    - node.type.go_page
     - node.type.page
     - rest.resource.dpl_opening_hours_create
     - rest.resource.dpl_opening_hours_delete
@@ -125,18 +125,17 @@ permissions:
   - 'administer webform element access'
   - 'administer webform submission'
   - 'break content lock'
-  - 'bypass node access'
   - 'cancel users by role'
   - 'change own username'
   - 'clone eventinstance entity'
   - 'clone eventseries entity'
   - 'clone eventseries_type entity'
   - 'clone node entity'
   - 'create article content'
+  - 'create audio media'
   - 'create branch content'
   - 'create campaign content'
   - 'create document media'
-  - 'create go_page content'
   - 'create image media'
   - 'create media'
   - 'create page content'
@@ -152,11 +151,11 @@ permissions:
   - 'create webform'
   - 'delete all revisions'
   - 'delete any article content'
+  - 'delete any audio media'
   - 'delete any branch content'
   - 'delete any campaign content'
   - 'delete any document media'
   - 'delete any file'
-  - 'delete any go_page content'
   - 'delete any image media'
   - 'delete any media'
   - 'delete any page content'
@@ -168,19 +167,18 @@ permissions:
   - 'delete campaign revisions'
   - 'delete eventinstance entity'
   - 'delete eventseries entity'
-  - 'delete go_page revisions'
   - 'delete links in admin menu'
   - 'delete links in main menu'
   - 'delete media'
   - 'delete orphan revisions'
   - 'delete own article content'
+  - 'delete own audio media'
   - 'delete own branch content'
   - 'delete own campaign content'
   - 'delete own document media'
   - 'delete own eventinstance entity'
   - 'delete own eventseries entity'
   - 'delete own files'
-  - 'delete own go_page content'
   - 'delete own image media'
   - 'delete own page content'
   - 'delete own video media'
@@ -197,10 +195,10 @@ permissions:
   - 'dpl admin access pages'
   - 'edit admin menu'
   - 'edit any article content'
+  - 'edit any audio media'
   - 'edit any branch content'
   - 'edit any campaign content'
   - 'edit any document media'
-  - 'edit any go_page content'
   - 'edit any image media'
   - 'edit any page content'
   - 'edit any video media'
@@ -212,12 +210,12 @@ permissions:
   - 'edit links in main menu'
   - 'edit main menu'
   - 'edit own article content'
+  - 'edit own audio media'
   - 'edit own branch content'
   - 'edit own campaign content'
   - 'edit own document media'
   - 'edit own eventinstance entity'
   - 'edit own eventseries entity'
-  - 'edit own go_page content'
   - 'edit own image media'
   - 'edit own page content'
   - 'edit own video media'
@@ -246,7 +244,6 @@ permissions:
   - 'revert all revisions'
   - 'revert article revisions'
   - 'revert campaign revisions'
-  - 'revert go_page revisions'
   - 'revert page revisions'
   - 'role-assign users by role'
   - 'schedule publishing of eventseries'
@@ -261,11 +258,13 @@ permissions:
   - 'view admin menu in menu list'
   - 'view all media revisions'
   - 'view all revisions'
-  - 'view any unpublished content'
+  - 'view any unpublished article content'
+  - 'view any unpublished branch content'
+  - 'view any unpublished campaign content'
+  - 'view any unpublished page content'
   - 'view any webform submission'
   - 'view article revisions'
   - 'view campaign revisions'
-  - 'view go_page revisions'
   - 'view main menu in menu list'
   - 'view own unpublished content'
   - 'view own unpublished media'

diff --git a/config/sync/user.role.editor.yml b/config/sync/user.role.editor.yml
@@ -6,13 +6,13 @@ dependencies:
     - filter.format.basic
     - filter.format.limited
     - filter.format.underlined_title
+    - media.type.audio
     - media.type.document
     - media.type.image
     - media.type.video
     - node.type.article
     - node.type.branch
     - node.type.campaign
-    - node.type.go_page
     - node.type.page
     - rest.resource.dpl_opening_hours_create
     - rest.resource.dpl_opening_hours_delete
@@ -72,17 +72,16 @@ permissions:
   - 'administer nodes'
   - 'administer redirects'
   - 'break content lock'
-  - 'bypass node access'
   - 'change own username'
   - 'clone eventinstance entity'
   - 'clone eventseries entity'
   - 'clone eventseries_type entity'
   - 'clone node entity'
   - 'create article content'
+  - 'create audio media'
   - 'create branch content'
   - 'create campaign content'
   - 'create document media'
-  - 'create go_page content'
   - 'create image media'
   - 'create media'
   - 'create page content'
@@ -95,10 +94,10 @@ permissions:
   - 'create webform'
   - 'delete all revisions'
   - 'delete any article content'
+  - 'delete any audio media'
   - 'delete any branch content'
   - 'delete any campaign content'
   - 'delete any document media'
-  - 'delete any go_page content'
   - 'delete any image media'
   - 'delete any media'
   - 'delete any page content'
@@ -108,17 +107,16 @@ permissions:
   - 'delete campaign revisions'
   - 'delete eventinstance entity'
   - 'delete eventseries entity'
-  - 'delete go_page revisions'
   - 'delete links in main menu'
   - 'delete media'
   - 'delete own article content'
+  - 'delete own audio media'
   - 'delete own branch content'
   - 'delete own campaign content'
   - 'delete own document media'
   - 'delete own eventinstance entity'
   - 'delete own eventseries entity'
   - 'delete own files'
-  - 'delete own go_page content'
   - 'delete own image media'
   - 'delete own page content'
   - 'delete own video media'
@@ -131,10 +129,10 @@ permissions:
   - 'delete terms in webform_email_categories'
   - 'dpl admin access pages'
   - 'edit any article content'
+  - 'edit any audio media'
   - 'edit any branch content'
   - 'edit any campaign content'
   - 'edit any document media'
-  - 'edit any go_page content'
   - 'edit any image media'
   - 'edit any page content'
   - 'edit any video media'
@@ -144,12 +142,12 @@ permissions:
   - 'edit links in main menu'
   - 'edit main menu'
   - 'edit own article content'
+  - 'edit own audio media'
   - 'edit own branch content'
   - 'edit own campaign content'
   - 'edit own document media'
   - 'edit own eventinstance entity'
   - 'edit own eventseries entity'
-  - 'edit own go_page content'
   - 'edit own image media'
   - 'edit own page content'
   - 'edit own video media'
@@ -168,7 +166,6 @@ permissions:
   - 'revert all revisions'
   - 'revert article revisions'
   - 'revert campaign revisions'
-  - 'revert go_page revisions'
   - 'revert page revisions'
   - 'schedule publishing of eventseries'
   - 'schedule publishing of nodes'
@@ -179,10 +176,12 @@ permissions:
   - 'use text format underlined_title'
   - 'view all media revisions'
   - 'view all revisions'
-  - 'view any unpublished content'
+  - 'view any unpublished article content'
+  - 'view any unpublished branch content'
+  - 'view any unpublished campaign content'
+  - 'view any unpublished page content'
   - 'view article revisions'
   - 'view campaign revisions'
-  - 'view go_page revisions'
   - 'view main menu in menu list'
   - 'view own unpublished content'
   - 'view own unpublished media'

diff --git a/config/sync/user.role.go_editor.yml b/config/sync/user.role.go_editor.yml
@@ -0,0 +1,114 @@
+uuid: d2a6c001-46cd-440d-8efd-ff5499ebdee6
+langcode: en
+status: true
+dependencies:
+  config:
+    - filter.format.basic
+    - filter.format.limited
+    - filter.format.underlined_title
+    - media.type.audio
+    - media.type.document
+    - media.type.image
+    - media.type.video
+    - node.type.go_category_page
+    - node.type.go_page
+    - node.type.page
+  module:
+    - administerusersbyrole
+    - content_lock
+    - dpl_admin
+    - dpl_unilogin
+    - entity_clone
+    - field_inheritance
+    - file
+    - filter
+    - media
+    - node
+    - paragraphs
+    - redirect
+    - scheduler
+    - system
+    - toolbar
+    - view_unpublished
+id: go_editor
+label: 'GO Editor'
+weight: 11
+is_admin: null
+permissions:
+  - 'access administration pages'
+  - 'access content overview'
+  - 'access media overview'
+  - 'access toolbar'
+  - 'access user profiles'
+  - 'access users overview'
+  - 'administer entity field inheritance'
+  - 'administer nodes'
+  - 'administer redirects'
+  - 'administer unilogin settings'
+  - 'break content lock'
+  - 'change own username'
+  - 'clone node entity'
+  - 'create audio media'
+  - 'create document media'
+  - 'create go_category_page content'
+  - 'create go_page content'
+  - 'create image media'
+  - 'create media'
+  - 'create video media'
+  - 'delete all revisions'
+  - 'delete any audio media'
+  - 'delete any document media'
+  - 'delete any go_category_page content'
+  - 'delete any go_page content'
+  - 'delete any image media'
+  - 'delete any media'
+  - 'delete any video media'
+  - 'delete go_category_page revisions'
+  - 'delete go_page revisions'
+  - 'delete media'
+  - 'delete own audio media'
+  - 'delete own document media'
+  - 'delete own files'
+  - 'delete own go_category_page content'
+  - 'delete own go_page content'
+  - 'delete own image media'
+  - 'delete own video media'
+  - 'dpl admin access pages'
+  - 'edit any audio media'
+  - 'edit any document media'
+  - 'edit any go_category_page content'
+  - 'edit any go_page content'
+  - 'edit any image media'
+  - 'edit any video media'
+  - 'edit own audio media'
+  - 'edit own document media'
+  - 'edit own go_category_page content'
+  - 'edit own go_page content'
+  - 'edit own image media'
+  - 'edit own video media'
+  - 'revert all revisions'
+  - 'revert go_category_page revisions'
+  - 'revert go_page revisions'
+  - 'schedule publishing of eventseries'
+  - 'schedule publishing of nodes'
+  - 'update any media'
+  - 'update media'
+  - 'use text format basic'
+  - 'use text format limited'
+  - 'use text format underlined_title'
+  - 'view all media revisions'
+  - 'view all revisions'
+  - 'view any unpublished go_category_page content'
+  - 'view any unpublished go_page content'
+  - 'view go_category_page revisions'
+  - 'view go_page revisions'
+  - 'view own unpublished content'
+  - 'view own unpublished media'
+  - 'view page revisions'
+  - 'view scheduled content'
+  - 'view scheduled eventseries'
+  - 'view scheduled media'
+  - 'view scheduled taxonomy_term'
+  - 'view the administration theme'
+  - 'view unpublished paragraphs'
+  - 'view users by role'