Skip to main content

Role Provisioner: Drupal 7 role and permission management

Published on

If there's one thing we've all grown to encounter in Drupal it has, and probably will always be, configuration management. Drupal 8 is looking to solve a lot of that. However a lot of us don't live in the Drupal 8 world and can't sit and wait for that "magical" day. Features gives us a lot of functionality, but after a certain point Features either breaks down or becomes too cumbersome to manage.

So that's why I created Role Provisioner. Role provisioner allows you to define roles the same way you would in Drupal 8 - a YAML file formatted user.role.ROLENAME.yml. The benefit is that you can also define the permissions granted to that role - which I don't think is allowed in Drupal 8. The module provides a base class that is intended to be extended through your implementation. That means you just need to write the YAMLs and extend that class to point to your configuration directory and what role configurations to load.

Here's an example of what a site editor role configuration may look like

# Filename: user.role.site-editor.yml
---
name: site editor
weight: "3"
permissions:
  access content: true
  administer nodes: true
  access administrative pages: true
  access toolbar: true

That's it! The permissions array accepts true or false. The provisioner utilizes user_role_change_permissions() so that permissions can easily be revoked in the future (or guranteed revoked.)

Then you'd need to tell your class to load this configuration in its constructor method.

  public function __construct() {
    parent::__construct();
    $this->loadConfig('site-editor');
  }

I've written a test to go along with the module, which provides a good example of implementing this module: https://github.com/mglaman/role_provisioner/tree/7.x-1.x/lib/Drupal/rol….

Links

 

#