[4.4] Fix Permissions for Manually Running Scheduled Tasks #36719
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- Explicitly disables the "run task" button on insufficient authorization. - Adds tooltip to give context on disabling.
…run-task-btn-on-no-auth-36677'
|
How can it make sense for a user to be able to create a new task and setup lazy loading etc but not be able to run the task directly |
Definitely, now that I think of it the creator should be able to run them manually as a default. I'll work on enabling that behavior before opening this PR. |
|
Possibly need a new permission for that "Edit own" |
Task creators should now be able to run them even if they do not have the `core.testrun` permission. The current permission checks should be reviewed.
ditsuke
commented
Jan 17, 2022
| * | ||
| * @since __DEPLOY_VERSION__ | ||
| */ | ||
| public static function isAuthorizedToRun(object $taskRecord, User $user): bool |
There was a problem hiding this comment.
@brianteeman what do you think about this check?
We need this field in the authorization check. Begs the question, should we just get all fields?
|
This pull request has automatically rebased to 4.2-dev. |
|
This pull request has been automatically rebased to 4.3-dev. |
|
This pull request has been automatically rebased to 4.4-dev. |
HLeithner
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Pull Request for Issue #36677.
Summary of Changes
Testing Instructions
Actual result BEFORE applying this Pull Request
There is no indication that the user is not authorized to run the task. The button is usable.
Expected result AFTER applying this Pull Request
The button is disabled. Reason for being disabled is available through a tooltip on hover.
Documentation Changes Required
N/A