-
-
Notifications
You must be signed in to change notification settings - Fork 3.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[4.4] Fix Permissions for Manually Running Scheduled Tasks #36719
base: 4.4-dev
Are you sure you want to change the base?
[4.4] Fix Permissions for Manually Running Scheduled Tasks #36719
Conversation
- Explicitly disables the "run task" button on insufficient authorization. - Adds tooltip to give context on disabling.
…run-task-btn-on-no-auth-36677'
How can it make sense for a user to be able to create a new task and setup lazy loading etc but not be able to run the task directly |
Definitely, now that I think of it the creator should be able to run them manually as a default. I'll work on enabling that behavior before opening this PR. |
Possibly need a new permission for that "Edit own" |
Task creators should now be able to run them even if they do not have the `core.testrun` permission. The current permission checks should be reviewed.
* | ||
* @since __DEPLOY_VERSION__ | ||
*/ | ||
public static function isAuthorizedToRun(object $taskRecord, User $user): bool |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@brianteeman what do you think about this check?
We need this field in the authorization check. Begs the question, should we just get all fields?
This pull request has automatically rebased to 4.2-dev. |
This pull request has been automatically rebased to 4.3-dev. |
This pull request has been automatically rebased to 4.4-dev. |
Pull Request for Issue #36677.
Summary of Changes
Testing Instructions
Actual result BEFORE applying this Pull Request
There is no indication that the user is not authorized to run the task. The button is usable.
Expected result AFTER applying this Pull Request
The button is disabled. Reason for being disabled is available through a tooltip on hover.
Documentation Changes Required
N/A