kanhaiya04
commented
7 months ago We can incorporate the condition userHasRoles(user, ['Manager']) when rendering the message.
I will create the PR soon if this approach suits well.
Open wesleybl opened 7 months ago
kanhaiya04
commented
7 months ago We can incorporate the condition userHasRoles(user, ['Manager']) when rendering the message.
I will create the PR soon if this approach suits well.
davisagli
commented
7 months ago @kanhaiya04 That doesn't sound like the right solution to me.
@wesleybl I think we should give users Site Administrators permission to run upgrade steps, rather than removing the message for them. The intent of the Site Administrator role is to allow all actions that affect a single Plone site, but prevent actions that could affect another Plone site in the same Zope instance. Does this sound right for your use case?
Also, whatever we decide, we should check for a permission rather than a role. This keeps things flexible, so that the permission can be assigned to different roles in the policy for a specific deployment. For example, if @wesleybl disagrees that Site Administrators should be able to do this for his deployment, he can simply remove the permission from the Site Administrator role.
For me, checking roles instead of permissions is always a sign of an incorrect design.
wesleybl
commented
7 months ago @davisagli I don't think the Site Administrator should have permission to run upgrade step. Whoever run the upgrade step must know what they are doing. Generally we give permission to Site Administrator, "common users", who do not have this knowledge. Upgrade steps can be time-consuming and must be performed in specific windows. Upgrade steps may require permissions that only the Manager has, such as creating an index in the catalog.
I also agree that verification should be by permission.
davisagli
commented
7 months ago @wesleybl I think a reasonable argument can be made for enabling it or disabling it for Site Administrators in different scenarios. It sounds like we at least agree on adding a permission to control it, which provides that flexibility. I'm okay with keeping the permission disabled by default.
davisagli
commented
7 months ago This is a medium-level task that requires changes in a number of places:
I'll move this issue to CMFPlone since the scope goes beyond just volto.
wesleybl
commented
7 months ago I think a reasonable argument can be made for enabling it or disabling it for Site Administrators in different scenarios.
@davisagli I think that whoever created an update step doesn't think "will the Site Administrator have permission to do this?"
Those who would give permission to the Site Administrator and those who create the upgrade are different people. Giving him permission and him receiving Unauthorized is not a smart solution.
Describe the bug On sites that lack the Plone upgrade step, the message
The site configuration is outdated and needs to be upgraded. Please continue with the upgrade.for a user with theSite Administratorrole.However, when clicking the link, a blank screen appears. I don't think the
Site Administratorhas permission to do this.To Reproduce Steps to reproduce the behavior:
Site Administratorrole.Site Setup(http://localhost:3000/controlpanel)Expected behavior Do not show the message to a
Site Administrator.Screenshots If applicable, add screenshots to help explain your problem.
Software (please complete the following information):