62 lines
2.4 KiB
YAML
62 lines
2.4 KiB
YAML
uuid:
|
|
- value: ff9b4282-001a-49f2-8c8a-b0b00cf1777f
|
|
langcode:
|
|
- value: en
|
|
type:
|
|
- target_id: daily_email
|
|
target_type: node_type
|
|
target_uuid: 8bde1f2f-eef9-4f2d-ae9c-96921f8193d7
|
|
revision_timestamp:
|
|
- value: '2025-07-30T21:26:08+00:00'
|
|
revision_uid:
|
|
- target_type: user
|
|
target_uuid: b8966985-d4b2-42a7-a319-2e94ccfbb849
|
|
revision_log: { }
|
|
status:
|
|
- value: true
|
|
uid:
|
|
- target_type: user
|
|
target_uuid: b8966985-d4b2-42a7-a319-2e94ccfbb849
|
|
title:
|
|
- value: 'Drupal roles are layerable'
|
|
created:
|
|
- value: '2025-07-25T21:24:38+00:00'
|
|
changed:
|
|
- value: '2025-07-30T21:26:08+00:00'
|
|
promote:
|
|
- value: false
|
|
sticky:
|
|
- value: false
|
|
default_langcode:
|
|
- value: true
|
|
revision_translation_affected:
|
|
- value: true
|
|
path:
|
|
- alias: ''
|
|
pid: null
|
|
langcode: en
|
|
body:
|
|
- value: |-
|
|
A common issue I see on Drupal websites is that [users have too many permissions][1].
|
|
|
|
They are often given a role like an Administrator that gives them too many options - sometimes introducing a security risk or the possibility of [taking a website down accidentally][0].
|
|
|
|
A thing about Drupal roles is that they are layerable.
|
|
|
|
A user can have multiple roles and get the combined permissions from each role.
|
|
|
|
So why not have a number of small specific roles and assign them to users as needed, rather than a small number of larger roles that give too much?
|
|
|
|
[0]: /daily/2025/07/24/permissions-issue-took-down-website
|
|
[1]: /daily/2025/07/23/its-hard-take-things-away
|
|
format: markdown
|
|
processed: |
|
|
<p>A common issue I see on Drupal websites is that <a href="http://localhost:8888/daily/2025/07/23/its-hard-take-things-away">users have too many permissions</a>.</p>
|
|
<p>They are often given a role like an Administrator that gives them too many options - sometimes introducing a security risk or the possibility of <a href="http://localhost:8888/daily/2025/07/24/permissions-issue-took-down-website">taking a website down accidentally</a>.</p>
|
|
<p>A thing about Drupal roles is that they are layerable.</p>
|
|
<p>A user can have multiple roles and get the combined permissions from each role.</p>
|
|
<p>So why not have a number of small specific roles and assign them to users as needed, rather than a small number of larger roles that give too much?</p>
|
|
summary: ''
|
|
field_daily_email_cta:
|
|
- target_type: node
|
|
target_uuid: 2a6bc8bd-a1e0-4f62-8112-47c3107020c5
|