Feedback regarding NodeTreePrivilege.
I think it is somewhat limiting that NodeTreePrivilege inherits from EditNodePrivilege. I can see a case where I want exclude nodes from the tree but want to grant edit rights through a backend module.
Currently this requires the backend module to disable security check for saving the node. This is of course far from optimal.
Would love to hear your opinion
Good point. Unfortunately it wouldn’t be possible to change that without breaking backwards compatibility. But you can always create your own
I just had a call with @sebastian regarding a case where the current implementation is a problem.
In our case, we use the
NodeTreePrivilege the restrict access to different sites within the installation.
At the same time, we want to use the
EditNodePrivilege to restrict access to certain node types, e.g. allowing editing a certain node type only for adminstrators.
In this case, the less specific
NodeTreePrivilege wins, thus allowing editing even if the
EditNodePrivilege for a certain node type is not granted.
Uncoupling the two privileges would help in this situation and also allow to differentiate between granting read-only access and edit access to the Node tree.