Advanced permissions system with Groups

Jan Zavrl

Drupal Dev Days Ghent, April 2022

Jan Zavrl

Full stack developer

Senior Drupal developer at NDP

Acquia certified Drupal 8 Grand Master

@jnzavrl | jzavrl | janzavrl.me

@ndp_studio | ndp-studio.com

Advanced permissions system with Groups, London, March 2020

But, Groups has that built in?

Advanced permissions system with Groups, London, March 2020

One step at a

time

• Being able to set entity type level permissions in Groups
• Entity level access
• List level access
• Special cases
• Managing all components

Advanced permissions system with Groups, London, March 2020

Allowing new entities in Groups

• Using GroupContentEnabler plugin
• Providing a system to easily add new entities

Advanced permissions system with Groups, London, March 2020

Entity level

access

• View, update and delete actions on entities
• Overriding the existing Access Control Handlers

Advanced permissions system with Groups, London, March 2020

List level

access

• Entity level access would prevent from viewing
• Queries need to be altered to remove the unaccessible entities all together

Advanced permissions system with Groups, London, March 2020

There will always be special cases

• Allow or special cases in permission logic
• Allow other modules to implement their special cases
• Custom plugin manager and type

Advanced permissions system with Groups, London, March 2020

One manager to rule them all

• Service manager to manage all components and logic

Advanced permissions system with Groups, London, March 2020

Putting everything together

Advanced permissions system with Groups, London, March 2020

@jnzavrl | jzavrl | janzavrl.me

@ndp_studio | ndp-studio.com

Questions, comments?

Feel free to give me a nudge outside.

Thank you

Advanced permissions system with Groups, London, March 2020