Role Provisioner: Drupal 7 role and permission management

Published on Sunday 1, March 2015

If there's one thing we've all grown to encounter in Drupal it has, and probably will always be, configuration management. Drupal 8 is looking to solve a lot of that. However a lot of us don't live in the Drupal 8 world and can't sit and wait for that "magical" day. Features gives us a lot of functionality, but after a certain point Features either breaks down or becomes too cumbersome to manage.

So that's why I created Role Provisioner. Role provisioner allows you to define roles the same way you would in Drupal 8 - a YAML file formatted user.role.ROLENAME.yml. The benefit is that you can also define the permissions granted to that role - which I don't think is allowed in Drupal 8. The module provides a base class that is intended to be extended through your implementation. That means you just need to write the YAMLs and extend that class to point to your configuration directory and what role configurations to load.

Here's an example of what a site editor role configuration may look like

# Filename: user.role.site-editor.yml --- name: site editor weight: "3" permissions: access content: true administer nodes: true access administrative pages: true access toolbar: true

That's it! The permissions array accepts true or false. The provisioner utilizes user_role_change_permissions() so that permissions can easily be revoked in the future (or guranteed revoked.)

Then you'd need to tell your class to load this configuration in its constructor method.

public function __construct() { parent::__construct(); $this->loadConfig('site-editor'); }

I've written a test to go along with the module, which provides a good example of implementing this module: https://github.com/mglaman/role_provisioner/tree/7.x-1.x/lib/Drupal/rol….

Links