Nearly a year ago, I wrote a blog called "Drupal Permissions Done Right". I received a lot of excellent feedback and at the end of it I promised to release a module which would make managing permissions in Drupal 8 more sane based on the principles the post outlined. Today, I'd like to announce that module and explain a little bit about it.
Where Drupal Permissions Fall Short
Before I explain the module, we should explain the problem it tries to solve. I think the Drupal community has been mis-configuring our permissions for years. We look at the site we're building and realize that we have a few core personas, like "journalist" or "editor" and we make Drupal roles that match those business titles. This means that we often need to duplicate permissions across roles and it quickly becomes difficult to tweak, debug, and extend these roles when business requirements change.
The original blog post I wrote encourages you to instead make many small, discrete roles which can be composed together into the business "roles" we have. Doing so removes the need to duplicate permissions and means that we no longer need to be concerned with every single permission for every single role type we have. I think Drupal core exacerbates the problem by exposing newcomers to the default "Content Editor" role, which does far more than just "edit content".
The strategy of making many small, composable roles works out of the box with Drupal—but it requires that we assign lots of roles to every user individually. To make site administration easier, we really would like to bundle permissions into high level names like "journalist" or "intern" when building a site. So, how do we reconcile the need for easy-to-understand roles with the efficiency of small, composable roles?
Drupal Permissions Simplified: User Personas
Enter the User Personas module. It's a simple module layered on top of Drupal's permissions and roles system.
Personas are a lot like Drupal's roles, they're just one level higher. They allow you to bundle roles together and then assign those bundles of roles to users as a set. Under the hood, the module just saves the appropriate roles to the user entity when the user is saved and so it works just fine with contrib and core. To all other code, nothing is different, they can continue to use permissions and roles as if personas don't exist at all (in fact, your code should too).
To give you a simple use case as an example: we have been working with the National Center for Women & Information Technology (NCWIT) to build an event planning and management platform called AspireIT. The application lets young women and girls host extracurricular events (called programs) to teach a new generation of girls about coding and technology. These young women from all over the country partner with adults in the tech industry to run their programs. When building the application, we imagined these users falling into two personas: Program Leader (the young woman creating the event), and Program Partner (the adult providing financial or practical support).
The process of creating and managing a program needed to be a collaborative effort between Program Leaders and Program Partners. This meant that many of their permissions would be the same, but they did differ in subtle ways. One major difference was that a Program Partner shouldn’t be able to create programs—they join the process after a Program Leader gets things started. However, they should be allowed to edit the program node along the way.
I used the User Personas module to create a persona for each of these user types: Program Leader and Program Partner. I then created two Drupal roles, a Program Creator role and a Program Editor role. I could assign the Program Editor role to both personas while assigning the Program Creator role to the Program Leader persona alone. This way I’ll rarely (if ever) need to duplicate permissions across roles, instead permissions are simply shared by sharing roles between User Personas.
I’ve used this module in a few projects so far, and the User Personas abstraction seems to hold across different use cases. I don't think I'll go back to doing permissions any other way.
The User Personas module is still in alpha and I'd love for you to download it and take it for a spin. If you do, please use the issue queue to make suggestions for where it can be improved (and maybe submit a patch! 😉) and, of course, report any bugs. There are still a couple of opportunities for improvement, for example, once you create many roles the performance of the global permissions page starts to degrade rapidly (the performance of the rest of the site is unaffected). Frankly, I'd like to rethink the need for the permissions table altogether, as it seems to discourage small, discrete roles. But before doing something so drastic, I'd like others' input. I wouldn't want users of the module to be frightened off because it appears to change the way core operates.
I hope that you find the module useful. So, please download it, install it, and let me know what you think!