Skip to content

Permission system improvements and new permission keys#3396

Merged
admdly merged 32 commits intomainfrom
feature/improved_permissions
Apr 15, 2026
Merged

Permission system improvements and new permission keys#3396
admdly merged 32 commits intomainfrom
feature/improved_permissions

Conversation

@yagiz-dev
Copy link
Copy Markdown
Member

@yagiz-dev yagiz-dev commented Apr 7, 2026
edited
Loading

System improvements

  • Decoupled hide_permissions and can_always_access. Previously, setting either of them would grant automatic full access to the module that couldn't be disabled at all.
    • What should have been was that can_always_access would be used to grant everyone access but hide_permissions should only be used to hide permissions for modules like Branding where you don't actually have anything to guard.
  • Implemented per-request caching for staff permissions

New Twig function

  • Created a new has_permission Twig function so we can safely leave out parts of the UI that the user isn't authenticated for.
    • This allows us to hide tabs/parts of the UI dynamically
    • Also allows us not to make calls to the API where the user doesn't have access to, so we don't end up getting a full-page exception that prevents rendering anything
{% if has_permission('client', 'create') %} {# Check for a permission key #}
{% if has_permission('client') %} {# Check for module access #}

New permission keys

Created ~25 new permission keys. I think the Client and System ones are especially beneficial to control granular access.

  • Client
    • create
    • edit_profile
    • impersonate_login
    • manage_api_keys
    • change_password
    • manage_balance
    • view_login_history
    • manage_groups
    • delete
    • bulk_delete
    • export
  • System
    • update_params
    • recheck_update
    • toggle_error_reporting
  • Currency
    • create
    • edit
    • delete
    • set_default
    • update_rates
  • Redirect
    • create_and_edit
    • delete
  • Hook
    • manage_hooks
    • trigger_hooks

@yagiz-dev yagiz-dev changed the title Correct hide_permissions behavior and introduce new permission keys Permission system improvements and new permission keys Apr 8, 2026
@yagiz-dev yagiz-dev marked this pull request as ready for review April 8, 2026 11:02
@yagiz-dev yagiz-dev requested a review from Copilot April 8, 2026 11:02

This comment was marked as outdated.

Sign in to view

@yagiz-dev yagiz-dev force-pushed the feature/improved_permissions branch from b2b8b9e to d4513b1 Compare April 8, 2026 22:13
@yagiz-dev yagiz-dev requested a review from admdly April 8, 2026 22:15
@yagiz-dev yagiz-dev self-assigned this Apr 8, 2026
@admdly admdly requested a review from Copilot April 11, 2026 01:58

This comment was marked as outdated.

Sign in to view

@admdly admdly force-pushed the feature/improved_permissions branch from 0b76ffa to 2b81dec Compare April 15, 2026 15:32
@admdly admdly force-pushed the feature/improved_permissions branch from 2b81dec to f595a62 Compare April 15, 2026 15:40
@admdly
Copy link
Copy Markdown
Contributor

admdly commented Apr 15, 2026

Removing hide_permissions => true and adding explicit manage_hooks/trigger_hooks permissions creates a breaking change for existing installations.

All staff members could access hooks since permissions were hidden; now they need explicit grants. Non-admin staff will lose hook access until an admin grants these new permission keys. Maybe this is intentional? Should we not document the change or migrate existing permissions?

@yagiz-dev
Copy link
Copy Markdown
Member Author

yagiz-dev commented Apr 15, 2026

Removing hide_permissions => true and adding explicit manage_hooks/trigger_hooks permissions creates a breaking change for existing installations.

It's intentional. It wasn't hidden behind a permission key like before, just like every other permission key introduced with this PR.

In theory they should just lose view access and the ability to manually trigger hooks via API. Which can be easily reinstated if wanted.

I don't think this disables hooks entirely for the user, but we should check and verify that in any case.

@admdly admdly requested a review from Copilot April 15, 2026 17:13

This comment was marked as outdated.

Sign in to view

@admdly admdly force-pushed the feature/improved_permissions branch from b9b7b13 to 082e4d7 Compare April 15, 2026 17:29
admdly
admdly approved these changes Apr 15, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@admdly admdly left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM - incorporated some small corrections (as I know you're busy) and agreed code to get this ready to merge.

@admdly admdly merged commit f2ccbf4 into main Apr 15, 2026
21 checks passed
@admdly admdly deleted the feature/improved_permissions branch April 15, 2026 17:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@admdly admdly admdly approved these changes

@BelleNottelling BelleNottelling Awaiting requested review from BelleNottelling

Assignees

@yagiz-dev yagiz-dev

Labels

admin-panel API installer library modules security tests/CI

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@yagiz-dev @admdly