[UX] New Permission to Configure Book Module

[stpaultim]

Description of the bug

In testing another permissions related PR (#3638) for the Book module, I discovered that in order to give a user permission to configure the book module and view a list of available books, one must have the "Administer Site Configuration" permission.

Steps To Reproduce

To reproduce the behavior:

1. Give the editor role all permissions related to the Book module
2. Login as an editor and navigate to '/admin/content/book'
3. Note that the tabs for "List" and "Settings" are not available.
4. Give the Editor the permission for "Administer Site Configuration" and note that they have access to these settings.

Actual behavior

That one needs a very comprehensive and potentially dangerous permission to simply view and administrative list of available books.

In order to manage settings for the book module one needs very wide spread access to site configuration.

Expected behavior

I would expect that there is a more focused permission such as "Administer books" that allows one to manage the book settings without having access to such a broad permission as "Administer Site Configuration."

UPDATED: Originally, I thought this issue also addressed the ability to simply list and reorder books. BUT, since this is not the case, this issue seems less important and I'm questioning whether or not the costs of adding a new permission are worth the benefits.

Additional information

These are all existing permissions that seem to be on the same level of one for "Administer books" would be:

Access the manage files overview
Administer text formats and filters
Administer text formats and filters

Current permissions for Book Module.

Alternatives

Even if there is reason to keep the "settings" tab under more restrictive permissions, I think the list tab should be easier to access. We could just assign it to the existing permission for Administer book outlines. The problem with this might be in terms of Backward compatibility.

Can we give an existing permission access to something that it did not have access to in the past?
By creating a new permission, I think we are avoiding these potential backward compatibility problems.

[stpaultim]

@herbdool You know the book module pretty well. Am I missing something here?

Maybe there is a reason for this restrictive permission that I'm not thinking of.

[herbdool]

Actually the "List" tab is the same as admin/content/book. So the editor doesn't need that permission to see the books. This is normal behavior for secondary tabs. If there's only one tab available then it's not shown. I've tested with an editor role and confirmed what I'm saying. They can still see all books and reorder them.

[stpaultim]

@herbdool I'm feeling a bit silly right now, because you are absolutely correct that the list of books is visible. I was thrown by the fact that the tab was not visible, which it does not need to be if it's the only tab.

So, that is NOT an issue.

In regards to the other "Settings", it does seem overly restrictive to limit those to such an all encompassing permission. BUT, I understand that the permission page is already busy enough and that the likelihood of someone needing permission to adjust Book Module settings without having the much broader permission is probably not that great.

So, maybe it's not worth a new permission. I'll leave this open for a while to see if anyone else has thoughts on it.

I updated the original post to reflect the new and narrower scope of this issue.

[avpaderno]

I can understand why admin/content/book/list is accessible to people who have the administer book outlines permission and admin/content/book/settings is accessible to people who have the administer site configuration permission. (It is a page with settings that can be considered part of the site configuration.)

It makes sense, as people who reach admin/content/book have the administer book outlines permission; people who see the Settings tab also have the administer site configuration permission.
Still, people who can change book outline settings have the permission to change any site configuration. administer site configuration seems a too broad permission to give to people just to let them set which content types can be used in books.

I would use the administer book outlines permission for both the tabs, as changing the book outline settings is still a task for somebody who administer book outlines.
I understand this would not be a backward-compatible change: Sites using books would need to change the permissions given to each role. A contributed module could change the permissions necessary to access these tabs.

[herbdool]

I wouldn't use the permission for both tabs because a user account which could move pages around in a book should not necessarily have permission to also allow more or fewer content types to be considered books. Plus we're likely adding another setting which should be admin only.