Admin Roles: Restrict ability to create and modify admin posts

Description

Admins with the superadmin, board, communications, or translation role should be able to post, edit, and delete admin posts.

Admins without those roles should:

  • not have the “Post AO3 News” option under “Admin Posts” in the admin navigation

  • not have “Edit Post” or “Delete Post” options on the news posts themselves

  • see the regular, non-admin version of the admin post index when following the “AO3 News” link under “About” in the main navigation, or otherwise attempting to access the URL for the admin posts index (https://test.archiveofourown.org/admin_posts)

  • be redirected and given an error message if they enter the URL to post (https://test.archiveofourown.org/admin_posts/new) or edit (https://test.archiveofourown.org/admin_posts/360/edit) an admin post in their browser

Activity

Show:
Alison Watson
July 16, 2020, 9:18 AM

Open Doors role

NO options to post ao3 news, edit or delete posts.

admin post list appears to be non-admin version

Accessing direct URLS redirects to front page with Sorry, only an authorized admin can access the page you were trying to reach.

Relle Veyér
July 17, 2020, 8:18 AM

Roles: Translation, Tag Wrangling

The “Post AO3 News” option appears in the navigation bar, the “Edit” and “Delete” buttons appear on news posts, and I see the admin version of the AO3 News page. Posting, editing, and deleting posts all works as expected.

Sammie Louise
July 17, 2020, 9:47 AM

Docs and Support roles

Menu item is to AO3 News, no option to post or edit

Attempts to URL hack either /new or /edit redirects to the Home page with a flash error saying that only authorized admins can access that page.

There are no buttons on the news posts themselves that shouldn’t be there.

redsummernight
July 19, 2020, 2:08 AM

This needs testing from admins with roles board and communications before ready.

Sarken
July 28, 2020, 11:32 PM

Jessie from Board:

  • I can create, edit and delete a news post

Claudia from Comms:

  • So far I seem to be able to do what's needed on the test account -- posting, editing, spam clearance, etc.

DeployedToBeta

Assignee

Elz J

Reporter

Elz J

Roadmap

Admin

Priority

Medium

Affects versions

Fix versions

Components

BackEnd

Difficulty

Medium

Required Access Level

Admin

Epic Link

Milestone

Internal 0.9
Configure