Drupal 8 promised to make website management a piece of cake, and it is fulfilling its promise! Indeed, it has plenty of useful modules to do this, like the Inline Entity Form to work with entities, the Group to manage group permissions, the Rules and the Workbench Moderation to optimize a website’s workflow, the Webform to build online forms, and many more. Today, we’ll discuss one of them that brings order to handling user roles and permissions — the User Personas module in Drupal 8, which is under active development right now.
The User Personas Drupal 8 module and its essence
Each of us has many roles in life, which may change with time. However, we are personalities above all, and we are unique. Although real life and Drupal websites are different things, this is close to the philosophy of the User Personas module in Drupal 8.
Drupal has user roles, which define who can do what on a certain site. The practice shows that the most frequently used Drupal website roles, assigned to almost anyone in any team, are Content Administrator and Content Editor. The difference is checking or unchecking certain permissions that are duplicated for every role.
What is this for? This allows you to create more accurate sets of responsibilities that meet unique job descriptions for any team member. It also lets you avoid the muddle with duplicated permissions and enhances security. Let’s discover more details.
User personas: what they are and what they do
User personas are a level higher than roles — they are actually sets, or bundles, of roles. Each role, in its turn, comes equipped with its own set of permissions.
You can create personas and assign specific roles to them. Personas can refer to single users or their groups. In addition, different personas can share roles.
More accuracy due to treating roles as responsibilities
One of the most important points in the User Personas ideology is to stop treating roles as people’s jobs and start treating them as responsibilities instead. Roles should not describe who people are but rather what people do, i.e., they should be more specific and single-purpose.
OK, let’s imagine a persona called “Reader” and what they should be able to do. Logically, they should be allowed to read and probably comment on the content. So it’s worth giving them the “Viewer” and “Commentator” roles, which, in their turn, should include the permissions for viewing the comments, editing their own comments and posting their own comments. A very clean approach! This is an example Gabe Sullice gave in his article about the User Personas module (which he continued describing in the new version of the article). He also suggested another helpful module to assign roles to new users called Auto Assign Role.
Putting an end to endless permission checkboxes
Working with traditional Drupal roles, a website administrator has the tedious task of managing checkboxes with permissions that have to be duplicated again and again. This involves security risks, makes bugs harder to find, and makes human error more likely to occur.
The User Personas module for Drupal 8 solves this issue and frees you from these endless checkboxes with permission duplicates. Permissions will be simply shared when sharing roles.
Better not try this on live websites ;)
User personas do not interfere with anything on your website: when a set of roles is assigned to a user entity, everything else can work as usual. However, you should not install user personas directly on a live website because the roles are reset then. Be careful with it.
That’s how the User Personas module in Drupal 8 works. Indeed, user personas are unique, and so is your Drupal website! Whatever you wish can be implemented there, with no limits and no exception. So don’t hesitate to contact us for help with installing and configuring some module, or creating a unique one from scratch. And, of course, you can have a new Drupal 8 website developed for you, or migrate your existing one to Drupal 8. Drop us a line! ;)