Reset to alphabetical button is visible if users have access to edit all terms in a vocabulary, however reset route access is determined by whether the user has administer taxonomy.
This means users without administer taxonomy can see the button, but they receive access denied when clicked.
Problem (cause)
- Reset route uses administer taxonomy permission. (See
\Drupal\taxonomy\Entity\Routing\VocabularyRouteProvider::getResetPageRoute) - Button visibility on is determined by checking $term->access('update') on all terms. (See
$change_weight_access)
Proposed solution
- Create a reset-all-weights operation for vocabularies.
- Check administer taxonomy before checking all terms.
- Move all existing
$change_weight_accesslogic to operation access - Change reset route permission to use _entity_access: 'vocabulary.reset-all-weights'
- Check vocabulary access before showing button.
Related concerns were raised in #1848686: Add a dedicated permission to access the term overview page (without 'administer taxonomy' permission)