Add comments on risky permissions

[bennothommo]

To assist admins when assigning permissions to users, I have added comments to permissions that should only be given to trusted users. These permissions, if given to untrusted users, may pose a security risk due to being able to negatively manipulate the experience of other users, or could be potentially used to grant themselves more access than intended.

Summary by CodeRabbit

• New Features

  • Permission comments now appear as tooltip-enabled info icons next to permission labels for clearer explanations.

• Documentation

  • Updated permission labels and added descriptive notes covering unsafe Markdown, administrator/impersonation rights, branding, and CMS permissions to clarify access implications.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: f4fa43fe-881a-4d8f-bd2d-527bbeb6d25f

📥 Commits

Reviewing files that changed from the base of the PR and between 69b84be and a2be454.

📒 Files selected for processing (2)

• modules/cms/lang/en/lang.php
• modules/system/lang/en/lang.php

🚧 Files skipped from review as they are similar to previous changes (1)

• modules/system/lang/en/lang.php

---

Walkthrough

Adds permission comment metadata across backend, CMS, and system modules; updates permission editor to show comments as a tooltip icon; adds translations for the new comments; clarifies the allow_unsafe_markdown label; and adds .zed to .gitignore.

Changes

Cohort / File(s)	Summary
Editor Configuration \.gitignore	Added .zed to editor ignore list.
Backend permission metadata & translations modules/backend/ServiceProvider.php, modules/backend/lang/en/lang.php	Added comment fields to backend permission definitions (manage_users, impersonate_users, manage_branding, allow_unsafe_markdown); updated allow_unsafe_markdown label and added allow_unsafe_markdown_comment translation.
Permission editor UI modules/backend/formwidgets/permissioneditor/partials/_permissioneditor.php	Replaced always-rendered comment paragraph with conditional tooltip/info-icon rendering (with ARIA attributes) when a permission has a comment; minor indentation adjustments.
CMS permission metadata & translations modules/cms/ServiceProvider.php, modules/cms/lang/en/lang.php	Added comment fields for CMS permissions (manage_pages, manage_layouts, manage_partials, manage_themes) and corresponding _comment translation entries describing risks/access.
System translations modules/system/lang/en/lang.php	Added _comment translation entries for manage_other_administrators, impersonate_users, and manage_branding permissions.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'Add comments on risky permissions' clearly and directly summarizes the main change across all modified files: adding comment metadata to permissions that pose security risks if assigned to untrusted users.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

• 📝 Generate docstrings (stacked PR)
• 📝 Generate docstrings (commit on current branch)

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix/administrative-permissions

📝 Coding Plan

• Generate coding plan for human review comments

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

Tip

You can disable the changed files summary in the walkthrough.

Disable the reviews.changed_files_summary setting to disable the changed files summary in the walkthrough.

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@modules/backend/formwidgets/permissioneditor/partials/_permissioneditor.php`:
- Around line 58-60: The icon-only span showing $permission->comment is not
keyboard/screen-reader accessible; make it focusable and expose the comment text
to assistive tech by updating the span with tabindex="0" and an accessible name
(either aria-label="<?= e(trans($permission->comment)) ?>" or aria-describedby
pointing to a visually-hidden element containing <?=
e(trans($permission->comment)) ?>), keep the existing classes
(wn-icon-circle-info/text-info) and tooltip attributes, and ensure the
visually-hidden text (e.g., class="sr-only" or "visually-hidden") is present so
screen readers and keyboard users can discover the permission risk.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 7d56382b-bc5d-4ef4-bb5b-e405b7f33db1

📥 Commits

Reviewing files that changed from the base of the PR and between 64602ba and 6bc8b06.

📒 Files selected for processing (7)

• .gitignore
• modules/backend/ServiceProvider.php
• modules/backend/formwidgets/permissioneditor/partials/_permissioneditor.php
• modules/backend/lang/en/lang.php
• modules/cms/ServiceProvider.php
• modules/cms/lang/en/lang.php
• modules/system/lang/en/lang.php