dpc-sdp · yeniatencio · Feb 13, 2024 · Nov 27, 2023 · Nov 27, 2023 · Nov 27, 2023
diff --git a/tests/behat/features/access.feature b/tests/behat/features/access.feature
@@ -69,3 +69,9 @@ Feature: Access permissions
     Given I am logged in as a user with the "Site Auditor" role
     When I go to "/admin/reports/audit-trail"
     Then I should get a 200 HTTP response
+
+  @api
+  Scenario: Approver role should not have access to redirects.
+    Given I am logged in as a user with the "approver" role
+    When I go to "admin/structure/taxonomy/add"
+    Then I should get a 404 HTTP response
diff --git a/tide_core.install b/tide_core.install
@@ -124,3 +124,18 @@ function tide_core_update_10003() {
     $config->save();
   }
 }
+
+/**
+ * Approver should not have access to administer taxonomy.
+ */
+function tide_core_update_10004() {
+  $role = 'approver';
+  $permissions = [
+    'administer taxonomy',
+    'edit terms in topic',
+    'delete terms in topic',
+  ];
+  if ($role) {
+    user_role_revoke_permissions($role, $permissions);
+  }
+}