diff --git a/core/includes/bootstrap.inc b/core/includes/bootstrap.inc index c26ec86..c8c7896 100644 --- a/core/includes/bootstrap.inc +++ b/core/includes/bootstrap.inc @@ -146,14 +146,14 @@ const DRUPAL_BOOTSTRAP_LANGUAGE = 6; const DRUPAL_BOOTSTRAP_FULL = 7; /** - * Role ID for anonymous users; should match what's in the "role" table. + * Role name for anonymous users; should match what's in the "role" table. */ -const DRUPAL_ANONYMOUS_RID = 1; +const DRUPAL_ANONYMOUS_ROLE = 'anonymous_user'; /** - * Role ID for authenticated users; should match what's in the "role" table. + * Role name for authenticated users; should match what's in the "role" table. */ -const DRUPAL_AUTHENTICATED_RID = 2; +const DRUPAL_AUTHENTICATED_ROLE = 'authenticated_user'; /** * The number of bytes in a kilobyte. @@ -1954,8 +1954,7 @@ function drupal_anonymous_user() { $user = new stdClass(); $user->uid = 0; $user->hostname = ip_address(); - $user->roles = array(); - $user->roles[DRUPAL_ANONYMOUS_RID] = 'anonymous user'; + $user->roles = array(DRUPAL_ANONYMOUS_ROLE => TRUE); return $user; } diff --git a/core/includes/session.inc b/core/includes/session.inc index b07997c..1912ba2 100644 --- a/core/includes/session.inc +++ b/core/includes/session.inc @@ -110,8 +110,8 @@ function _drupal_session_read($sid) { // Add roles element to $user. $user->roles = array(); - $user->roles[DRUPAL_AUTHENTICATED_RID] = 'authenticated user'; - $user->roles += db_query("SELECT r.rid, r.name FROM {role} r INNER JOIN {users_roles} ur ON ur.rid = r.rid WHERE ur.uid = :uid", array(':uid' => $user->uid))->fetchAllKeyed(0, 1); + $user->roles[DRUPAL_AUTHENTICATED_ROLE] = TRUE; + $user->roles += db_query("SELECT r.name FROM {role} r INNER JOIN {users_roles} ur ON ur.role_name = r.name WHERE ur.uid = :uid", array(':uid' => $user->uid))->fetchAllKeyed(0, 0); } elseif ($user) { // The user is anonymous or blocked. Only preserve two fields from the diff --git a/core/includes/update.inc b/core/includes/update.inc index 1a2a242..37aefda 100644 --- a/core/includes/update.inc +++ b/core/includes/update.inc @@ -129,6 +129,9 @@ function update_prepare_d8_bootstrap() { ); db_change_field('url_alias', 'language', 'langcode', $langcode_spec, $langcode_indexes); } + + // Prepare the role name system for session bootstrapping. + update_prepare_d8_role_names(); } } } @@ -200,6 +203,93 @@ function update_prepare_d8_language() { } /** + * Prepare a minimal working D8 role name system. This is required for session + * bootstrapping during an upgrade from D7. + */ +function update_prepare_d8_role_names() { + if (!db_field_exists('role_permission', 'role_name')) { + // Add the 'role_name' column to the role_permission table. + $column = array( + 'type' => 'varchar', + 'length' => 64, + //'not null' => TRUE, + 'description' => 'Foreign Key: {role}.name.', + ); + db_add_field('role_permission', 'role_name', $column); + } + if (!db_field_exists('users_roles', 'role_name')) { + // Add the 'role_name' column to the users_roles table. + $column = array( + 'type' => 'varchar', + 'length' => 64, + //'not null' => TRUE, + 'default' => '', + 'description' => 'Primary Key: {role}.name for role.', + ); + db_add_field('users_roles', 'role_name', $column); + } + + if (!db_field_exists('role', 'label')) { + // Add the 'label' column to the role table. + $label_column = array( + 'type' => 'varchar', + 'length' => 255, + 'default' => '', + 'description' => 'Role label.', + 'translatable' => TRUE, + ); + db_add_field('role', 'label', $label_column); + + // Copy the old role name to the label. + db_query('UPDATE {role} SET label = name'); + + // Load the mapping of rids to role_names. + $rid_mapping = db_select('role', 'r') + ->fields('r', array('rid', 'name')) + ->execute() + ->fetchAllKeyed(0, 1); + + // Convert the old name to a valid machine name by replacing white spaces and + // upper case letters. + foreach ($rid_mapping as $rid => $role_name) { + $new_name = drupal_strtolower($role_name); + $new_name = preg_replace('/[^a-z0-9]/', '_', $new_name); + // Check if the new name already exists. + do { + $exists = db_select('role', 'r') + ->fields('r', array('name')) + ->condition('name', $role_name, '!=') + ->condition('name', $new_name) + ->execute() + ->fetchCol(); + if (!empty($exists)) { + // Try again with an additional '_' until this name is unique. + $new_name = $new_name . '_'; + } + } while (!empty($exists)); + + // Replace the old name with the new name. + db_update('role') + ->fields(array('name' => $new_name)) + ->condition('name', $role_name) + ->execute(); + + // Fill in role_name data in the role_permission table. + db_update('role_permission') + ->fields(array('role_name' => $new_name)) + ->condition('rid', $rid) + ->execute(); + + // Fill in role_name data in the users_roles table. + db_update('users_roles') + ->fields(array('role_name' => $new_name)) + ->condition('rid', $rid) + ->execute(); + } + } +} + +/** * Adds modules to the system table in a Drupal core update. * * @param $modules diff --git a/core/modules/block/block.admin.inc b/core/modules/block/block.admin.inc index 8a5553d..ffa185e 100644 --- a/core/modules/block/block.admin.inc +++ b/core/modules/block/block.admin.inc @@ -401,7 +401,7 @@ function block_admin_configure($form, &$form_state, $module, $delta) { } // Per-role visibility. - $default_role_options = db_query("SELECT rid FROM {block_role} WHERE module = :module AND delta = :delta", array( + $default_role_options = db_query("SELECT role_name FROM {block_role} WHERE module = :module AND delta = :delta", array( ':module' => $block->module, ':delta' => $block->delta, ))->fetchCol(); @@ -495,10 +495,10 @@ function block_admin_configure_submit($form, &$form_state) { ->condition('module', $form_state['values']['module']) ->condition('delta', $form_state['values']['delta']) ->execute(); - $query = db_insert('block_role')->fields(array('rid', 'module', 'delta')); - foreach (array_filter($form_state['values']['roles']) as $rid) { + $query = db_insert('block_role')->fields(array('role_name', 'module', 'delta')); + foreach (array_filter($form_state['values']['roles']) as $role_name) { $query->values(array( - 'rid' => $rid, + 'role_name' => $role_name, 'module' => $form_state['values']['module'], 'delta' => $form_state['values']['delta'], )); @@ -594,10 +594,10 @@ function block_add_block_form_submit($form, &$form_state) { } $query->execute(); - $query = db_insert('block_role')->fields(array('rid', 'module', 'delta')); - foreach (array_filter($form_state['values']['roles']) as $rid) { + $query = db_insert('block_role')->fields(array('role_name', 'module', 'delta')); + foreach (array_filter($form_state['values']['roles']) as $role_name) { $query->values(array( - 'rid' => $rid, + 'role_name' => $role_name, 'module' => $form_state['values']['module'], 'delta' => $delta, )); diff --git a/core/modules/block/block.install b/core/modules/block/block.install index c2d4185..1146cee 100644 --- a/core/modules/block/block.install +++ b/core/modules/block/block.install @@ -117,16 +117,16 @@ function block_schema() { 'not null' => TRUE, 'description' => "The block's unique delta within module, from {block}.delta.", ), - 'rid' => array( - 'type' => 'int', - 'unsigned' => TRUE, + 'role_name' => array( + 'type' => 'varchar', + 'length' => 64, 'not null' => TRUE, - 'description' => "The user's role ID from {users_roles}.rid.", + 'description' => "The role name from {role}.name.", ), ), - 'primary key' => array('module', 'delta', 'rid'), + 'primary key' => array('module', 'delta', 'role_name'), 'indexes' => array( - 'rid' => array('rid'), + 'role_name' => array('role_name'), ), ); @@ -199,6 +199,41 @@ function block_update_8000() { } /** + * Role ids are replaced with role machine names. + */ +function block_update_8001() { + $column = array( + 'type' => 'varchar', + 'length' => 64, + 'not null' => TRUE, + 'description' => "The role name from {role}.name.", + ); + db_add_field('block_role', 'role_name', $column); + + // Load the mapping of rids to role_names. + $rid_mapping = db_select('role', 'r') + ->fields('r', array('rid', 'name')) + ->execute() + ->fetchAllKeyed(0, 1); + foreach ($rid_mapping as $rid => $role_name) { + // Fill in role_name data in the block_role table. + db_update('block_role') + ->fields(array('role_name' => $role_name)) + ->condition('rid', $rid) + ->execute(); + } + + db_drop_field('block_role', 'rid'); + // Update the primary key of the block_role table. + db_drop_primary_key('block_role'); + db_add_primary_key('block_role', array('module', 'delta', 'role_name')); + + // Update the index of the block_role table. + db_drop_index('block_role', 'rid'); + db_add_index('block_role', 'role_name', array('role_name')); +} + +/** * @} End of "addtogroup updates-7.x-to-8.x" * The next series of updates should start at 9000. */ diff --git a/core/modules/block/block.module b/core/modules/block/block.module index 25bd3b1..472fa3c 100644 --- a/core/modules/block/block.module +++ b/core/modules/block/block.module @@ -597,8 +597,8 @@ function block_custom_block_save($edit, $delta) { */ function block_form_user_profile_form_alter(&$form, &$form_state) { $account = $form['#user']; - $rids = array_keys($account->roles); - $result = db_query("SELECT DISTINCT b.* FROM {block} b LEFT JOIN {block_role} r ON b.module = r.module AND b.delta = r.delta WHERE b.status = 1 AND b.custom <> 0 AND (r.rid IN (:rids) OR r.rid IS NULL) ORDER BY b.weight, b.module", array(':rids' => $rids)); + $role_names = array_keys($account->roles); + $result = db_query("SELECT DISTINCT b.* FROM {block} b LEFT JOIN {block_role} r ON b.module = r.module AND b.delta = r.delta WHERE b.status = 1 AND b.custom <> 0 AND (r.role_name IN (:role_names) OR r.role_name IS NULL) ORDER BY b.weight, b.module", array(':role_names' => $role_names)); $blocks = array(); foreach ($result as $block) { @@ -780,9 +780,9 @@ function block_block_list_alter(&$blocks) { // Build an array of roles for each block. $block_roles = array(); - $result = db_query('SELECT module, delta, rid FROM {block_role}'); + $result = db_query('SELECT module, delta, role_name FROM {block_role}'); foreach ($result as $record) { - $block_roles[$record->module][$record->delta][] = $record->rid; + $block_roles[$record->module][$record->delta][] = $record->role_name; } foreach ($blocks as $key => $block) { @@ -988,7 +988,7 @@ function template_preprocess_block(&$variables) { */ function block_user_role_delete($role) { db_delete('block_role') - ->condition('rid', $role->rid) + ->condition('role_name', $role->name) ->execute(); } diff --git a/core/modules/block/block.test b/core/modules/block/block.test index 4af6240..7b42805 100644 --- a/core/modules/block/block.test +++ b/core/modules/block/block.test @@ -108,7 +108,7 @@ class BlockTestCase extends DrupalWebTestCase { // Set visibility only for authenticated users, to verify delete functionality. $edit = array(); - $edit['roles[2]'] = TRUE; + $edit['roles[' . DRUPAL_AUTHENTICATED_ROLE . ']'] = TRUE; $this->drupalPost('admin/structure/block/manage/block/' . $bid . '/configure', $edit, t('Save block')); // Delete the created custom block & verify that it's been deleted and no longer appearing on the page. @@ -186,7 +186,7 @@ class BlockTestCase extends DrupalWebTestCase { // authenticated users. $edit = array(); $edit['pages'] = 'user*'; - $edit['roles[' . DRUPAL_AUTHENTICATED_RID . ']'] = TRUE; + $edit['roles[' . DRUPAL_AUTHENTICATED_ROLE . ']'] = TRUE; $this->drupalPost('admin/structure/block/manage/' . $block['module'] . '/' . $block['delta'] . '/configure', $edit, t('Save block')); // Move block to the first sidebar. diff --git a/core/modules/book/book.test b/core/modules/book/book.test index 54444b2..d55029a 100644 --- a/core/modules/book/book.test +++ b/core/modules/book/book.test @@ -279,8 +279,8 @@ class BookTestCase extends DrupalWebTestCase { // Give anonymous users the permission 'node test view'. $edit = array(); - $edit['1[node test view]'] = TRUE; - $this->drupalPost('admin/people/permissions/1', $edit, t('Save permissions')); + $edit[DRUPAL_ANONYMOUS_ROLE . '[node test view]'] = TRUE; + $this->drupalPost('admin/people/permissions/' . DRUPAL_ANONYMOUS_ROLE, $edit, t('Save permissions')); $this->assertText(t('The changes have been saved.'), t("Permission 'node test view' successfully assigned to anonymous users.")); // Test correct display of the block. @@ -315,8 +315,8 @@ class BookTestCase extends DrupalWebTestCase { // Give anonymous users the permission 'node test view'. $edit = array(); - $edit['1[node test view]'] = TRUE; - $this->drupalPost('admin/people/permissions/1', $edit, t('Save permissions')); + $edit[DRUPAL_ANONYMOUS_ROLE . '[node test view]'] = TRUE; + $this->drupalPost('admin/people/permissions/' . DRUPAL_ANONYMOUS_ROLE, $edit, t('Save permissions')); $this->assertText(t('The changes have been saved.'), t('Permission \'node test view\' successfully assigned to anonymous users.')); // Create a book. diff --git a/core/modules/comment/comment.module b/core/modules/comment/comment.module index 1a3580f..6c6ee7c 100644 --- a/core/modules/comment/comment.module +++ b/core/modules/comment/comment.module @@ -1354,16 +1354,16 @@ function comment_node_update_index($node) { if ($index_comments === NULL) { // Find and save roles that can 'access comments' or 'search content'. $perms = array('access comments' => array(), 'search content' => array()); - $result = db_query("SELECT rid, permission FROM {role_permission} WHERE permission IN ('access comments', 'search content')"); + $result = db_query("SELECT role_name, permission FROM {role_permission} WHERE permission IN ('access comments', 'search content')"); foreach ($result as $record) { - $perms[$record->permission][$record->rid] = $record->rid; + $perms[$record->permission][$record->role_name] = $record->role_name; } // Prevent indexing of comments if there are any roles that can search but // not view comments. $index_comments = TRUE; - foreach ($perms['search content'] as $rid) { - if (!isset($perms['access comments'][$rid]) && ($rid <= DRUPAL_AUTHENTICATED_RID || !isset($perms['access comments'][DRUPAL_AUTHENTICATED_RID]))) { + foreach ($perms['search content'] as $role_name) { + if (!isset($perms['access comments'][$role_name]) && ($role_name == DRUPAL_ANONYMOUS_ROLE || $role_name == DRUPAL_AUTHENTICATED_ROLE || !isset($perms['access comments'][DRUPAL_AUTHENTICATED_ROLE]))) { $index_comments = FALSE; break; } @@ -2192,7 +2192,7 @@ function theme_comment_post_forbidden($variables) { // We only output a link if we are certain that users will get permission // to post comments by logging in. $comment_roles = user_roles(TRUE, 'post comments'); - $authenticated_post_comments = isset($comment_roles[DRUPAL_AUTHENTICATED_RID]); + $authenticated_post_comments = isset($comment_roles[DRUPAL_AUTHENTICATED_ROLE]); } if ($authenticated_post_comments) { diff --git a/core/modules/comment/comment.test b/core/modules/comment/comment.test index 9257513..a7d1be0 100644 --- a/core/modules/comment/comment.test +++ b/core/modules/comment/comment.test @@ -621,7 +621,7 @@ class CommentInterfaceTest extends CommentHelperCase { // Prepare for anonymous comment submission (comment approval enabled). variable_set('user_register', USER_REGISTER_VISITORS); $this->drupalLogin($this->admin_user); - user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array( + user_role_change_permissions(DRUPAL_ANONYMOUS_ROLE, array( 'access comments' => TRUE, 'post comments' => TRUE, 'skip comment approval' => FALSE, @@ -645,7 +645,7 @@ class CommentInterfaceTest extends CommentHelperCase { // Prepare for anonymous comment submission (no approval required). $this->drupalLogin($this->admin_user); - user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array( + user_role_change_permissions(DRUPAL_ANONYMOUS_ROLE, array( 'access comments' => TRUE, 'post comments' => TRUE, 'skip comment approval' => TRUE, @@ -809,9 +809,9 @@ class CommentInterfaceTest extends CommentHelperCase { variable_set('user_register', $info['user_register']); // Change user permissions. - $rid = ($this->loggedInUser ? DRUPAL_AUTHENTICATED_RID : DRUPAL_ANONYMOUS_RID); + $role_name = ($this->loggedInUser ? DRUPAL_AUTHENTICATED_ROLE : DRUPAL_ANONYMOUS_ROLE); $perms = array_intersect_key($info, array('access comments' => 1, 'post comments' => 1, 'skip comment approval' => 1, 'edit own comments' => 1)); - user_role_change_permissions($rid, $perms); + user_role_change_permissions($role_name, $perms); // Output verbose debugging information. // @see DrupalTestCase::error() @@ -1098,7 +1098,7 @@ class CommentAnonymous extends CommentHelperCase { function testAnonymous() { $this->drupalLogin($this->admin_user); // Enabled anonymous user comments. - user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array( + user_role_change_permissions(DRUPAL_ANONYMOUS_ROLE, array( 'access comments' => TRUE, 'post comments' => TRUE, 'skip comment approval' => TRUE, @@ -1183,7 +1183,7 @@ class CommentAnonymous extends CommentHelperCase { $this->drupalLogout(); // Reset. - user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array( + user_role_change_permissions(DRUPAL_ANONYMOUS_ROLE, array( 'access comments' => FALSE, 'post comments' => FALSE, 'skip comment approval' => FALSE, @@ -1202,7 +1202,7 @@ class CommentAnonymous extends CommentHelperCase { $this->assertNoFieldByName('subject', '', t('Subject field not found.')); $this->assertNoFieldByName("comment_body[$langcode][0][value]", '', t('Comment field not found.')); - user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array( + user_role_change_permissions(DRUPAL_ANONYMOUS_ROLE, array( 'access comments' => TRUE, 'post comments' => FALSE, 'skip comment approval' => FALSE, @@ -1212,7 +1212,7 @@ class CommentAnonymous extends CommentHelperCase { $this->assertLink('Log in', 1, t('Link to log in was found.')); $this->assertLink('register', 1, t('Link to register was found.')); - user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array( + user_role_change_permissions(DRUPAL_ANONYMOUS_ROLE, array( 'access comments' => FALSE, 'post comments' => TRUE, 'skip comment approval' => TRUE, @@ -1579,7 +1579,7 @@ class CommentApprovalTest extends CommentHelperCase { */ function testApprovalAdminInterface() { // Set anonymous comments to require approval. - user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array( + user_role_change_permissions(DRUPAL_ANONYMOUS_ROLE, array( 'access comments' => TRUE, 'post comments' => TRUE, 'skip comment approval' => FALSE, @@ -1648,7 +1648,7 @@ class CommentApprovalTest extends CommentHelperCase { */ function testApprovalNodeInterface() { // Set anonymous comments to require approval. - user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array( + user_role_change_permissions(DRUPAL_ANONYMOUS_ROLE, array( 'access comments' => TRUE, 'post comments' => TRUE, 'skip comment approval' => FALSE, @@ -1727,13 +1727,13 @@ class CommentBlockFunctionalTest extends CommentHelperCase { // Test that a user without the 'access comments' permission cannot see the // block. $this->drupalLogout(); - user_role_revoke_permissions(DRUPAL_ANONYMOUS_RID, array('access comments')); + user_role_revoke_permissions(DRUPAL_ANONYMOUS_ROLE, array('access comments')); // drupalCreateNode() does not automatically flush content caches unlike // posting a node from a node form. cache_clear_all(); $this->drupalGet(''); $this->assertNoText($block['title'], t('Block was not found.')); - user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array('access comments')); + user_role_grant_permissions(DRUPAL_ANONYMOUS_ROLE, array('access comments')); // Test that a user with the 'access comments' permission can see the // block. diff --git a/core/modules/contact/contact.test b/core/modules/contact/contact.test index d7f26ac..ed4e712 100644 --- a/core/modules/contact/contact.test +++ b/core/modules/contact/contact.test @@ -42,7 +42,7 @@ class ContactSitewideTestCase extends DrupalWebTestCase { $this->deleteCategories(); // Ensure that the contact form won't be shown without categories. - user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array('access site-wide contact form')); + user_role_grant_permissions(DRUPAL_ANONYMOUS_ROLE, array('access site-wide contact form')); $this->drupalLogout(); $this->drupalGet('contact'); $this->assertResponse(404); @@ -83,7 +83,7 @@ class ContactSitewideTestCase extends DrupalWebTestCase { $this->assertRaw(t('Category %category has been saved.', array('%category' => $category)), t('Category successfully saved.')); // Ensure that the contact form is shown without a category selection input. - user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array('access site-wide contact form')); + user_role_grant_permissions(DRUPAL_ANONYMOUS_ROLE, array('access site-wide contact form')); $this->drupalLogout(); $this->drupalGet('contact'); $this->assertText(t('Your e-mail address'), t('Contact form is shown when there is one category.')); @@ -109,12 +109,12 @@ class ContactSitewideTestCase extends DrupalWebTestCase { $this->drupalLogout(); // Check to see that anonymous user cannot see contact page without permission. - user_role_revoke_permissions(DRUPAL_ANONYMOUS_RID, array('access site-wide contact form')); + user_role_revoke_permissions(DRUPAL_ANONYMOUS_ROLE, array('access site-wide contact form')); $this->drupalGet('contact'); $this->assertResponse(403, t('Access denied to anonymous user without permission.')); // Give anonymous user permission and see that page is viewable. - user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array('access site-wide contact form')); + user_role_grant_permissions(DRUPAL_ANONYMOUS_ROLE, array('access site-wide contact form')); $this->drupalGet('contact'); $this->assertResponse(200, t('Access granted to anonymous user with permission.')); @@ -342,12 +342,12 @@ class ContactPersonalTestCase extends DrupalWebTestCase { // Test that anonymous users can access the contact form. $this->drupalLogout(); - user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array('access user contact forms')); + user_role_grant_permissions(DRUPAL_ANONYMOUS_ROLE, array('access user contact forms')); $this->drupalGet('user/' . $this->contact_user->uid . '/contact'); $this->assertResponse(200); // Revoke the personal contact permission for the anonymous user. - user_role_revoke_permissions(DRUPAL_ANONYMOUS_RID, array('access user contact forms')); + user_role_revoke_permissions(DRUPAL_ANONYMOUS_ROLE, array('access user contact forms')); $this->drupalGet('user/' . $this->contact_user->uid . '/contact'); $this->assertResponse(403); diff --git a/core/modules/field/modules/text/text.test b/core/modules/field/modules/text/text.test index 0dbaccc..0887e22 100644 --- a/core/modules/field/modules/text/text.test +++ b/core/modules/field/modules/text/text.test @@ -212,8 +212,10 @@ class TextFieldTestCase extends DrupalWebTestCase { $format = filter_format_load($edit['format']); $format_id = $format->format; $permission = filter_permission_name($format); - $rid = max(array_keys($this->web_user->roles)); - user_role_grant_permissions($rid, array($permission)); + $roles = $this->web_user->roles; + unset($roles[DRUPAL_AUTHENTICATED_ROLE]); + $role = key($roles); + user_role_grant_permissions($role, array($permission)); $this->drupalLogin($this->web_user); // Display edition form. diff --git a/core/modules/file/tests/file.test b/core/modules/file/tests/file.test index 05083fc..e08086e 100644 --- a/core/modules/file/tests/file.test +++ b/core/modules/file/tests/file.test @@ -553,7 +553,7 @@ class FileFieldWidgetTestCase extends FileFieldTestCase { // Remove access comments permission from anon user. $edit = array( - '1[access comments]' => FALSE, + DRUPAL_ANONYMOUS_ROLE . '[access comments]' => FALSE, ); $this->drupalPost('admin/people/permissions', $edit, t('Save permissions')); diff --git a/core/modules/filter/filter.admin.inc b/core/modules/filter/filter.admin.inc index b4a7008..1284151 100644 --- a/core/modules/filter/filter.admin.inc +++ b/core/modules/filter/filter.admin.inc @@ -319,8 +319,8 @@ function filter_admin_format_form_submit($form, &$form_state) { // Save user permissions. if ($permission = filter_permission_name($format)) { - foreach ($format->roles as $rid => $enabled) { - user_role_change_permissions($rid, array($permission => $enabled)); + foreach ($format->roles as $role_name => $enabled) { + user_role_change_permissions($role_name, array($permission => $enabled)); } } diff --git a/core/modules/filter/filter.module b/core/modules/filter/filter.module index 7d50adf..fc13719 100644 --- a/core/modules/filter/filter.module +++ b/core/modules/filter/filter.module @@ -444,7 +444,7 @@ function filter_formats_reset() { * @param $format * An object representing the text format. * @return - * An array of role names, keyed by role ID. + * An array of role names, keyed by role name. */ function filter_get_roles_by_format($format) { // Handle the fallback format upfront (all roles have access to this format). @@ -459,17 +459,17 @@ function filter_get_roles_by_format($format) { /** * Retrieves a list of text formats that are allowed for a given role. * - * @param $rid - * The user role ID to retrieve text formats for. + * @param $role_name + * The user role name to retrieve text formats for. * @return * An array of text format objects that are allowed for the role, keyed by * the text format ID and ordered by weight. */ -function filter_get_formats_by_role($rid) { +function filter_get_formats_by_role($role_name) { $formats = array(); foreach (filter_formats() as $format) { $roles = filter_get_roles_by_format($format); - if (isset($roles[$rid])) { + if (isset($roles[$role_name])) { $formats[$format->format] = $format; } } diff --git a/core/modules/filter/filter.test b/core/modules/filter/filter.test index 8226054..c951b6b 100644 --- a/core/modules/filter/filter.test +++ b/core/modules/filter/filter.test @@ -316,7 +316,7 @@ class FilterAdminTestCase extends DrupalWebTestCase { $edit = array(); $edit['format'] = drupal_strtolower($this->randomName()); $edit['name'] = $this->randomName(); - $edit['roles[2]'] = 1; + $edit['roles[' . DRUPAL_AUTHENTICATED_ROLE . ']'] = 1; $edit['filters[' . $second_filter . '][status]'] = TRUE; $edit['filters[' . $first_filter . '][status]'] = TRUE; $this->drupalPost('admin/config/content/formats/add', $edit, t('Save configuration')); @@ -326,7 +326,7 @@ class FilterAdminTestCase extends DrupalWebTestCase { $format = filter_format_load($edit['format']); $this->assertNotNull($format, t('Format found in database.')); - $this->assertFieldByName('roles[2]', '', t('Role found.')); + $this->assertFieldByName('roles[' . DRUPAL_AUTHENTICATED_ROLE . ']', '', t('Role found.')); $this->assertFieldByName('filters[' . $second_filter . '][status]', '', t('Line break filter found.')); $this->assertFieldByName('filters[' . $first_filter . '][status]', '', t('Url filter found.')); @@ -337,8 +337,8 @@ class FilterAdminTestCase extends DrupalWebTestCase { // Allow authenticated users on full HTML. $format = filter_format_load($full); $edit = array(); - $edit['roles[1]'] = 0; - $edit['roles[2]'] = 1; + $edit['roles[' . DRUPAL_ANONYMOUS_ROLE . ']'] = 0; + $edit['roles[' . DRUPAL_AUTHENTICATED_ROLE . ']'] = 1; $this->drupalPost('admin/config/content/formats/' . $full, $edit, t('Save configuration')); $this->assertRaw(t('The text format %format has been updated.', array('%format' => $format->name)), t('Full HTML format successfully updated.')); @@ -388,10 +388,10 @@ class FilterAdminTestCase extends DrupalWebTestCase { // Full HTML. $edit = array(); - $edit['roles[2]'] = FALSE; + $edit['roles[' . DRUPAL_AUTHENTICATED_ROLE . ']'] = FALSE; $this->drupalPost('admin/config/content/formats/' . $full, $edit, t('Save configuration')); $this->assertRaw(t('The text format %format has been updated.', array('%format' => $format->name)), t('Full HTML format successfully reverted.')); - $this->assertFieldByName('roles[2]', $edit['roles[2]'], t('Changes reverted.')); + $this->assertFieldByName('roles[' . DRUPAL_AUTHENTICATED_ROLE . ']', $edit['roles[' . DRUPAL_AUTHENTICATED_ROLE . ']'], t('Changes reverted.')); // Filter order. $edit = array(); @@ -500,23 +500,25 @@ class FilterFormatAccessTestCase extends DrupalWebTestCase { } function testFormatRoles() { - // Get the role ID assigned to the regular user; it must be the maximum. - $rid = max(array_keys($this->web_user->roles)); + // Get the role name assigned to the regular user. + $roles = $this->web_user->roles; + unset($roles[DRUPAL_AUTHENTICATED_ROLE]); + $role_name = key($roles); // Check that this role appears in the list of roles that have access to an // allowed text format, but does not appear in the list of roles that have // access to a disallowed text format. - $this->assertTrue(in_array($rid, array_keys(filter_get_roles_by_format($this->allowed_format))), t('A role which has access to a text format appears in the list of roles that have access to that format.')); - $this->assertFalse(in_array($rid, array_keys(filter_get_roles_by_format($this->disallowed_format))), t('A role which does not have access to a text format does not appear in the list of roles that have access to that format.')); + $this->assertTrue(in_array($role_name, array_keys(filter_get_roles_by_format($this->allowed_format))), t('A role which has access to a text format appears in the list of roles that have access to that format.')); + $this->assertFalse(in_array($role_name, array_keys(filter_get_roles_by_format($this->disallowed_format))), t('A role which does not have access to a text format does not appear in the list of roles that have access to that format.')); // Check that the correct text format appears in the list of formats // available to that role. - $this->assertTrue(in_array($this->allowed_format->format, array_keys(filter_get_formats_by_role($rid))), t('A text format which a role has access to appears in the list of formats available to that role.')); - $this->assertFalse(in_array($this->disallowed_format->format, array_keys(filter_get_formats_by_role($rid))), t('A text format which a role does not have access to does not appear in the list of formats available to that role.')); + $this->assertTrue(in_array($this->allowed_format->format, array_keys(filter_get_formats_by_role($role_name))), t('A text format which a role has access to appears in the list of formats available to that role.')); + $this->assertFalse(in_array($this->disallowed_format->format, array_keys(filter_get_formats_by_role($role_name))), t('A text format which a role does not have access to does not appear in the list of formats available to that role.')); // Check that the fallback format is always allowed. $this->assertEqual(filter_get_roles_by_format(filter_format_load(filter_fallback_format())), user_roles(), t('All roles have access to the fallback format.')); - $this->assertTrue(in_array(filter_fallback_format(), array_keys(filter_get_formats_by_role($rid))), t('The fallback format appears in the list of allowed formats for any role.')); + $this->assertTrue(in_array(filter_fallback_format(), array_keys(filter_get_formats_by_role($role_name))), t('The fallback format appears in the list of allowed formats for any role.')); } /** @@ -757,7 +759,7 @@ class FilterSecurityTestCase extends DrupalWebTestCase { filter_format_save($filtered_html_format); $filtered_html_permission = filter_permission_name($filtered_html_format); - user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array($filtered_html_permission)); + user_role_grant_permissions(DRUPAL_ANONYMOUS_ROLE, array($filtered_html_permission)); $this->admin_user = $this->drupalCreateUser(array('administer modules', 'administer filters', 'administer site configuration')); $this->drupalLogin($this->admin_user); @@ -1807,7 +1809,7 @@ class FilterHooksTestCase extends DrupalWebTestCase { $edit = array(); $edit['format'] = drupal_strtolower($this->randomName()); $edit['name'] = $name; - $edit['roles[1]'] = 1; + $edit['roles[' . DRUPAL_ANONYMOUS_ROLE . ']'] = 1; $this->drupalPost('admin/config/content/formats/add', $edit, t('Save configuration')); $this->assertRaw(t('Added text format %format.', array('%format' => $name)), t('New format created.')); $this->assertText('hook_filter_format_insert invoked.', t('hook_filter_format_insert was invoked.')); @@ -1816,7 +1818,7 @@ class FilterHooksTestCase extends DrupalWebTestCase { // Update text format. $edit = array(); - $edit['roles[2]'] = 1; + $edit['roles[' . DRUPAL_AUTHENTICATED_ROLE . ']'] = 1; $this->drupalPost('admin/config/content/formats/' . $format_id, $edit, t('Save configuration')); $this->assertRaw(t('The text format %format has been updated.', array('%format' => $name)), t('Format successfully updated.')); $this->assertText('hook_filter_format_update invoked.', t('hook_filter_format_update() was invoked.')); diff --git a/core/modules/image/image.test b/core/modules/image/image.test index 2c422a7..bc22e5b 100644 --- a/core/modules/image/image.test +++ b/core/modules/image/image.test @@ -595,7 +595,7 @@ class ImageFieldDisplayTestCase extends ImageFieldTestCase { */ function testImageFieldFormattersPrivate() { // Remove access content permission from anonymous users. - user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array('access content' => FALSE)); + user_role_change_permissions(DRUPAL_ANONYMOUS_ROLE, array('access content' => FALSE)); $this->_testImageFieldFormatters('private'); } diff --git a/core/modules/node/node.api.php b/core/modules/node/node.api.php index 2324b47..213f725 100644 --- a/core/modules/node/node.api.php +++ b/core/modules/node/node.api.php @@ -139,7 +139,7 @@ * associated with permission to view, edit, and delete individual nodes. * * The realms and grant IDs can be arbitrarily defined by your node access - * module; it is common to use role IDs as grant IDs, but that is not + * module; it is common to use role names as grant IDs, but that is not * required. Your module could instead maintain its own list of users, where * each list has an ID. In that case, the return value of this hook would be * an array of the list IDs that this user is a member of. diff --git a/core/modules/node/node.test b/core/modules/node/node.test index 1dbcaf3..a4cabcf 100644 --- a/core/modules/node/node.test +++ b/core/modules/node/node.test @@ -863,7 +863,7 @@ class NodeAccessUnitTest extends NodeWebTestCase { parent::setUp(); // Clear permissions for authenticated users. db_delete('role_permission') - ->condition('rid', DRUPAL_AUTHENTICATED_RID) + ->condition('role_name', DRUPAL_AUTHENTICATED_ROLE) ->execute(); } @@ -1571,7 +1571,7 @@ class NodeAdminTestCase extends NodeWebTestCase { // Remove the "view own unpublished content" permission which is set // by default for authenticated users so we can test this permission // correctly. - user_role_revoke_permissions(DRUPAL_AUTHENTICATED_RID, array('view own unpublished content')); + user_role_revoke_permissions(DRUPAL_AUTHENTICATED_ROLE, array('view own unpublished content')); $this->admin_user = $this->drupalCreateUser(array('access administration pages', 'access content overview', 'administer nodes', 'bypass node access')); $this->base_user_1 = $this->drupalCreateUser(array('access content overview')); @@ -1820,7 +1820,7 @@ class NodeBlockFunctionalTest extends NodeWebTestCase { $this->drupalLogin($this->admin_user); // Disallow anonymous users to view content. - user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array( + user_role_change_permissions(DRUPAL_ANONYMOUS_ROLE, array( 'access content' => FALSE, )); diff --git a/core/modules/php/php.test b/core/modules/php/php.test index f6009c7..7795a9c 100644 --- a/core/modules/php/php.test +++ b/core/modules/php/php.test @@ -36,8 +36,8 @@ class PHPTestCase extends DrupalWebTestCase { // Verify that anonymous and authenticated user roles do not have access. $this->drupalGet('admin/config/content/formats/' . $php_format_id); - $this->assertFieldByName('roles[1]', FALSE, t('Anonymous users do not have access to PHP code format.')); - $this->assertFieldByName('roles[2]', FALSE, t('Authenticated users do not have access to PHP code format.')); + $this->assertFieldByName('roles[' . DRUPAL_ANONYMOUS_ROLE . ']', FALSE, t('Anonymous users do not have access to PHP code format.')); + $this->assertFieldByName('roles[' . DRUPAL_AUTHENTICATED_ROLE . ']', FALSE, t('Authenticated users do not have access to PHP code format.')); } /** diff --git a/core/modules/poll/poll.test b/core/modules/poll/poll.test index ace8d56..060a027 100644 --- a/core/modules/poll/poll.test +++ b/core/modules/poll/poll.test @@ -489,7 +489,7 @@ class PollVoteCheckHostname extends PollWebTestCase { $this->drupalLogin($this->admin_user); // Allow anonymous users to vote on polls. - user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array( + user_role_change_permissions(DRUPAL_ANONYMOUS_ROLE, array( 'access content' => TRUE, 'vote on polls' => TRUE, 'cancel own vote' => TRUE, diff --git a/core/modules/rdf/rdf.test b/core/modules/rdf/rdf.test index 6c7635f..e55e0cf 100644 --- a/core/modules/rdf/rdf.test +++ b/core/modules/rdf/rdf.test @@ -430,7 +430,7 @@ class RdfCommentAttributesTestCase extends CommentHelperCase { $this->web_user = $this->drupalCreateUser(array('access comments', 'post comments', 'create article content', 'access user profiles')); // Enables anonymous user comments. - user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array( + user_role_change_permissions(DRUPAL_ANONYMOUS_ROLE, array( 'access comments' => TRUE, 'post comments' => TRUE, 'skip comment approval' => TRUE, @@ -590,7 +590,7 @@ class RdfTrackerAttributesTestCase extends DrupalWebTestCase { function setUp() { parent::setUp('rdf', 'rdf_test', 'tracker'); // Enable anonymous posting of content. - user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array( + user_role_change_permissions(DRUPAL_ANONYMOUS_ROLE, array( 'create article content' => TRUE, 'access comments' => TRUE, 'post comments' => TRUE, diff --git a/core/modules/search/search.test b/core/modules/search/search.test index 8b67b0b..aa9b01f 100644 --- a/core/modules/search/search.test +++ b/core/modules/search/search.test @@ -779,9 +779,9 @@ class SearchCommentTestCase extends SearchWebTestCase { $this->drupalPost('admin/config/content/formats/' . $filtered_html_format_id, $edit, t('Save configuration')); // Allow anonymous users to search content. $edit = array( - DRUPAL_ANONYMOUS_RID . '[search content]' => 1, - DRUPAL_ANONYMOUS_RID . '[access comments]' => 1, - DRUPAL_ANONYMOUS_RID . '[post comments]' => 1, + DRUPAL_ANONYMOUS_ROLE . '[search content]' => 1, + DRUPAL_ANONYMOUS_ROLE . '[access comments]' => 1, + DRUPAL_ANONYMOUS_ROLE . '[post comments]' => 1, ); $this->drupalPost('admin/people/permissions', $edit, t('Save permissions')); @@ -840,7 +840,7 @@ class SearchCommentTestCase extends SearchWebTestCase { $comment_body = 'Test comment body'; $this->comment_subject = 'Test comment subject'; $this->admin_role = $this->admin_user->roles; - unset($this->admin_role[DRUPAL_AUTHENTICATED_RID]); + unset($this->admin_role[DRUPAL_AUTHENTICATED_ROLE]); $this->admin_role = key($this->admin_role); // Create a node. @@ -854,17 +854,17 @@ class SearchCommentTestCase extends SearchWebTestCase { $this->drupalPost('comment/reply/' . $this->node->nid, $edit_comment, t('Save')); $this->drupalLogout(); - $this->setRolePermissions(DRUPAL_ANONYMOUS_RID); + $this->setRolePermissions(DRUPAL_ANONYMOUS_ROLE); $this->checkCommentAccess('Anon user has search permission but no access comments permission, comments should not be indexed'); - $this->setRolePermissions(DRUPAL_ANONYMOUS_RID, TRUE); + $this->setRolePermissions(DRUPAL_ANONYMOUS_ROLE, TRUE); $this->checkCommentAccess('Anon user has search permission and access comments permission, comments should be indexed', TRUE); $this->drupalLogin($this->admin_user); $this->drupalGet('admin/people/permissions'); // Disable search access for authenticated user to test admin user. - $this->setRolePermissions(DRUPAL_AUTHENTICATED_RID, FALSE, FALSE); + $this->setRolePermissions(DRUPAL_AUTHENTICATED_ROLE, FALSE, FALSE); $this->setRolePermissions($this->admin_role); $this->checkCommentAccess('Admin user has search permission but no access comments permission, comments should not be indexed'); @@ -872,21 +872,21 @@ class SearchCommentTestCase extends SearchWebTestCase { $this->setRolePermissions($this->admin_role, TRUE); $this->checkCommentAccess('Admin user has search permission and access comments permission, comments should be indexed', TRUE); - $this->setRolePermissions(DRUPAL_AUTHENTICATED_RID); + $this->setRolePermissions(DRUPAL_AUTHENTICATED_ROLE); $this->checkCommentAccess('Authenticated user has search permission but no access comments permission, comments should not be indexed'); - $this->setRolePermissions(DRUPAL_AUTHENTICATED_RID, TRUE); + $this->setRolePermissions(DRUPAL_AUTHENTICATED_ROLE, TRUE); $this->checkCommentAccess('Authenticated user has search permission and access comments permission, comments should be indexed', TRUE); // Verify that access comments permission is inherited from the // authenticated role. - $this->setRolePermissions(DRUPAL_AUTHENTICATED_RID, TRUE, FALSE); + $this->setRolePermissions(DRUPAL_AUTHENTICATED_ROLE, TRUE, FALSE); $this->setRolePermissions($this->admin_role); $this->checkCommentAccess('Admin user has search permission and no access comments permission, but comments should be indexed because admin user inherits authenticated user\'s permission to access comments', TRUE); // Verify that search content permission is inherited from the authenticated // role. - $this->setRolePermissions(DRUPAL_AUTHENTICATED_RID, TRUE, TRUE); + $this->setRolePermissions(DRUPAL_AUTHENTICATED_ROLE, TRUE, TRUE); $this->setRolePermissions($this->admin_role, TRUE, FALSE); $this->checkCommentAccess('Admin user has access comments permission and no search permission, but comments should be indexed because admin user inherits authenticated user\'s permission to search', TRUE); @@ -895,12 +895,12 @@ class SearchCommentTestCase extends SearchWebTestCase { /** * Set permissions for role. */ - function setRolePermissions($rid, $access_comments = FALSE, $search_content = TRUE) { + function setRolePermissions($role_name, $access_comments = FALSE, $search_content = TRUE) { $permissions = array( 'access comments' => $access_comments, 'search content' => $search_content, ); - user_role_change_permissions($rid, $permissions); + user_role_change_permissions($role_name, $permissions); } /** diff --git a/core/modules/simpletest/drupal_web_test_case.php b/core/modules/simpletest/drupal_web_test_case.php index a5a27ec..3bb6846 100644 --- a/core/modules/simpletest/drupal_web_test_case.php +++ b/core/modules/simpletest/drupal_web_test_case.php @@ -1108,10 +1108,10 @@ class DrupalWebTestCase extends DrupalTestCase { */ protected function drupalCreateUser(array $permissions = array()) { // Create a role with the given permission set, if any. - $rid = FALSE; + $role_name = FALSE; if ($permissions) { - $rid = $this->drupalCreateRole($permissions); - if (!$rid) { + $role_name = $this->drupalCreateRole($permissions); + if (!$role_name) { return FALSE; } } @@ -1122,8 +1122,8 @@ class DrupalWebTestCase extends DrupalTestCase { $edit['mail'] = $edit['name'] . '@example.com'; $edit['pass'] = user_password(); $edit['status'] = 1; - if ($rid) { - $edit['roles'] = array($rid => $rid); + if ($role_name) { + $edit['roles'] = array($role_name => $role_name); } $account = user_save(drupal_anonymous_user(), $edit); @@ -1146,12 +1146,13 @@ class DrupalWebTestCase extends DrupalTestCase { * @param $name * (optional) String for the name of the role. Defaults to a random string. * @return - * Role ID of newly created role, or FALSE if role creation failed. + * Role name of newly created role, or FALSE if role creation failed. */ protected function drupalCreateRole(array $permissions, $name = NULL) { // Generate random name if it was not passed. if (!$name) { - $name = $this->randomName(); + // We only want lower case machine names. + $name = strtolower($this->randomName()); } // Check the all the permissions strings are valid. @@ -1162,14 +1163,14 @@ class DrupalWebTestCase extends DrupalTestCase { // Create new role. $role = new stdClass(); $role->name = $name; - user_role_save($role); - user_role_grant_permissions($role->rid, $permissions); + $result = user_role_save($role); + $this->assertTrue($result == SAVED_NEW, t('Created role of name: @name', array('@name' => $name)), t('Role')); - $this->assertTrue(isset($role->rid), t('Created role of name: @name, id: @rid', array('@name' => $name, '@rid' => (isset($role->rid) ? $role->rid : t('-n/a-')))), t('Role')); - if ($role && !empty($role->rid)) { - $count = db_query('SELECT COUNT(*) FROM {role_permission} WHERE rid = :rid', array(':rid' => $role->rid))->fetchField(); + if ($result == SAVED_NEW) { + user_role_grant_permissions($role->name, $permissions); + $count = db_query('SELECT COUNT(*) FROM {role_permission} WHERE role_name = :name', array(':name' => $role->name))->fetchField(); $this->assertTrue($count == count($permissions), t('Created permissions: @perms', array('@perms' => implode(', ', $permissions))), t('Role')); - return $role->rid; + return $role->name; } else { return FALSE; diff --git a/core/modules/simpletest/tests/form.test b/core/modules/simpletest/tests/form.test index 582b473..53dea98 100644 --- a/core/modules/simpletest/tests/form.test +++ b/core/modules/simpletest/tests/form.test @@ -26,7 +26,7 @@ class FormsTestCase extends DrupalWebTestCase { filter_format_save($filtered_html_format); $filtered_html_permission = filter_permission_name($filtered_html_format); - user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array($filtered_html_permission)); + user_role_grant_permissions(DRUPAL_ANONYMOUS_ROLE, array($filtered_html_permission)); } /** diff --git a/core/modules/simpletest/tests/menu.test b/core/modules/simpletest/tests/menu.test index fbc0e17..18410fc 100644 --- a/core/modules/simpletest/tests/menu.test +++ b/core/modules/simpletest/tests/menu.test @@ -1382,7 +1382,7 @@ class MenuBreadcrumbTestCase extends MenuWebTestCase { // Verify breadcrumbs on user and user/%. // We need to log back in and out below, and cannot simply grant the // 'administer users' permission, since user_page() makes your head explode. - user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array( + user_role_grant_permissions(DRUPAL_ANONYMOUS_ROLE, array( 'access user profiles', )); $this->drupalLogout(); diff --git a/core/modules/simpletest/tests/module.test b/core/modules/simpletest/tests/module.test index 19acf60..e0604fa 100644 --- a/core/modules/simpletest/tests/module.test +++ b/core/modules/simpletest/tests/module.test @@ -339,7 +339,7 @@ class ModuleUninstallTestCase extends DrupalWebTestCase { drupal_uninstall_modules(array('module_test')); // Are the perms defined by module_test removed from {role_permission}. - $count = db_query("SELECT COUNT(rid) FROM {role_permission} WHERE permission = :perm", array(':perm' => 'module_test perm'))->fetchField(); + $count = db_query("SELECT COUNT(role_name) FROM {role_permission} WHERE permission = :perm", array(':perm' => 'module_test perm'))->fetchField(); $this->assertEqual(0, $count, t('Permissions were all removed.')); } } diff --git a/core/modules/system/system.test b/core/modules/system/system.test index 9287d16..976f713 100644 --- a/core/modules/system/system.test +++ b/core/modules/system/system.test @@ -900,8 +900,8 @@ class AccessDeniedTestCase extends DrupalWebTestCase { // Create an administrative user. $this->admin_user = $this->drupalCreateUser(array('access administration pages', 'administer site configuration', 'administer blocks')); - user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array('access user profiles')); - user_role_grant_permissions(DRUPAL_AUTHENTICATED_RID, array('access user profiles')); + user_role_grant_permissions(DRUPAL_ANONYMOUS_ROLE, array('access user profiles')); + user_role_grant_permissions(DRUPAL_AUTHENTICATED_ROLE, array('access user profiles')); } function testAccessDenied() { @@ -977,8 +977,8 @@ class PageNotFoundTestCase extends DrupalWebTestCase { // Create an administrative user. $this->admin_user = $this->drupalCreateUser(array('administer site configuration')); - user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array('access user profiles')); - user_role_grant_permissions(DRUPAL_AUTHENTICATED_RID, array('access user profiles')); + user_role_grant_permissions(DRUPAL_ANONYMOUS_ROLE, array('access user profiles')); + user_role_grant_permissions(DRUPAL_AUTHENTICATED_ROLE, array('access user profiles')); } function testPageNotFound() { diff --git a/core/modules/user/user.admin.inc b/core/modules/user/user.admin.inc index f7d4552..071412d 100644 --- a/core/modules/user/user.admin.inc +++ b/core/modules/user/user.admin.inc @@ -195,9 +195,9 @@ function user_admin_account() { $accounts = array(); foreach ($result as $account) { $users_roles = array(); - $roles_result = db_query('SELECT rid FROM {users_roles} WHERE uid = :uid', array(':uid' => $account->uid)); + $roles_result = db_query('SELECT role_name FROM {users_roles} WHERE uid = :uid', array(':uid' => $account->uid)); foreach ($roles_result as $user_role) { - $users_roles[] = $roles[$user_role->rid]; + $users_roles[] = $roles[$user_role->role_name]; } asort($users_roles); @@ -280,8 +280,8 @@ function user_admin_settings() { // Do not allow users to set the anonymous or authenticated user roles as the // administrator role. $roles = user_roles(); - unset($roles[DRUPAL_ANONYMOUS_RID]); - unset($roles[DRUPAL_AUTHENTICATED_RID]); + unset($roles[DRUPAL_ANONYMOUS_ROLE]); + unset($roles[DRUPAL_AUTHENTICATED_ROLE]); $roles[0] = t('disabled'); $form['admin_role']['user_admin_role'] = array( @@ -648,12 +648,11 @@ function user_admin_settings() { * @see user_admin_permissions_submit() * @see theme_user_admin_permissions() */ -function user_admin_permissions($form, $form_state, $rid = NULL) { - +function user_admin_permissions($form, $form_state, $role_name = NULL) { // Retrieve role names for columns. $role_names = user_roles(); - if (is_numeric($rid)) { - $role_names = array($rid => $role_names[$rid]); + if (!empty($role_name)) { + $role_names = array($role_name => $role_names[$role_name]); } // Fetch permissions for all roles or the one selected role. $role_permissions = user_role_permissions($role_names); @@ -695,10 +694,10 @@ function user_admin_permissions($form, $form_state, $rid = NULL) { '#markup' => $perm_item['title'], '#description' => theme('user_permission_description', array('permission_item' => $perm_item, 'hide' => $hide_descriptions)), ); - foreach ($role_names as $rid => $name) { + foreach ($role_names as $role_name => $role_label) { // Builds arrays for checked boxes for each role - if (isset($role_permissions[$rid][$perm])) { - $status[$rid][] = $perm; + if (isset($role_permissions[$role_name][$perm])) { + $status[$role_name][] = $perm; } } } @@ -706,14 +705,14 @@ function user_admin_permissions($form, $form_state, $rid = NULL) { } // Have to build checkboxes here after checkbox arrays are built - foreach ($role_names as $rid => $name) { - $form['checkboxes'][$rid] = array( + foreach ($role_names as $role_name => $role_label) { + $form['checkboxes'][$role_name] = array( '#type' => 'checkboxes', '#options' => $options, - '#default_value' => isset($status[$rid]) ? $status[$rid] : array(), - '#attributes' => array('class' => array('rid-' . $rid)), + '#default_value' => isset($status[$role_name]) ? $status[$role_name] : array(), + '#attributes' => array('class' => array('role_name-' . $role_name)), ); - $form['role_names'][$rid] = array('#markup' => check_plain($name), '#tree' => TRUE); + $form['role_names'][$role_name] = array('#markup' => check_plain($role_label), '#tree' => TRUE); } $form['actions'] = array('#type' => 'actions'); @@ -730,8 +729,8 @@ function user_admin_permissions($form, $form_state, $rid = NULL) { * @see user_admin_permissions() */ function user_admin_permissions_submit($form, &$form_state) { - foreach ($form_state['values']['role_names'] as $rid => $name) { - user_role_change_permissions($rid, $form_state['values'][$rid]); + foreach ($form_state['values']['role_names'] as $role_name => $role_label) { + user_role_change_permissions($role_name, $form_state['values'][$role_name]); } drupal_set_message(t('The changes have been saved.')); @@ -765,17 +764,17 @@ function theme_user_admin_permissions($variables) { 'data' => drupal_render($form['permission'][$key]), 'class' => array('permission'), ); - foreach (element_children($form['checkboxes']) as $rid) { - $form['checkboxes'][$rid][$key]['#title'] = $roles[$rid] . ': ' . $form['permission'][$key]['#markup']; - $form['checkboxes'][$rid][$key]['#title_display'] = 'invisible'; - $row[] = array('data' => drupal_render($form['checkboxes'][$rid][$key]), 'class' => array('checkbox')); + foreach (element_children($form['checkboxes']) as $role_name) { + $form['checkboxes'][$role_name][$key]['#title'] = $roles[$role_name] . ': ' . $form['permission'][$key]['#markup']; + $form['checkboxes'][$role_name][$key]['#title_display'] = 'invisible'; + $row[] = array('data' => drupal_render($form['checkboxes'][$role_name][$key]), 'class' => array('checkbox')); } } $rows[] = $row; } $header[] = (t('Permission')); - foreach (element_children($form['role_names']) as $rid) { - $header[] = array('data' => drupal_render($form['role_names'][$rid]), 'class' => array('checkbox')); + foreach (element_children($form['role_names']) as $role_name) { + $header[] = array('data' => drupal_render($form['role_names'][$role_name]), 'class' => array('checkbox')); } $output = theme('system_compact_link'); $output .= theme('table', array('header' => $header, 'rows' => $rows, 'attributes' => array('id' => 'permissions'))); @@ -821,22 +820,23 @@ function theme_user_permission_description($variables) { * @see theme_user_admin_roles() */ function user_admin_roles($form, $form_state) { - $roles = user_roles(); + $roles = db_select('role', 'r') + ->addTag('translatable') + ->fields('r') + ->orderBy('weight') + ->execute() + ->fetchAllAssoc('name'); $form['roles'] = array( '#tree' => TRUE, ); $order = 0; - foreach ($roles as $rid => $name) { - $form['roles'][$rid]['#role'] = (object) array( - 'rid' => $rid, - 'name' => $name, - 'weight' => $order, - ); - $form['roles'][$rid]['#weight'] = $order; - $form['roles'][$rid]['weight'] = array( + foreach ($roles as $role_name => $role) { + $form['roles'][$role_name]['#role'] = $role; + $form['roles'][$role_name]['#weight'] = $order; + $form['roles'][$role_name]['weight'] = array( '#type' => 'textfield', - '#title' => t('Weight for @title', array('@title' => $name)), + '#title' => t('Weight for @title', array('@title' => $role_name)), '#title_display' => 'invisible', '#size' => 4, '#default_value' => $order, @@ -844,20 +844,6 @@ function user_admin_roles($form, $form_state) { ); $order++; } - - $form['name'] = array( - '#type' => 'textfield', - '#title' => t('Name'), - '#title_display' => 'invisible', - '#size' => 32, - '#maxlength' => 64, - ); - $form['add'] = array( - '#type' => 'submit', - '#value' => t('Add role'), - '#validate' => array('user_admin_role_validate'), - '#submit' => array('user_admin_role_submit'), - ); $form['actions'] = array('#type' => 'actions'); $form['actions']['submit'] = array( '#type' => 'submit', @@ -872,8 +858,8 @@ function user_admin_roles($form, $form_state) { * Form submit function. Update the role weights. */ function user_admin_roles_order_submit($form, &$form_state) { - foreach ($form_state['values']['roles'] as $rid => $role_values) { - $role = $form['roles'][$rid]['#role']; + foreach ($form_state['values']['roles'] as $role_name => $role_values) { + $role = $form['roles'][$role_name]['#role']; $role->weight = $role_values['weight']; user_role_save($role); } @@ -892,25 +878,27 @@ function user_admin_roles_order_submit($form, &$form_state) { function theme_user_admin_roles($variables) { $form = $variables['form']; - $header = array(t('Name'), t('Weight'), array('data' => t('Operations'), 'colspan' => 2)); - foreach (element_children($form['roles']) as $rid) { - $name = $form['roles'][$rid]['#role']->name; + $header = array(t('Label'), t('Machine name'), t('Weight'), array('data' => t('Operations'), 'colspan' => 2)); + foreach (element_children($form['roles']) as $role_name) { + $role = $form['roles'][$role_name]['#role']; $row = array(); - if (in_array($rid, array(DRUPAL_ANONYMOUS_RID, DRUPAL_AUTHENTICATED_RID))) { - $row[] = t('@name (locked)', array('@name' => $name)); - $row[] = drupal_render($form['roles'][$rid]['weight']); + if (in_array($role_name, array(DRUPAL_ANONYMOUS_ROLE, DRUPAL_AUTHENTICATED_ROLE))) { + $row[] = check_plain($role->label); + $row[] = t('@name (locked)', array('@name' => $role_name)); + $row[] = drupal_render($form['roles'][$role_name]['weight']); $row[] = ''; - $row[] = l(t('edit permissions'), 'admin/people/permissions/' . $rid); + $row[] = l(t('edit permissions'), 'admin/people/permissions/' . $role_name); } else { - $row[] = check_plain($name); - $row[] = drupal_render($form['roles'][$rid]['weight']); - $row[] = l(t('edit role'), 'admin/people/permissions/roles/edit/' . $rid); - $row[] = l(t('edit permissions'), 'admin/people/permissions/' . $rid); + $row[] = check_plain($role->label); + $row[] = check_plain($role_name); + $row[] = drupal_render($form['roles'][$role_name]['weight']); + $row[] = l(t('edit role'), 'admin/people/permissions/roles/edit/' . $role_name); + $row[] = l(t('edit permissions'), 'admin/people/permissions/' . $role_name); } $rows[] = array('data' => $row, 'class' => array('draggable')); } - $rows[] = array(array('data' => drupal_render($form['name']) . drupal_render($form['add']), 'colspan' => 4, 'class' => 'edit-name')); + $rows[] = array(array('data' => drupal_render($form['name']) . drupal_render($form['add']), 'colspan' => 5, 'class' => 'edit-name')); drupal_add_tabledrag('user-roles', 'order', 'sibling', 'role-weight'); @@ -927,73 +915,60 @@ function theme_user_admin_roles($variables) { * @see user_admin_role_validate() * @see user_admin_role_submit() */ -function user_admin_role($form, $form_state, $role) { - if ($role->rid == DRUPAL_ANONYMOUS_RID || $role->rid == DRUPAL_AUTHENTICATED_RID) { +function user_admin_role($form, $form_state, $role = NULL) { + if ($role && ($role->name == DRUPAL_ANONYMOUS_ROLE || $role->name == DRUPAL_AUTHENTICATED_ROLE)) { drupal_goto('admin/people/permissions/roles'); } // Display the edit role form. - $form['name'] = array( + $form['label'] = array( '#type' => 'textfield', - '#title' => t('Role name'), - '#default_value' => $role->name, + '#title' => t('Role label'), + '#default_value' => isset($role->label) ? $role->label : '', + '#size' => 60, + '#maxlength' => 255, + '#description' => t('The label for this role. Example: "Moderator", "Editorial board", "Site architect".'), + ); + $form['name'] = array( + '#type' => 'machine_name', + '#default_value' => isset($role->name) ? $role->name : '', '#size' => 30, - '#required' => TRUE, '#maxlength' => 64, - '#description' => t('The name for this role. Example: "moderator", "editorial board", "site architect".'), - ); - $form['rid'] = array( - '#type' => 'value', - '#value' => $role->rid, + '#description' => t('The machine name for this role. Example: "moderator", "editorial_board", "site_architect".'), + '#disabled' => isset($role->name), + '#machine_name' => array( + 'exists' => 'user_role_load', + 'source' => array('label'), + ), ); $form['weight'] = array( '#type' => 'value', - '#value' => $role->weight, + '#value' => isset($role->weight) ? $role->weight : NULL, ); $form['actions'] = array('#type' => 'actions'); $form['actions']['submit'] = array( '#type' => 'submit', - '#value' => t('Save role'), - ); - $form['actions']['delete'] = array( - '#type' => 'submit', - '#value' => t('Delete role'), - '#submit' => array('user_admin_role_delete_submit'), + '#value' => isset($role) ? t('Save role') : t('Add role'), ); + if ($role) { + $form['actions']['delete'] = array( + '#type' => 'submit', + '#value' => t('Delete role'), + '#submit' => array('user_admin_role_delete_submit'), + ); + } return $form; } /** - * Form validation handler for the user_admin_role() form. - */ -function user_admin_role_validate($form, &$form_state) { - if (!empty($form_state['values']['name'])) { - if ($form_state['values']['op'] == t('Save role')) { - $role = user_role_load_by_name($form_state['values']['name']); - if ($role && $role->rid != $form_state['values']['rid']) { - form_set_error('name', t('The role name %name already exists. Choose another role name.', array('%name' => $form_state['values']['name']))); - } - } - elseif ($form_state['values']['op'] == t('Add role')) { - if (user_role_load_by_name($form_state['values']['name'])) { - form_set_error('name', t('The role name %name already exists. Choose another role name.', array('%name' => $form_state['values']['name']))); - } - } - } - else { - form_set_error('name', t('You must specify a valid role name.')); - } -} - -/** * Form submit handler for the user_admin_role() form. */ function user_admin_role_submit($form, &$form_state) { $role = (object) $form_state['values']; if ($form_state['values']['op'] == t('Save role')) { user_role_save($role); - drupal_set_message(t('The role has been renamed.')); + drupal_set_message(t('The role label has been renamed.')); } elseif ($form_state['values']['op'] == t('Add role')) { user_role_save($role); @@ -1007,16 +982,16 @@ function user_admin_role_submit($form, &$form_state) { * Form submit handler for the user_admin_role() form. */ function user_admin_role_delete_submit($form, &$form_state) { - $form_state['redirect'] = 'admin/people/permissions/roles/delete/' . $form_state['values']['rid']; + $form_state['redirect'] = 'admin/people/permissions/roles/delete/' . $form_state['values']['name']; } /** * Form to confirm role delete operation. */ function user_admin_role_delete_confirm($form, &$form_state, $role) { - $form['rid'] = array( + $form['name'] = array( '#type' => 'value', - '#value' => $role->rid, + '#value' => $role->name, ); return confirm_form($form, t('Are you sure you want to delete the role %name ?', array('%name' => $role->name)), 'admin/people/permissions/roles', t('This action cannot be undone.'), t('Delete')); } @@ -1025,7 +1000,7 @@ function user_admin_role_delete_confirm($form, &$form_state, $role) { * Form submit handler for user_admin_role_delete_confirm(). */ function user_admin_role_delete_confirm_submit($form, &$form_state) { - user_role_delete((int) $form_state['values']['rid']); + user_role_delete($form_state['values']['name']); drupal_set_message(t('The role has been deleted.')); $form_state['redirect'] = 'admin/people/permissions/roles'; } diff --git a/core/modules/user/user.api.php b/core/modules/user/user.api.php index dc16906..263b97f 100644 --- a/core/modules/user/user.api.php +++ b/core/modules/user/user.api.php @@ -417,7 +417,7 @@ function hook_user_role_insert($role) { // Save extra fields provided by the module to user roles. db_insert('my_module_table') ->fields(array( - 'rid' => $role->rid, + 'role_name' => $role->name, 'role_description' => $role->description, )) ->execute(); @@ -437,7 +437,7 @@ function hook_user_role_insert($role) { function hook_user_role_update($role) { // Save extra fields provided by the module to user roles. db_merge('my_module_table') - ->key(array('rid' => $role->rid)) + ->key(array('role_name' => $role->name)) ->fields(array( 'role_description' => $role->description )) @@ -458,7 +458,7 @@ function hook_user_role_update($role) { function hook_user_role_delete($role) { // Delete existing instances of the deleted role. db_delete('my_module_table') - ->condition('rid', $role->rid) + ->condition('role_name', $role->name) ->execute(); } diff --git a/core/modules/user/user.entity.inc b/core/modules/user/user.entity.inc index 5549c77..4c384d6 100644 --- a/core/modules/user/user.entity.inc +++ b/core/modules/user/user.entity.inc @@ -20,17 +20,17 @@ class UserController extends DrupalDefaultEntityController { $queried_users[$key]->data = unserialize($record->data); $queried_users[$key]->roles = array(); if ($record->uid) { - $queried_users[$record->uid]->roles[DRUPAL_AUTHENTICATED_RID] = 'authenticated user'; + $queried_users[$record->uid]->roles[DRUPAL_AUTHENTICATED_ROLE] = TRUE; } else { - $queried_users[$record->uid]->roles[DRUPAL_ANONYMOUS_RID] = 'anonymous user'; + $queried_users[$record->uid]->roles[DRUPAL_ANONYMOUS_ROLE] = TRUE; } } // Add any additional roles from the database. - $result = db_query('SELECT r.rid, r.name, ur.uid FROM {role} r INNER JOIN {users_roles} ur ON ur.rid = r.rid WHERE ur.uid IN (:uids)', array(':uids' => array_keys($queried_users))); + $result = db_query('SELECT r.name, ur.uid FROM {role} r INNER JOIN {users_roles} ur ON ur.role_name = r.name WHERE ur.uid IN (:uids)', array(':uids' => array_keys($queried_users))); foreach ($result as $record) { - $queried_users[$record->uid]->roles[$record->rid] = $record->name; + $queried_users[$record->uid]->roles[$record->name] = TRUE; } // Add the full file objects for user pictures if enabled. diff --git a/core/modules/user/user.install b/core/modules/user/user.install index 38d78e1..ee60ba3 100644 --- a/core/modules/user/user.install +++ b/core/modules/user/user.install @@ -54,18 +54,18 @@ function user_schema() { $schema['role_permission'] = array( 'description' => 'Stores the permissions assigned to user roles.', 'fields' => array( - 'rid' => array( - 'type' => 'int', - 'unsigned' => TRUE, + 'role_name' => array( + 'type' => 'varchar', + 'length' => 64, 'not null' => TRUE, - 'description' => 'Foreign Key: {role}.rid.', + 'description' => 'Foreign Key: {role}.name.', ), 'permission' => array( 'type' => 'varchar', 'length' => 128, 'not null' => TRUE, 'default' => '', - 'description' => 'A single permission granted to the role identified by rid.', + 'description' => 'A single permission granted to the role identified by role_name.', ), 'module' => array( 'type' => 'varchar', @@ -75,14 +75,14 @@ function user_schema() { 'description' => "The module declaring the permission.", ), ), - 'primary key' => array('rid', 'permission'), + 'primary key' => array('role_name', 'permission'), 'indexes' => array( 'permission' => array('permission'), ), 'foreign keys' => array( 'role' => array( - 'table' => 'roles', - 'columns' => array('rid' => 'rid'), + 'table' => 'role', + 'columns' => array('role_name' => 'name'), ), ), ); @@ -90,18 +90,18 @@ function user_schema() { $schema['role'] = array( 'description' => 'Stores user roles.', 'fields' => array( - 'rid' => array( - 'type' => 'serial', - 'unsigned' => TRUE, - 'not null' => TRUE, - 'description' => 'Primary Key: Unique role ID.', - ), 'name' => array( 'type' => 'varchar', 'length' => 64, 'not null' => TRUE, 'default' => '', 'description' => 'Unique role name.', + ), + 'label' => array( + 'type' => 'varchar', + 'length' => 255, + 'default' => '', + 'description' => 'Role label.', 'translatable' => TRUE, ), 'weight' => array( @@ -111,10 +111,7 @@ function user_schema() { 'description' => 'The weight of this role in listings and the user interface.', ), ), - 'unique keys' => array( - 'name' => array('name'), - ), - 'primary key' => array('rid'), + 'primary key' => array('name'), 'indexes' => array( 'name_weight' => array('name', 'weight'), ), @@ -266,17 +263,17 @@ function user_schema() { 'default' => 0, 'description' => 'Primary Key: {users}.uid for user.', ), - 'rid' => array( - 'type' => 'int', - 'unsigned' => TRUE, + 'role_name' => array( + 'type' => 'varchar', + 'length' => 64, 'not null' => TRUE, - 'default' => 0, - 'description' => 'Primary Key: {role}.rid for role.', + 'default' => '', + 'description' => 'Primary Key: {role}.name for role.', ), ), - 'primary key' => array('uid', 'rid'), + 'primary key' => array('uid', 'role_name'), 'indexes' => array( - 'rid' => array('rid'), + 'role_name' => array('role_name'), ), 'foreign keys' => array( 'user' => array( @@ -284,8 +281,8 @@ function user_schema() { 'columns' => array('uid' => 'uid'), ), 'role' => array( - 'table' => 'roles', - 'columns' => array('rid' => 'rid'), + 'table' => 'role', + 'columns' => array('role_name' => 'name'), ), ), ); @@ -321,28 +318,16 @@ function user_install() { ->execute(); // Built-in roles. - $rid_anonymous = db_insert('role') - ->fields(array('name' => 'anonymous user', 'weight' => 0)) + db_insert('role')->fields(array( + 'name' => DRUPAL_ANONYMOUS_ROLE, + 'label' => 'Anonymous user', + 'weight' => 0)) ->execute(); - $rid_authenticated = db_insert('role') - ->fields(array('name' => 'authenticated user', 'weight' => 1)) + db_insert('role')->fields(array( + 'name' => DRUPAL_AUTHENTICATED_ROLE, + 'label' => 'Authenticated user', + 'weight' => 1)) ->execute(); - - // Sanity check to ensure the anonymous and authenticated role IDs are the - // same as the drupal defined constants. In certain situations, this will - // not be true. - if ($rid_anonymous != DRUPAL_ANONYMOUS_RID) { - db_update('role') - ->fields(array('rid' => DRUPAL_ANONYMOUS_RID)) - ->condition('rid', $rid_anonymous) - ->execute(); - } - if ($rid_authenticated != DRUPAL_AUTHENTICATED_RID) { - db_update('role') - ->fields(array('rid' => DRUPAL_AUTHENTICATED_RID)) - ->condition('rid', $rid_authenticated) - ->execute(); - } } /** @@ -398,5 +383,38 @@ function user_update_8001() { } /** + * Role ids are replaced with role machine names. + */ +function user_update_8002() { + // We do not need to add role_name database columns because they were already + // created earlier during the upgrade process. + // @see update_prepare_d8_role_names(). + + // Set the new primary key in the role_permission table. + db_drop_primary_key('role_permission'); + db_add_primary_key('role_permission', array('role_name', 'permission')); + + // Set the new primary key in the users_roles table.. + db_drop_primary_key('users_roles'); + db_add_primary_key('users_roles', array('uid', 'role_name')); + + // We cannot just drop the rid column in the role table because other modules + // might need the information for their upgrades (example: block module). So + // we just remove the auto increment and the primary key setting. + $column = array( + 'type' => 'int', + 'unsigned' => TRUE, + 'description' => 'Old Primary Key: role ID. Use for upgrade purposes only!', + ); + db_change_field('role', 'rid', 'rid', $column); + // Set the role name as primary key. + db_drop_primary_key('role'); + db_add_primary_key('role', array('name')); + + db_drop_field('users_roles', 'rid'); + db_drop_field('role_permission', 'rid'); +} + +/** * @} End of "addtogroup updates-7.x-to-8.x" */ diff --git a/core/modules/user/user.module b/core/modules/user/user.module index 865f17b..439e6f9 100644 --- a/core/modules/user/user.module +++ b/core/modules/user/user.module @@ -478,12 +478,12 @@ function user_save($account, $edit = array()) { ->condition('uid', $account->uid) ->execute(); - $query = db_insert('users_roles')->fields(array('uid', 'rid')); - foreach (array_keys($account->roles) as $rid) { - if (!in_array($rid, array(DRUPAL_ANONYMOUS_RID, DRUPAL_AUTHENTICATED_RID))) { + $query = db_insert('users_roles')->fields(array('uid', 'role_name')); + foreach (array_keys($account->roles) as $role_name) { + if (!in_array($role_name, array(DRUPAL_ANONYMOUS_ROLE, DRUPAL_AUTHENTICATED_ROLE))) { $query->values(array( 'uid' => $account->uid, - 'rid' => $rid, + 'role_name' => $role_name, )); } } @@ -541,7 +541,7 @@ function user_save($account, $edit = array()) { } // Make sure $account is properly initialized. - $account->roles[DRUPAL_AUTHENTICATED_RID] = 'authenticated user'; + $account->roles[DRUPAL_AUTHENTICATED_ROLE] = TRUE; field_attach_insert('user', $account); $edit = (array) $account; @@ -550,12 +550,12 @@ function user_save($account, $edit = array()) { // Save user roles. if (count($account->roles) > 1) { - $query = db_insert('users_roles')->fields(array('uid', 'rid')); - foreach (array_keys($account->roles) as $rid) { - if (!in_array($rid, array(DRUPAL_ANONYMOUS_RID, DRUPAL_AUTHENTICATED_RID))) { + $query = db_insert('users_roles')->fields(array('uid', 'role_name')); + foreach (array_keys($account->roles) as $role_name) { + if (!in_array($role_name, array(DRUPAL_ANONYMOUS_ROLE, DRUPAL_AUTHENTICATED_ROLE))) { $query->values(array( 'uid' => $account->uid, - 'rid' => $rid, + 'role_name' => $role_name, )); } } @@ -667,11 +667,11 @@ function user_password($length = 10) { * Determine the permissions for one or more roles. * * @param $roles - * An array whose keys are the role IDs of interest, such as $user->roles. + * An array whose keys are the role names of interest, such as $user->roles. * * @return - * An array indexed by role ID. Each value is an array whose keys are the - * permission strings for the given role ID. + * An array indexed by role name. Each value is an array whose keys are the + * permission strings for the given role name. */ function user_role_permissions($roles = array()) { $cache = &drupal_static(__FUNCTION__, array()); @@ -679,29 +679,29 @@ function user_role_permissions($roles = array()) { $role_permissions = $fetch = array(); if ($roles) { - foreach ($roles as $rid => $name) { - if (isset($cache[$rid])) { - $role_permissions[$rid] = $cache[$rid]; + foreach (array_keys($roles) as $role_name) { + if (isset($cache[$role_name])) { + $role_permissions[$role_name] = $cache[$role_name]; } else { - // Add this rid to the list of those needing to be fetched. - $fetch[] = $rid; + // Add this role name to the list of those needing to be fetched. + $fetch[] = $role_name; // Prepare in case no permissions are returned. - $cache[$rid] = array(); + $cache[$role_name] = array(); } } if ($fetch) { // Get from the database permissions that were not in the static variable. - // Only role IDs with at least one permission assigned will return rows. - $result = db_query("SELECT rid, permission FROM {role_permission} WHERE rid IN (:fetch)", array(':fetch' => $fetch)); + // Only role names with at least one permission assigned will return rows. + $result = db_query("SELECT role_name, permission FROM {role_permission} WHERE role_name IN (:fetch)", array(':fetch' => $fetch)); foreach ($result as $row) { - $cache[$row->rid][$row->permission] = TRUE; + $cache[$row->role_name][$row->permission] = TRUE; } - foreach ($fetch as $rid) { - // For every rid, we know we at least assigned an empty array. - $role_permissions[$rid] = $cache[$rid]; + foreach ($fetch as $role_name) { + // For every role name, we know we at least assigned an empty array. + $role_permissions[$role_name] = $cache[$role_name]; } } } @@ -1025,18 +1025,18 @@ function user_account_form(&$form, &$form_state) { // @todo This should be solved more elegantly. See issue #119038. $checkbox_authenticated = array( '#type' => 'checkbox', - '#title' => $roles[DRUPAL_AUTHENTICATED_RID], + '#title' => $roles[DRUPAL_AUTHENTICATED_ROLE], '#default_value' => TRUE, '#disabled' => TRUE, ); - unset($roles[DRUPAL_AUTHENTICATED_RID]); + unset($roles[DRUPAL_AUTHENTICATED_ROLE]); $form['account']['roles'] = array( '#type' => 'checkboxes', '#title' => t('Roles'), '#default_value' => (!$register && isset($account->roles) ? array_keys($account->roles) : array()), '#options' => $roles, '#access' => $roles && user_access('administer permissions'), - DRUPAL_AUTHENTICATED_RID => $checkbox_authenticated, + DRUPAL_AUTHENTICATED_ROLE => $checkbox_authenticated, ); $form['account']['notify'] = array( @@ -1721,6 +1721,14 @@ function user_menu() { 'type' => MENU_LOCAL_TASK, 'weight' => -5, ); + $items['admin/people/permissions/roles/add'] = array( + 'title' => 'Add role', + 'page callback' => 'drupal_get_form', + 'page arguments' => array('user_admin_role'), + 'access arguments' => array('administer permissions'), + 'file' => 'user.admin.inc', + 'type' => MENU_LOCAL_ACTION, + ); $items['admin/people/permissions/roles/edit/%user_role'] = array( 'title' => 'Edit role', 'page arguments' => array('user_admin_role', 5), @@ -2779,8 +2787,8 @@ function user_mail_tokens(&$replacements, $data, $options) { * permission are returned. * * @return - * An associative array with the role id as the key and the role name as - * value. + * An associative array with the role machine name as the key and the label + * as value. */ function user_roles($membersonly = FALSE, $permission = NULL) { $user_roles = &drupal_static(__FUNCTION__); @@ -2788,7 +2796,7 @@ function user_roles($membersonly = FALSE, $permission = NULL) { // Do not cache roles for specific permissions. This data is not requested // frequently enough to justify the additional memory use. if (empty($permission)) { - $cid = $membersonly ? DRUPAL_AUTHENTICATED_RID : DRUPAL_ANONYMOUS_RID; + $cid = $membersonly ? DRUPAL_AUTHENTICATED_ROLE : DRUPAL_ANONYMOUS_ROLE; if (isset($user_roles[$cid])) { return $user_roles[$cid]; } @@ -2796,29 +2804,28 @@ function user_roles($membersonly = FALSE, $permission = NULL) { $query = db_select('role', 'r'); $query->addTag('translatable'); - $query->fields('r', array('rid', 'name')); + $query->fields('r', array('name', 'label')); $query->orderBy('weight'); - $query->orderBy('name'); if (!empty($permission)) { - $query->innerJoin('role_permission', 'p', 'r.rid = p.rid'); + $query->innerJoin('role_permission', 'p', 'r.name = p.role_name'); $query->condition('p.permission', $permission); } $result = $query->execute(); $roles = array(); foreach ($result as $role) { - switch ($role->rid) { - // We only translate the built in role names - case DRUPAL_ANONYMOUS_RID: + switch ($role->name) { + // We only translate the built in role labels. + case DRUPAL_ANONYMOUS_ROLE: if (!$membersonly) { - $roles[$role->rid] = t($role->name); + $roles[$role->name] = t($role->label); } break; - case DRUPAL_AUTHENTICATED_RID: - $roles[$role->rid] = t($role->name); + case DRUPAL_AUTHENTICATED_ROLE: + $roles[$role->name] = t($role->label); break; default: - $roles[$role->rid] = $role->name; + $roles[$role->name] = $role->label; } } @@ -2831,41 +2838,19 @@ function user_roles($membersonly = FALSE, $permission = NULL) { } /** - * Fetches a user role by role ID. - * - * @param $rid - * An integer representing the role ID. - * - * @return - * A fully-loaded role object if a role with the given ID exists, or FALSE - * otherwise. - * - * @see user_role_load_by_name() - */ -function user_role_load($rid) { - return db_select('role', 'r') - ->fields('r') - ->condition('rid', $rid) - ->execute() - ->fetchObject(); -} - -/** * Fetches a user role by role name. * - * @param $role_name - * A string representing the role name. + * @param string $name + * An string representing the role name. * - * @return + * @return object * A fully-loaded role object if a role with the given name exists, or FALSE * otherwise. - * - * @see user_role_load() */ -function user_role_load_by_name($role_name) { +function user_role_load($name) { return db_select('role', 'r') ->fields('r') - ->condition('name', $role_name) + ->condition('name', $name) ->execute() ->fetchObject(); } @@ -2874,8 +2859,7 @@ function user_role_load_by_name($role_name) { * Save a user role to the database. * * @param $role - * A role object to modify or add. If $role->rid is not specified, a new - * role will be created. + * A role object to modify or add. * @return * Status constant indicating if role was created or updated. * Failure to write the user role record will return FALSE. Otherwise. @@ -2897,14 +2881,20 @@ function user_role_save($role) { // Let modules modify the user role before it is saved to the database. module_invoke_all('user_role_presave', $role); - if (!empty($role->rid) && $role->name) { - $status = drupal_write_record('role', $role, 'rid'); - module_invoke_all('user_role_update', $role); - } - else { + $exists = db_select('role', 'r') + ->fields('r', array('name')) + ->condition('name', $role->name) + ->execute() + ->fetchAll(); + + if (empty($exists)) { $status = drupal_write_record('role', $role); module_invoke_all('user_role_insert', $role); } + else { + $status = drupal_write_record('role', $role, 'name'); + module_invoke_all('user_role_update', $role); + } // Clear the user access cache. drupal_static_reset('user_access'); @@ -2916,26 +2906,21 @@ function user_role_save($role) { /** * Delete a user role from database. * - * @param $role - * A string with the role name, or an integer with the role ID. + * @param $role_name + * A string with the role name. */ -function user_role_delete($role) { - if (is_int($role)) { - $role = user_role_load($role); - } - else { - $role = user_role_load_by_name($role); - } +function user_role_delete($role_name) { + $role = user_role_load($role_name); db_delete('role') - ->condition('rid', $role->rid) + ->condition('name', $role->name) ->execute(); db_delete('role_permission') - ->condition('rid', $role->rid) + ->condition('role_name', $role->name) ->execute(); // Update the users who have this role set: db_delete('users_roles') - ->condition('rid', $role->rid) + ->condition('role_name', $role->name) ->execute(); module_invoke_all('user_role_delete', $role); @@ -2950,7 +2935,7 @@ function user_role_delete($role) { */ function user_role_edit_access($role) { // Prevent the system-defined roles from being altered or removed. - if ($role->rid == DRUPAL_ANONYMOUS_RID || $role->rid == DRUPAL_AUTHENTICATED_RID) { + if ($role->name == DRUPAL_ANONYMOUS_ROLE || $role->name == DRUPAL_AUTHENTICATED_ROLE) { return FALSE; } @@ -2982,8 +2967,8 @@ function user_permission_get_modules() { * role, the form submit handler may directly pass the submitted values for the * checkboxes form element to this function. * - * @param $rid - * The ID of a user role to alter. + * @param $role_name + * The name of a user role to alter. * @param $permissions * An associative array, where the key holds the permission name and the value * determines whether to grant or revoke that permission. Any value that @@ -3003,37 +2988,37 @@ function user_permission_get_modules() { * @see user_role_grant_permissions() * @see user_role_revoke_permissions() */ -function user_role_change_permissions($rid, array $permissions = array()) { +function user_role_change_permissions($role_name, array $permissions = array()) { // Grant new permissions for the role. $grant = array_filter($permissions); if (!empty($grant)) { - user_role_grant_permissions($rid, array_keys($grant)); + user_role_grant_permissions($role_name, array_keys($grant)); } // Revoke permissions for the role. $revoke = array_diff_assoc($permissions, $grant); if (!empty($revoke)) { - user_role_revoke_permissions($rid, array_keys($revoke)); + user_role_revoke_permissions($role_name, array_keys($revoke)); } } /** * Grant permissions to a user role. * - * @param $rid - * The ID of a user role to alter. + * @param $role_name + * The name of a user role to alter. * @param $permissions * A list of permission names to grant. * * @see user_role_change_permissions() * @see user_role_revoke_permissions() */ -function user_role_grant_permissions($rid, array $permissions = array()) { +function user_role_grant_permissions($role_name, array $permissions = array()) { $modules = user_permission_get_modules(); // Grant new permissions for the role. foreach ($permissions as $name) { db_merge('role_permission') ->key(array( - 'rid' => $rid, + 'role_name' => $role_name, 'permission' => $name, )) ->fields(array( @@ -3050,18 +3035,18 @@ function user_role_grant_permissions($rid, array $permissions = array()) { /** * Revoke permissions from a user role. * - * @param $rid - * The ID of a user role to alter. + * @param $role_name + * The name of a user role to alter. * @param $permissions * A list of permission names to revoke. * * @see user_role_change_permissions() * @see user_role_grant_permissions() */ -function user_role_revoke_permissions($rid, array $permissions = array()) { +function user_role_revoke_permissions($role_name, array $permissions = array()) { // Revoke permissions for the role. db_delete('role_permission') - ->condition('rid', $rid) + ->condition('role_name', $role_name) ->condition('permission', $permissions, 'IN') ->execute(); @@ -3090,7 +3075,7 @@ function user_user_operations($form = array(), $form_state = array()) { if (user_access('administer permissions')) { $roles = user_roles(TRUE); - unset($roles[DRUPAL_AUTHENTICATED_RID]); // Can't edit authenticated role. + unset($roles[DRUPAL_AUTHENTICATED_ROLE]); // Can't edit authenticated role. $add_roles = array(); foreach ($roles as $key => $value) { @@ -3119,14 +3104,14 @@ function user_user_operations($form = array(), $form_state = array()) { // If the form has been posted, we need to insert the proper data for // role editing if necessary. if (!empty($form_state['submitted'])) { - $operation_rid = explode('-', $form_state['values']['operation']); - $operation = $operation_rid[0]; + $operation_role = explode('-', $form_state['values']['operation']); + $operation = $operation_role[0]; if ($operation == 'add_role' || $operation == 'remove_role') { - $rid = $operation_rid[1]; + $role_name = $operation_role[1]; if (user_access('administer permissions')) { $operations[$form_state['values']['operation']] = array( 'callback' => 'user_multiple_role_edit', - 'callback arguments' => array($operation, $rid), + 'callback arguments' => array($operation, $role_name), ); } else { @@ -3171,18 +3156,14 @@ function user_user_operations_block($accounts) { /** * Callback function for admin mass adding/deleting a user role. */ -function user_multiple_role_edit($accounts, $operation, $rid) { - // The role name is not necessary as user_save() will reload the user - // object, but some modules' hook_user() may look at this first. - $role_name = db_query('SELECT name FROM {role} WHERE rid = :rid', array(':rid' => $rid))->fetchField(); - +function user_multiple_role_edit($accounts, $operation, $role_name) { switch ($operation) { case 'add_role': $accounts = user_load_multiple($accounts); foreach ($accounts as $account) { // Skip adding the role to the user if they already have it. - if ($account !== FALSE && !isset($account->roles[$rid])) { - $roles = $account->roles + array($rid => $role_name); + if ($account !== FALSE && !isset($account->roles[$role_name])) { + $roles = $account->roles + array($role_name => TRUE); // For efficiency manually save the original account before applying // any changes. $account->original = clone $account; @@ -3194,8 +3175,8 @@ function user_multiple_role_edit($accounts, $operation, $rid) { $accounts = user_load_multiple($accounts); foreach ($accounts as $account) { // Skip removing the role from the user if they already don't have it. - if ($account !== FALSE && isset($account->roles[$rid])) { - $roles = array_diff($account->roles, array($rid => $role_name)); + if ($account !== FALSE && isset($account->roles[$role_name])) { + $roles = array_diff_key($account->roles, array($role_name => TRUE)); // For efficiency manually save the original account before applying // any changes. $account->original = clone $account; @@ -3307,11 +3288,11 @@ function user_filters() { // Regular filters $filters = array(); $roles = user_roles(TRUE); - unset($roles[DRUPAL_AUTHENTICATED_RID]); // Don't list authorized role. + unset($roles[DRUPAL_AUTHENTICATED_ROLE]); // Don't list authorized role. if (count($roles)) { $filters['role'] = array( 'title' => t('role'), - 'field' => 'ur.rid', + 'field' => 'ur.name', 'options' => array( '[any]' => t('any'), ) + $roles, @@ -3365,17 +3346,17 @@ function user_build_filter_query(SelectInterface $query) { if ($key == 'permission') { $account = new stdClass(); $account->uid = 'user_filter'; - $account->roles = array(DRUPAL_AUTHENTICATED_RID => 1); + $account->roles = array(DRUPAL_AUTHENTICATED_ROLE => TRUE); if (user_access($value, $account)) { continue; } $users_roles_alias = $query->join('users_roles', 'ur', '%alias.uid = u.uid'); - $permission_alias = $query->join('role_permission', 'p', $users_roles_alias . '.rid = %alias.rid'); + $permission_alias = $query->join('role_permission', 'p', $users_roles_alias . '.role_name = %alias.role_name'); $query->condition($permission_alias . '.permission', $value); } elseif ($key == 'role') { $users_roles_alias = $query->join('users_roles', 'ur', '%alias.uid = u.uid'); - $query->condition($users_roles_alias . '.rid' , $value); + $query->condition($users_roles_alias . '.role_name' , $value); } else { $query->condition($filters[$key]['field'], $value); @@ -3817,8 +3798,8 @@ function user_register_submit($form, &$form_state) { */ function user_modules_installed($modules) { // Assign all available permissions to the administrator role. - $rid = variable_get('user_admin_role', 0); - if ($rid) { + $role_name = variable_get('user_admin_role', 0); + if ($role_name) { $permissions = array(); foreach ($modules as $module) { if ($module_permissions = module_invoke($module, 'permission')) { @@ -3826,7 +3807,7 @@ function user_modules_installed($modules) { } } if (!empty($permissions)) { - user_role_grant_permissions($rid, $permissions); + user_role_grant_permissions($role_name, $permissions); } } } diff --git a/core/modules/user/user.permissions.js b/core/modules/user/user.permissions.js index 988820e..2b0ba48 100644 --- a/core/modules/user/user.permissions.js +++ b/core/modules/user/user.permissions.js @@ -30,12 +30,12 @@ Drupal.behaviors.permissions = { .attr('title', Drupal.t("This permission is inherited from the authenticated user role.")) .hide(); - $('input[type=checkbox]', this).not('.rid-2, .rid-1').addClass('real-checkbox').each(function () { + $('input[type=checkbox]', this).not('.role_name-anonymous_user, .role_name-authenticated_user').addClass('real-checkbox').each(function () { $dummy.clone().insertAfter(this); }); // Initialize the authenticated user checkbox. - $('input[type=checkbox].rid-2', this) + $('input[type=checkbox].role_name-authenticated_user', this) .bind('click.permissions', self.toggle) // .triggerHandler() cannot be used here, as it only affects the first // element. diff --git a/core/modules/user/user.test b/core/modules/user/user.test index 3a07e1c..d57baad 100644 --- a/core/modules/user/user.test +++ b/core/modules/user/user.test @@ -1131,7 +1131,7 @@ class UserPictureTestCase extends DrupalWebTestCase { class UserPermissionsTestCase extends DrupalWebTestCase { protected $admin_user; - protected $rid; + protected $role_name; public static function getInfo() { return array( @@ -1146,10 +1146,10 @@ class UserPermissionsTestCase extends DrupalWebTestCase { $this->admin_user = $this->drupalCreateUser(array('administer permissions', 'access user profiles', 'administer site configuration', 'administer modules', 'administer users')); - // Find the new role ID - it must be the maximum. - $all_rids = array_keys($this->admin_user->roles); - sort($all_rids); - $this->rid = array_pop($all_rids); + // Find the new role name. + $all_role_names = $this->admin_user->roles; + unset($all_role_names[DRUPAL_AUTHENTICATED_ROLE]); + $this->role_name = key($all_role_names); } /** @@ -1157,13 +1157,13 @@ class UserPermissionsTestCase extends DrupalWebTestCase { */ function testUserPermissionChanges() { $this->drupalLogin($this->admin_user); - $rid = $this->rid; + $role_name = $this->role_name; $account = $this->admin_user; // Add a permission. $this->assertFalse(user_access('administer nodes', $account), t('User does not have "administer nodes" permission.')); $edit = array(); - $edit[$rid . '[administer nodes]'] = TRUE; + $edit[$role_name . '[administer nodes]'] = TRUE; $this->drupalPost('admin/people/permissions', $edit, t('Save permissions')); $this->assertText(t('The changes have been saved.'), t('Successful save message displayed.')); drupal_static_reset('user_access'); @@ -1173,7 +1173,7 @@ class UserPermissionsTestCase extends DrupalWebTestCase { // Remove a permission. $this->assertTrue(user_access('access user profiles', $account), t('User has "access user profiles" permission.')); $edit = array(); - $edit[$rid . '[access user profiles]'] = FALSE; + $edit[$role_name . '[access user profiles]'] = FALSE; $this->drupalPost('admin/people/permissions', $edit, t('Save permissions')); $this->assertText(t('The changes have been saved.'), t('Successful save message displayed.')); drupal_static_reset('user_access'); @@ -1190,7 +1190,7 @@ class UserPermissionsTestCase extends DrupalWebTestCase { // Set the user's role to be the administrator role. $edit = array(); - $edit['user_admin_role'] = $this->rid; + $edit['user_admin_role'] = $this->role_name; $this->drupalPost('admin/config/people/accounts', $edit, t('Save configuration')); // Enable aggregator module and ensure the 'administer news feeds' @@ -1205,7 +1205,7 @@ class UserPermissionsTestCase extends DrupalWebTestCase { * Verify proper permission changes by user_role_change_permissions(). */ function testUserRoleChangePermissions() { - $rid = $this->rid; + $role_name = $this->role_name; $account = $this->admin_user; // Verify current permissions. @@ -1218,7 +1218,7 @@ class UserPermissionsTestCase extends DrupalWebTestCase { 'administer nodes' => 1, 'access user profiles' => 0, ); - user_role_change_permissions($rid, $permissions); + user_role_change_permissions($role_name, $permissions); // Verify proper permission changes. $this->assertTrue(user_access('administer nodes', $account), t('User now has "administer nodes" permission.')); @@ -1273,7 +1273,9 @@ class UserAdminTestCase extends DrupalWebTestCase { $this->assertText($user_c->name, t('Found user C on filtered by perm admin users page')); // Filter the users by role. Grab the system-generated role name for User C. - $edit['role'] = max(array_flip($user_c->roles)); + $roles = $user_c->roles; + unset($roles[DRUPAL_AUTHENTICATED_ROLE]); + $edit['role'] = key($roles); $this->drupalPost('admin/people', $edit, t('Refine')); // Check if the correct users show up when filtered by role. @@ -1774,7 +1776,7 @@ class UserSignatureTestCase extends DrupalWebTestCase { $this->full_html_format = (object) $full_html_format; filter_format_save($this->full_html_format); - user_role_grant_permissions(DRUPAL_AUTHENTICATED_RID, array(filter_permission_name($this->filtered_html_format))); + user_role_grant_permissions(DRUPAL_AUTHENTICATED_ROLE, array(filter_permission_name($this->filtered_html_format))); $this->checkPermissions(array(), TRUE); // Create regular and administrative users. @@ -1900,41 +1902,38 @@ class UserRoleAdminTestCase extends DrupalWebTestCase { function testRoleAdministration() { $this->drupalLogin($this->admin_user); - // Test adding a role. (In doing so, we use a role name that happens to - // correspond to an integer, to test that the role administration pages - // correctly distinguish between role names and IDs.) + // Test adding a role. $role_name = '123'; - $edit = array('name' => $role_name); - $this->drupalPost('admin/people/permissions/roles', $edit, t('Add role')); + $edit = array('label' => $role_name, 'name' => $role_name); + $this->drupalPost('admin/people/permissions/roles/add', $edit, t('Add role')); $this->assertText(t('The role has been added.'), t('The role has been added.')); - $role = user_role_load_by_name($role_name); + $role = user_role_load($role_name); $this->assertTrue(is_object($role), t('The role was successfully retrieved from the database.')); // Try adding a duplicate role. - $this->drupalPost(NULL, $edit, t('Add role')); - $this->assertRaw(t('The role name %name already exists. Choose another role name.', array('%name' => $role_name)), t('Duplicate role warning displayed.')); - - // Test renaming a role. - $old_name = $role_name; - $role_name = '456'; - $edit = array('name' => $role_name); - $this->drupalPost("admin/people/permissions/roles/edit/{$role->rid}", $edit, t('Save role')); - $this->assertText(t('The role has been renamed.'), t('The role has been renamed.')); - $this->assertFalse(user_role_load_by_name($old_name), t('The role can no longer be retrieved from the database using its old name.')); - $this->assertTrue(is_object(user_role_load_by_name($role_name)), t('The role can be retrieved from the database using its new name.')); + $this->drupalPost('admin/people/permissions/roles/add', $edit, t('Add role')); + $this->assertRaw(t('The machine-readable name is already in use. It must be unique.'), t('Duplicate role warning displayed.')); + + // Test renaming a role label. + $role_label = '456'; + $edit = array('label' => $role_label); + $this->drupalPost("admin/people/permissions/roles/edit/{$role->name}", $edit, t('Save role')); + $this->assertText(t('The role label has been renamed.'), t('The role has been renamed.')); + $new_role = user_role_load($role_name); + $this->assertEqual($new_role->label, $role_label, t('The role label has been successfully changed.')); // Test deleting a role. - $this->drupalPost("admin/people/permissions/roles/edit/{$role->rid}", NULL, t('Delete role')); + $this->drupalPost("admin/people/permissions/roles/edit/{$role->name}", NULL, t('Delete role')); $this->drupalPost(NULL, NULL, t('Delete')); $this->assertText(t('The role has been deleted.'), t('The role has been deleted')); - $this->assertNoLinkByHref("admin/people/permissions/roles/edit/{$role->rid}", t('Role edit link removed.')); - $this->assertFalse(user_role_load_by_name($role_name), t('A deleted role can no longer be loaded.')); + $this->assertNoLinkByHref("admin/people/permissions/roles/edit/{$role->name}", t('Role edit link removed.')); + $this->assertFalse(user_role_load($role_name), t('A deleted role can no longer be loaded.')); // Make sure that the system-defined roles cannot be edited via the user // interface. - $this->drupalGet('admin/people/permissions/roles/edit/' . DRUPAL_ANONYMOUS_RID); + $this->drupalGet('admin/people/permissions/roles/edit/' . DRUPAL_ANONYMOUS_ROLE); $this->assertResponse(403, t('Access denied when trying to edit the built-in anonymous role.')); - $this->drupalGet('admin/people/permissions/roles/edit/' . DRUPAL_AUTHENTICATED_RID); + $this->drupalGet('admin/people/permissions/roles/edit/' . DRUPAL_AUTHENTICATED_ROLE); $this->assertResponse(403, t('Access denied when trying to edit the built-in authenticated role.')); } @@ -1945,17 +1944,17 @@ class UserRoleAdminTestCase extends DrupalWebTestCase { $this->drupalLogin($this->admin_user); // Pick up a random role and get its weight. - $rid = array_rand(user_roles()); - $role = user_role_load($rid); + $role_name = array_rand(user_roles()); + $role = user_role_load($role_name); $old_weight = $role->weight; // Change the role weight and submit the form. - $edit = array('roles['. $rid .'][weight]' => $old_weight + 1); + $edit = array('roles['. $role_name .'][weight]' => $old_weight + 1); $this->drupalPost('admin/people/permissions/roles', $edit, t('Save order')); $this->assertText(t('The role settings have been updated.'), t('The role settings form submitted successfully.')); // Retrieve the saved role and compare its weight. - $role = user_role_load($rid); + $role = user_role_load($role_name); $new_weight = $role->weight; $this->assertTrue(($old_weight + 1) == $new_weight, t('Role weight updated successfully.')); } @@ -2087,20 +2086,20 @@ class UserRolesAssignmentTestCase extends DrupalWebTestCase { * again. */ function testAssignAndRemoveRole() { - $rid = $this->drupalCreateRole(array('administer content types')); + $role_name = $this->drupalCreateRole(array('administer content types')); $account = $this->drupalCreateUser(); // Assign the role to the user. - $this->drupalPost('user/' . $account->uid . '/edit', array("roles[$rid]" => $rid), t('Save')); + $this->drupalPost('user/' . $account->uid . '/edit', array("roles[$role_name]" => $role_name), t('Save')); $this->assertText(t('The changes have been saved.')); - $this->assertFieldChecked('edit-roles-' . $rid, t('Role is assigned.')); - $this->userLoadAndCheckRoleAssigned($account, $rid); + $this->assertFieldChecked('edit-roles-' . $role_name, t('Role is assigned.')); + $this->userLoadAndCheckRoleAssigned($account, $role_name); // Remove the role from the user. - $this->drupalPost('user/' . $account->uid . '/edit', array("roles[$rid]" => FALSE), t('Save')); + $this->drupalPost('user/' . $account->uid . '/edit', array("roles[$role_name]" => FALSE), t('Save')); $this->assertText(t('The changes have been saved.')); - $this->assertNoFieldChecked('edit-roles-' . $rid, t('Role is removed from user.')); - $this->userLoadAndCheckRoleAssigned($account, $rid, FALSE); + $this->assertNoFieldChecked('edit-roles-' . $role_name, t('Role is removed from user.')); + $this->userLoadAndCheckRoleAssigned($account, $role_name, FALSE); } /** @@ -2108,14 +2107,14 @@ class UserRolesAssignmentTestCase extends DrupalWebTestCase { * be removed again. */ function testCreateUserWithRole() { - $rid = $this->drupalCreateRole(array('administer content types')); + $role_name = $this->drupalCreateRole(array('administer content types')); // Create a new user and add the role at the same time. $edit = array( 'name' => $this->randomName(), 'mail' => $this->randomName() . '@example.com', 'pass[pass1]' => $pass = $this->randomString(), 'pass[pass2]' => $pass, - "roles[$rid]" => $rid, + "roles[$role_name]" => $role_name, ); $this->drupalPost('admin/people/create', $edit, t('Create new account')); $this->assertText(t('Created a new user account for !name.', array('!name' => $edit['name']))); @@ -2123,30 +2122,30 @@ class UserRolesAssignmentTestCase extends DrupalWebTestCase { $account = user_load_by_name($edit['name']); $this->drupalGet('user/' . $account->uid . '/edit'); - $this->assertFieldChecked('edit-roles-' . $rid, t('Role is assigned.')); - $this->userLoadAndCheckRoleAssigned($account, $rid); + $this->assertFieldChecked('edit-roles-' . $role_name, t('Role is assigned.')); + $this->userLoadAndCheckRoleAssigned($account, $role_name); // Remove the role again. - $this->drupalPost('user/' . $account->uid . '/edit', array("roles[$rid]" => FALSE), t('Save')); + $this->drupalPost('user/' . $account->uid . '/edit', array("roles[$role_name]" => FALSE), t('Save')); $this->assertText(t('The changes have been saved.')); - $this->assertNoFieldChecked('edit-roles-' . $rid, t('Role is removed from user.')); - $this->userLoadAndCheckRoleAssigned($account, $rid, FALSE); + $this->assertNoFieldChecked('edit-roles-' . $role_name, t('Role is removed from user.')); + $this->userLoadAndCheckRoleAssigned($account, $role_name, FALSE); } /** * Check role on user object. * * @param object $account User. - * @param integer $rid Role id. + * @param string $role_name Role name. * @param bool $is_assigned True if the role should present on the account. */ - private function userLoadAndCheckRoleAssigned($account, $rid, $is_assigned = TRUE) { + private function userLoadAndCheckRoleAssigned($account, $role_name, $is_assigned = TRUE) { $account = user_load($account->uid, TRUE); if ($is_assigned) { - $this->assertTrue(array_key_exists($rid, $account->roles), t('The role is present in the user object.')); + $this->assertTrue(array_key_exists($role_name, $account->roles), t('The role is present in the user object.')); } else { - $this->assertFalse(array_key_exists($rid, $account->roles), t('The role is not present in the user object.')); + $this->assertFalse(array_key_exists($role_name, $account->roles), t('The role is not present in the user object.')); } } } diff --git a/profiles/minimal/minimal.install b/profiles/minimal/minimal.install index e02ffcc..b185572 100644 --- a/profiles/minimal/minimal.install +++ b/profiles/minimal/minimal.install @@ -85,6 +85,6 @@ function minimal_install() { variable_set('user_register', USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL); // Enable default permissions for system roles. - user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array('access content')); - user_role_grant_permissions(DRUPAL_AUTHENTICATED_RID, array('access content')); + user_role_grant_permissions(DRUPAL_ANONYMOUS_ROLE, array('access content')); + user_role_grant_permissions(DRUPAL_AUTHENTICATED_ROLE, array('access content')); } diff --git a/profiles/standard/standard.install b/profiles/standard/standard.install index d62b8d3..78eedf3 100644 --- a/profiles/standard/standard.install +++ b/profiles/standard/standard.install @@ -405,21 +405,22 @@ function standard_install() { // Enable default permissions for system roles. $filtered_html_permission = filter_permission_name($filtered_html_format); - user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array('access content', 'access comments', $filtered_html_permission)); - user_role_grant_permissions(DRUPAL_AUTHENTICATED_RID, array('access content', 'access comments', 'post comments', 'skip comment approval', $filtered_html_permission)); + user_role_grant_permissions(DRUPAL_ANONYMOUS_ROLE, array('access content', 'access comments', $filtered_html_permission)); + user_role_grant_permissions(DRUPAL_AUTHENTICATED_ROLE, array('access content', 'access comments', 'post comments', 'skip comment approval', $filtered_html_permission)); // Create a default role for site administrators, with all available permissions assigned. $admin_role = new stdClass(); $admin_role->name = 'administrator'; + $admin_role->label = 'Administrator'; $admin_role->weight = 2; user_role_save($admin_role); - user_role_grant_permissions($admin_role->rid, array_keys(module_invoke_all('permission'))); + user_role_grant_permissions($admin_role->name, array_keys(module_invoke_all('permission'))); // Set this as the administrator role. - variable_set('user_admin_role', $admin_role->rid); + variable_set('user_admin_role', $admin_role->name); // Assign user 1 the "administrator" role. db_insert('users_roles') - ->fields(array('uid' => 1, 'rid' => $admin_role->rid)) + ->fields(array('uid' => 1, 'role_name' => $admin_role->name)) ->execute(); // Create a Home link in the main menu. diff --git a/profiles/testing/testing.install b/profiles/testing/testing.install index bdd6154..2d11267 100644 --- a/profiles/testing/testing.install +++ b/profiles/testing/testing.install @@ -17,6 +17,6 @@ function testing_install() { // Enable default permissions for system roles. // @todo Remove dependency on Node module. - user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array('access content')); - user_role_grant_permissions(DRUPAL_AUTHENTICATED_RID, array('access content')); + user_role_grant_permissions(DRUPAL_ANONYMOUS_ROLE, array('access content')); + user_role_grant_permissions(DRUPAL_AUTHENTICATED_ROLE, array('access content')); }