Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Problem/Motivation
Because this is the legacy behavior #2183231: Make ContentEntityDatabaseStorage generate static database schemas for content entities is setting the default value of the user status field to TRUE
, i.e. users are activated by default.
Because this has access implications users should be blocked by default and only activated when explicitly wanted.
Proposed resolution
- Change the default value of the of the user status field to FALSE
- Adapt tests that rely on the current behavior
Remaining tasks
User interface changes
API changes
Comment | File | Size | Author |
---|---|---|---|
#7 | 2248969-7-user-status-default-false.patch | 3.91 KB | tstoeckler |
Comments
Comment #1
dawehner+1, as it is the same behavior as node
Comment #2
sunJust referencing this here so as to make sure that we're aware of potential side-effects.
Comment #3
tstoecklerLet's see what breaks.
Comment #5
tstoecklerHere we go. This should be green.
We should seriously refactor AccountForm/RegisterForm, the amoung of if-checks there on various different conditions is pretty bad. But I couldn't really think of a way to cleanly do that as part of this issue, so I just added one more.
No interdiff, because I messed up my local branch and the previous patch was so trivial that I couldn't be bothered to recreate an interdiff retroactively.
Comment #6
blueminds CreditAttribution: blueminds commentedtypo: ... administrators ...
Otherwise looks good.
Comment #7
tstoecklerAhh, thanks. English is hard sometimes... :-)
Comment #8
blueminds CreditAttribution: blueminds commented:) 1+ RTBC
Comment #9
tstoeckler@blueminds, assuming you wanted to change the status per your comment?!
Comment #10
blueminds CreditAttribution: blueminds commentedyup :)
Comment #11
sunWouldn't it be more appropriate to expose the status checkbox on the administrative user creation form instead of presuming any particular state?
Comment #12
tstoecklerIt is exposed, but the default value of the checkbox is taken from $account->get('status'). This is cleaner than setting the #default_value manually afterwards (which I generally would have preferred), because where #default_value is set it also checks a bunch of other conditions, so we would have to recreate that check.
Comment #13
alexpottCommitted fa9e2b5 and pushed to 8.x. Thanks!