Use Authorised role [#1306966]

I was using logintobbogan, and I got to the conclusion that Pre-Authorized role is a non-sense in Drupal, and create big confusions by denying Authenticated role to a logged in user (given by Drupal Core)

Authenticated = (uid>0) = logged in

Pre-Authorized = not authorized = mail address not validated

They are separated things, you are trying to simulate "negative" permissions for users with email address not validated, which is not ok with Drupal logic.

Please use also the Role "Authorized" that is given automatically after the user validate the email address, where we can put additional permissions, and don't remove any more the "Authenticated" role from users with email address not validated.

The logic should be the following:

Anonymous = (uid = 0) = not logged in
Authenticated = (uid>0) = logged in
"Not Authorized" = (uid>0 and email not valid/validated)
"Authorized" = (uid>0 and email validated)

Does it make sense?

Thank you.

Comments

Comment #1

hunmonk CreditAttribution: hunmonk commented 12 October 2011 at 15:49

Version:	6.x-1.x-dev	» 7.x-1.x-dev
Priority:	Critical	» Normal
Status:	Active	» Postponed

this has of course been considered before. the problem is that core originally managed the authenticated user role in the database, which made the current logic an easy implementation. around drupal 5.x, core switched to baking in the authenticated user role directly in code, which created a difficulty for LT.

while i believe it's possible to change this workflow to the one you suggest above, it would most likely require a rather large effort; meaning somebody needs to show up with a patch, or somebody needs to sponsor the work. furthermore, i'm not willing to introduce a change this big into the stable branches, it would be disruptive. the earliest a change like this is feasible is in 8.x.

so when the above conditions are met, feel free to reopen this issue.

also, there's no such thing as a critical feature request. ;)