Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Now that the User entity is EntityNG, we should ensure that it serializes as expected.
Comment | File | Size | Author |
---|---|---|---|
#1 | 2017787-user-serialization-tests_includes2003392.patch | 21.42 KB | linclark |
#1 | 2017787-user-serialization-tests-do-not-test.patch | 3.92 KB | linclark |
Comments
Comment #1
linclark CreditAttribution: linclark commentedThis adds the test for UserNormalization in serialization. There should also be one in HAL, but I'd like to get feedback on this before doing the HAL one.
Comment #2
klausiThis is a bit ugly - why does $user->uid->value not work? Same for the other fields.
Is there an issue already to implement the access check for the password field? I only know the general issue #2028027: [META] Missing access control for base fields.
Why do we need a special normalize test case for users? It is just another entity + field normalization we already test, right?
Comment #3
linclark CreditAttribution: linclark commentedI thought we planned to get rid of the magic getters and setters.
We talked about this on the call. Didn't Moshe say he was starting one?
If people think we don't need it, than that's ok with me.
Comment #4
klausiSome people were in favor of getting rid of the magic entity field getters/setters, but I don't see that happening in an issue. Maybe I missed it, please post it here if you know it.
As long as we don't encounter any bugs in the actual serialization process of users I don't think we need an explicit test for that entity type. And the leaking password problem is an access problem, which should be tackled at a dedicated issue.
So I think we can leave this here lying around for later, when we find problems with user entities.
Comment #5
linclark CreditAttribution: linclark commentedSounds good.
Comment #6
moshe weitzman CreditAttribution: moshe weitzman commentedI just created an issue for access control of password and similar user Fields. It is linked from #2029855: Missing access control for user base fields
Comment #7
damiankloip CreditAttribution: damiankloip commented@klausi, what's the deal with this issue now? Do you think this should still be postponed?
Comment #8
linclark CreditAttribution: linclark commentedI think Klaus thought that this was unnecessary, so it should be postponed until it was obviously necessary (when a bug was found in User that is not in other entities).
Given Berdir's comment in #1979260: Automatically populate the author default value with the current user, it seems like there might be enough of a difference (the 'uid' property means different things on User entities vs other entities) which is relevant to serialization.
Comment #9
Wim LeersAFAIK this is irrelevant now.