Updated: Comment #N
current_user as a service is just not going to work. unless we plan to have both global $user and \Drupal::currentUser, which i doubt is the target
When one needs to change the current_user inside a request, well, he needs to first have a ContainerAware object. second even after he sets the new current_user to the container, all other objects that had the current_user injected, will have the outdated object (expect the services that have a setCurrentUser call registered in services.yml) This can cause serious security issues.
And of course we cant keep everything synchronized because not everything is a service.
Furthermore..there is a circular dependency between session and current user, which will never allow us to get rid of the $user global completely
@see #2062771: #2062771: Remove calls to deprecated global $user in \Drupal\Core\Session\SessionManager and #2062069: Remove calls to deprecated global $user in core/includes/bootstrap.inc
Remove current_user service, add a (get/set)CurrentUser method in the authentication service, make \Drupal::currentUser() call that and move on
Get a maintainer's approval. write patch, review commit
None
No more current_user service. Inject 'authentication' instead
Comments
Comment #1
ParisLiakos commentedComment #2
tim.plunkettThis sounds like a dupe of #2180109: Change the current_user service to a proxy. Not the title exactly, but the approach.
Comment #3
ParisLiakos commentedthank you!