Problem/Motivation
- Realname module alters the display name, but at
user/1234
the username is shown. This is incorrect. - Tons of places in core that show the username, but need to show the users display name.
- Comments do not show DisplayName for registered users.
- Security problem as usernames should never shown on websites. With real names you cannot login and try passwords, with a username you can.
In Drupal 8.0.0 we deprecated \Drupal\Core\Session\AccountInterface::getUsername()
. This is because it was being used for both the display name and getting the username.
The deprecation message is:
* Use \Drupal\Core\Session\AccountInterface::getAccountName() or
* \Drupal\user\UserInterface::getDisplayName() instead.
The docs for getAccountName()
describe the difference:
/**
* Returns the unaltered login name of this account.
*
* @return string
* An unsanitized plain-text string with the name of this account that is
* used to log in. Only display this name to admins and to the user who owns
* this account, and only in the context of the name used to login. For
* any other display purposes, use
* \Drupal\Core\Session\AccountInterface::getDisplayName() instead.
*/
public function getAccountName();
We need to carefully go through the usages and change to getAccountName()
or getDisplayName()
as required. This is not that simple. For example, another issue was created to covert the following code in UserController to getDisplayName().
$this->messenger()
->addWarning($this->t('Another user (%other_user) is already logged into the site on this computer, but you tried to use a one-time link for user %resetting_user. Please <a href=":logout">log out</a> and try using the link again.',
[
'%other_user' => $account->getUsername(),
'%resetting_user' => $reset_link_user->getUsername(),
':logout' => $this->url('user.logout'),
]));
However as this is dealing with the logged in user and a password reset link that works using the account name maybe these should be changed to getAccountName()
.
Proposed resolution
Blocked by #2787871: Properly deprecate getUserName() and use getAccountName() instead
- Fix all places where
getAccountName()
is used, butgetDisplayName()
should be used. - Change core to enable a DisplayName by default. That is why tons of tests are failing because of wrong usage.
- Where changing to getDisplayName() add test coverage\
- Ensure getDisplayName() and getAccountName() have good documentation so contrib and custom pick the correct function.
Followup tasks
Allow for configurable truncation length of display name: #2767787: Allow custom truncate username settings
User interface changes
Users display name will be properly shown where appropriate.
API changes
API addition: Entity::getDisplayNameTruncated to get the correct abreviation used in theme_preprocess_username() function.
Data model changes
none
Comment | File | Size | Author |
---|---|---|---|
#229 | 2629286-229.patch | 2.08 KB | _utsavsharma |
| |||
#216 | 2629286-216-fixes-only.patch | 2.07 KB | Berdir |
#216 | 2629286-216-interdiff.txt | 489 bytes | Berdir |
#216 | 2629286-216.patch | 62.91 KB | Berdir |
#213 | 2629286-213.patch | 63.15 KB | Berdir |
Comments
Comment #2
hass CreditAttribution: hass commentedComment #3
hass CreditAttribution: hass commentedI hope this test fits.
Comment #5
hass CreditAttribution: hass commentedNow with a new display name test. There will be more tests added in follow up cases.
Comment #6
hass CreditAttribution: hass commentedJust checked with D7 and the real name / display name was not allowed to contain
<em>
with realname enabled. realname strips html.Need to check again if core alone allowed it in D7. In this case all places in D8 core need to allow it, too.
Comment #7
hass CreditAttribution: hass commentedCan someone RTBC this, please?
Comment #8
legolasboThis does not qualify as critical as far as I know.
If you know there are more relevant cases to be tested, why not add them now?
'or the username is shown.' I don't know what is meant by this.
I don't know what is changed here, but it seems to be unrelated.
Comment #9
hass CreditAttribution: hass commentedYou could first read the patch and than comment. You can answer your above comments yourself than.
Comment #10
legolasboI am sorry I gave you the impression I did not read the patch, because I have actually read the patch thoroughly, which raised my questions. What makes you think that I didn't read the patch?
I don't think i can answer this question by reading the patch. But the question is valid in my opinion. If you know about more relevant test cases, they should be added no?
Your comment
// Login after the alter hook has been enabled or the username is shown.
just makes no sense to me. When I look at the code a user is logged in after the hook is enabled. The hook being enabled is obvious and does not require a comment, but nowhere is a page being requested or a render function being called before that comment line. So how can a username be shown?As for the last question. A changed line ending is the only reason I can think of which would cause that change. Other than that both lines are identical and not changing any functionality. They are therefor unrelated and should be removed.
At first I felt really offended by the way you (aggressively) commented on my review. But after counting to 10 and assuming you might just be having a bad day, I've chosen to answer openly en truthfully like I did above. I do however feel that I should inform you about the way your comment made me feel, so you can maybe adjust your way of responding in the future.
Comment #11
hass CreditAttribution: hass commentedI linked follow up patches. These will add more patches. I can delete my comment if it helps you ignoring it.
That is because you have not understood the patch. One line before is the hook enabled. It is just a note that the order of both lines is important.
The other changed line changes
getUserName
togetUsername
. The function in the class is namedgetUsername
and notgetUserName
. It is easy to see that this is changed. You said you cannot see a change. I can see this change very well.Comment #12
legolasboI overlooked the Meta issue. With that context I understand the comment and I agree the additional test coverage should be part of their respective issues.
I understand the patch perfectly and also know the order of those lines are important. The comment in it's current form however only adds confusion instead of clarity. How about this?
// We must login after the alter hook as been enabled or the username will be shown instead of the display name.
I have seriously been staring at these two lines for several minutes, both before and after my initial comment, but totally missed that. Thanks for clarifying.
If you improve the comment I'll RTBC the patch.
Comment #13
hass CreditAttribution: hass commentedComment changed.
Comment #15
hass CreditAttribution: hass commentedComment #17
hass CreditAttribution: hass commentedTests are running fine here. There is no php syntax error. No idea what problem the bot has.
Comment #18
vasi CreditAttribution: vasi at Evolving Web commentedI'm not sure why it didn't work, but when I applied your patch I ended up with a missing closing brace. Rerolled with the brace.
Comment #19
effulgentsia CreditAttribution: effulgentsia at Acquia commentedDiscussed this with @catch, @alexpott, @xjm, and @Cottser, and we agree this is Major.
This is a regression from Drupal 7, and explicitly violates the docs of
AccountInterface::getAccountName()
, which says Only display this name to admins and to the user who owns this account, whereas "access user profiles" is not an admin-level permission.Comment #20
hass CreditAttribution: hass commented@effulgentsia: can you RTBC the patch, please?
Comment #22
hass CreditAttribution: hass commentedComment #23
catchThis doesn't test that the display name is shown everywhere.
Also do we really need a new test, or is there an existing login test we could add an assertion to?
Comment #24
hass CreditAttribution: hass commentedYou are not requiring me to test all places in core, aren't you? Maybe the guy who integrated the DisplayName feature should have written it... I just started one to make sure and others will follow up in more cases. This way I can reuse this file.
Comment #25
catchPlease read the comment I posted again.
The added test only tests one place, we have other tests for that page, so:
Comment #26
hass CreditAttribution: hass commentedI have not found any useful place to test this, but I'm open minded to where this could be added. I thought it is better to keep all these DisplayName tests together in on test. It is easier to maintain and extend one place in future than spreading 100 assertions over the whole core code base. At least this was my idea as it is not easy to find otherwise. Not sure if every module should test on it's own if display name works in their module.
This patch here is a start as I have not found a single assertion for display name and it fixes the most important issue and is currently causing a test fail in realname. I cannot get the realname tests green without this patch or I need to comment the code out. I may miss than later to add it back.
I wish it is not contribs job to test if core works properly... :-)
Comment #27
hass CreditAttribution: hass commentedAny suggestions/answers?
Comment #28
jonathanshawI'm not sure but I think you may not be understanding what @catch meant.
I don't think he's saying "test everywhere, make 100 assertions all over the place". I think he's saying "don't create a new test, take 1 of the existing login tests for that user/ page and add an assertion to that instead".
However, I could not see a test in the user module that tested the basic contents of the user/userID page. I assume this is my own ignorance and I've overlooked something, but if you can't find the file with the basic tests for this page either, maybe you could report that to @catch and see what he advises. Surely is must exist somewhere.
Comment #29
hass CreditAttribution: hass commentedNo you have not overlooked anything. There is NO test yet. This one will be the first. I have no idea where I could add it to. Nothing makes sense to me. If nobody can point me to a useful place this is the right one.
Comment #30
hass CreditAttribution: hass commentedAs Drupal core is a mess if it comes to testing DisplayName I see only one other solution. We need to enable
'user_hooks_test'
module with core - always. Otherwise every module that shows a display name need to enable this module by itself what is quite stupid. This affects very many places in core.Comment #31
hass CreditAttribution: hass commentedLet's see how seriously this will break core tests.
Comment #32
hass CreditAttribution: hass commentedComment #34
hass CreditAttribution: hass commentedUh, really? Only 30 fails? Let's add all core bugs now and see how many fails this bugfixes may have. This patch incorporates #2658602: User picture alt text should user display name to fix all the tons of bugs in a bunch.
Comment #35
hass CreditAttribution: hass commentedChanging title.
Comment #37
hass CreditAttribution: hass commentedComment #39
hass CreditAttribution: hass commentedI'd like to note that
testSessionSaveRegenerate()
already has the test we have looked for, BUT it has not catched the bug reported here first.Comment #41
hass CreditAttribution: hass commentedEvery fix seems to brings up more unseen bugs... really worse test coverage.
Comment #43
hass CreditAttribution: hass commentedComment #45
hass CreditAttribution: hass commentedComment #47
hass CreditAttribution: hass commentedComment #49
hass CreditAttribution: hass commentedRewritten case summary.
Comment #50
hass CreditAttribution: hass commentedComment #51
hass CreditAttribution: hass commentedComment #52
hass CreditAttribution: hass commentedComment #53
hass CreditAttribution: hass commentedComment #54
hass CreditAttribution: hass commentedComment #58
hass CreditAttribution: hass commentedComment #60
hass CreditAttribution: hass commentedComment #61
hass CreditAttribution: hass commentedComment #64
gnugetHere a #61's reroll.
I will try to fix the test which are still failing.
Comment #65
gnugetI've been working today on this.
I do not agree with this, even if it is stupid like #30 said if this module is enabled by default this will make the output in certain tests be unexpected and will confuse developers when they write new tests because some
<em>
tags will appear in the DisplayName.If every module which uses display name enable this module at least it will give an insight why the displayname has some extra tags.
I will try to provide a patch which not require this module by default.
Comment #66
hass CreditAttribution: hass commentedHey, the sense of this patch is to show WHERE dispayname is broken. This is why i wrote this. Developers need to expect the display name AND html. Currently they often do not and THIS is the problem!!!
Comment #67
gnugetHi hass
You are right, I left the
user_hooks_test
in the testing.info.yml file so we know which tests we need to fix (thanks!)I hit a wall here:
Basically, the test expect the "
<em></em>
" be wrapping the display name BUT if the displayname is longer than 20 characters thegetDisplayNameTruncated
will remove the last leaving something like:<em>Firstname3…
which makes me wonder if thegetDisplayNameTruncated
should strip the html tags before to truncate the string and if we should rewrite the test above.I attached my progress so far.
Comment #69
hass CreditAttribution: hass commentedThat is something I wasted hours with... if not 2 days. No idea how to fix this test. Since the EM is checkplained there should be no issue for now.
A follow up issue should be consitency of the DisplayName. Tons of places strip HTML and others do not. This is very strange. But we can and should do this in followup's. It may require many theme changes, but not sure yet. In general HTML is supported in display name. Maybe we need to fix all occurrences where tags are stripped. Need some core maintainer to decide on this.
I also have posted a patch in #2767787: Allow custom truncate username settings that disables display name truncating. I'm in high favor to remove truncating by default and only enable it where it is required. Something that may need some discussion...
Comment #70
hass CreditAttribution: hass commentedthat looks strange... that should be installed by default.
How is it possible that $name is no string?
I would better only strip on the display name
Comment #71
gnugetYeah, it is weird, not sure why in this case is not there by default, I will check why.
That is because of this:
SafeMarkup::format() returns an instance of MarkupInterface
True, I will fix that in my next patch.
Comment #73
ekes CreditAttribution: ekes as a volunteer commentedHi,
Just run into this one with some tests on a site with the a changed display name.
Reading up, I was wondering - honest question, I've not delved deeply into the different usages of DisplayName - could the issue and patch be broken into two (or three)? One of them RTBC as lots of them are trivial fixes that might as well go in, and one detailing the problems with different usages.
Comment #74
hass CreditAttribution: hass commentedI fear core developers will only commit with full test coverage... just a guess.
Comment #75
ekes CreditAttribution: ekes as a volunteer commentedI agree changing the active code without tests to cover it wouldn't be good. Could those case be spun off into another issue that actually details what the problem is. But plenty of this patch should be good no?
The core _tests_ are presently broken. If you implement a change to getDisplayName() there's red. There are tests that use getUserName() in them, which pass only because the output is the same as getDisplayName(); but they should be using getDisplayName() because that's being put into the strings. This patch includes those changes, can't see any reason they shouldn't go in already. Committing changes to the tests already would be an improvement?
Also if there are some changes to the active code, cleaning up other places that it's wrong - with tests - would be an improvement too?
Then it's the complicated bits that could be fleshed out? Like I say, a thought.
Comment #76
hass CreditAttribution: hass commentedI think they will complain why we need to commit this patch as we are not proving the bugs by running the failing tests. This patch here shows all the already existing bugs... not sure how you'd like to split it.
Comment #77
ekes CreditAttribution: ekes as a volunteer commentedInteresting question. Guess to prove the tests fail you have to implement a test module that changes getDisplayName so it's not the same as getUserName.
Anyway if it's not going to speed up getting fixes in, doesn't matter.
Comment #78
Mile23This might be enough of a change to bump up to 8.3.x, but it's a major bug so leaving it at 8.2.x.
I think it's a reviewable size as-is, though it is big.
Just a couple things related to the truncated name:
Either add a length parameter or document the truncated length. But really add a length parameter that defaults to 20. :-)
If you have a way to pass in the truncated length, then you can do that here and know that 20 is the biggest non-truncated name without trusting.
Here's a straight re-roll of #67.
Comment #79
Mile23Comment #81
hass CreditAttribution: hass commentedI think we should not mix this up. I 100% agree with you that the length should be configurable, but as of now it is not and this may end in an endless discussion. See #2767787: Allow custom truncate username settings for this.
Comment #82
hass CreditAttribution: hass commentedComment #83
Mile23OK, so #2767787: Allow custom truncate username settings is a follow-up. That's a D7 issue, btw.
Still needs passing tests here.
Comment #84
mohit_aghera CreditAttribution: mohit_aghera as a volunteer and at Axelerant commentedComment #85
ifrikMohit_aghera,
great that you want to contribute to this issue, but there is no need to assign this to you.
Even though the issue tracker technically allows people to assign issues, this feature is generally not used in order to encourage everybody to contribute.
And as you can see in this case: there are several people actively working on the issue.
If you want to contribute: please write that into a comment. Don't claim issues for yourself. I'll unassign you.
(And to anybody committing this later: Don't credit me in the issue commit. I'm just writing a note.)
Comment #87
mohit_aghera CreditAttribution: mohit_aghera as a volunteer and at Axelerant commentedHere is straight re-roll of #78 for initial testing
Comment #89
mohit_aghera CreditAttribution: mohit_aghera as a volunteer and at Axelerant commentedUploading patch with initial try to fix test case failures.
Comment #91
mohit_aghera CreditAttribution: mohit_aghera as a volunteer and at Axelerant commentedUpdating relevant method names.
Comment #93
mohit_aghera CreditAttribution: mohit_aghera as a volunteer and at Axelerant commentedAdded missing namespace which was causing fatal errors.
Comment #95
mohit_aghera CreditAttribution: mohit_aghera as a volunteer and at Axelerant commentedComment #97
mohit_aghera CreditAttribution: mohit_aghera as a volunteer and at Axelerant commentedRe-rolling patch again as it was not getting applied after recent test case changes.
Comment #99
DuaelFrThank you for your contribution. Beware of duplication with #2801645: Use \Drupal\user\UserInterface::getDisplayName() on user pages instead of the plain User::getUsername() , though.
I'm not confident enough to decide which of your issues should be closed in favor of the other. Could you have a look there and see how you can converge?
Comment #100
idebr CreditAttribution: idebr at iO commentedComment #101
gaurav.kapoor CreditAttribution: gaurav.kapoor at OpenSense Labs commentedComment #103
gaurav.kapoor CreditAttribution: gaurav.kapoor at OpenSense Labs commentedComment #105
hass CreditAttribution: hass commentedWhat are you doing there? Your patch is not really good and has tons of bugs introduced. Without reviewing your patch in detail - code like below can only incorrect. This can only be getAccountName() if you login to something, but you need to verify every occurence one by one.
You cannot simply search and replace getUsername with getDisplayName(). In most if not all - cases this is incorrect. This case is to fix places where the username is shown, but displayname should shown. Not everywhwere is this true.
Go back to #97, please.
Comment #106
hass CreditAttribution: hass commentedThat looks Like a bad idea as usernames cannot changed, but display names can. If we log something it should be the username or we lose the reference of the log if a user changes it's getDisplayName.
Comment #107
hass CreditAttribution: hass commentedReroled the patch.
Comment #108
hass CreditAttribution: hass commentedComment #110
hass CreditAttribution: hass commentedComment #112
hass CreditAttribution: hass commentedComment #113
hass CreditAttribution: hass commentedComment #116
hass CreditAttribution: hass commentedComment #118
sheise CreditAttribution: sheise commentedHere's an updated patch for 8.4.x-dev.
Comment #120
harings_rob CreditAttribution: harings_rob at Harings.be for Nuvole commentedApplied to 8.5.x as this won't go into 8.4 anymore.
Comment #121
hass CreditAttribution: hass commentedComment #123
joelpittetThis issue seems to have morphed into adding truncation to usernames in core. Has it been scope creeped? Can that this problem be fixed without the API addition?
Comment #124
hass CreditAttribution: hass commented@joelpittet: I think this is not possible without an API addition. Without the code becomes unreadable.
There are places in code where the string must be truncated and in others places we do not want this to happen, but it happens. If you need to write a test to verify if a string has been truncated, you need a function to know for this to be sure. There is also a patch in pipeline to make the length configurable.
If someone could help with some of the difficult remaining failures (I have not understood) it would be great! Patch from #113 is the latest to work on. The later patches are missing some of my code fixes what increased test failures.
Not sure why I'm the only who'd like to see this issue fixed as realname is used by a lot of people and core really has a lot of bugs about this...
Comment #125
jonathanshawPer #124 this needs a CAREFUL reroll of #113. Some previous attepmts to reroll have not caught all the fixes in the patch. A successful reroll should only have 8 test fails.
Comment #126
jofitz CreditAttribution: jofitz at ComputerMinds commentedRe-rolled. I will check back if this does not have the expected 8 test fails.
Comment #128
jofitz CreditAttribution: jofitz at ComputerMinds commentedClose, but not the expected 8 test fails. I'll investigate.
Comment #129
hass CreditAttribution: hass commentedThanks. If you can also try to fix some of the others this would be great!
Comment #130
joelpittet@hass why does this need to be truncated anywhere?
Couldn't you use
text-overflow: ellipsis;
in CSS and call it a day?https://css-tricks.com/snippets/css/truncate-string-with-ellipsis/
And you can use a minimum width to hold the space with character spacing:
min-width: 20ch
Edit: Assuming this is for UI purposes. Please correct me if my assumption is incorrect.
https://caniuse.com/#search=text-overflow
Comment #131
hass CreditAttribution: hass commentedSure that is UI issues. If you have no control about the length of the string a table cell will grow unexpectly. The CSS trick may be feasible, but this out of scope here. It is too late to change all places in core and contrib. This case is to fix the display name bugs only. We could create a follow up for new features.
Comment #132
joelpittetSeems like a much quicker approach if the issue is UI to do the presentation with CSS. It may not go into stable/classy(maintainer must decide) but could be put into core, Seven and Bartik.
Here's a POC with the user table and some fake names.
https://jsfiddle.net/5r8qe42t/1/
Comment #133
hass CreditAttribution: hass commentedIf this css works in all browsers it is a smarter solution I think. We could solve both issues in one.
Can we get approval by core maintainers that we do not waste time into a direction that may not accepted later?
How can we test this css abrrivation?
Comment #134
joelpittetManual testing for CSS changes, aka Screenshots.
I'll see if one of the theme system maintainers can weigh in on #132 as a viable direction.
Comment #135
markconroy CreditAttribution: markconroy as a volunteer and at Annertech commentedre: #132, I needed to do something similar a while back to only show first two letters of language switcher options on small screens (because of space issues), so EN | GA on small screens and ENGLISH | GAEILGE on larger ones.
I looked at using the ch css width to show only two characters, but it turns out that only works for mono-spaced fonts, which might be an issue if we add it to Drupal core. In the end, I solved it with a small bit of JS to search the string, split it at 2 characters, and then just show those on small screens.
Here's a stackoverflow issue that I came across - https://stackoverflow.com/questions/35328019/css-display-only-the-first-...
There's also a (partial support) issue with it in IE11 -
https://caniuse.com/#search=ch
Comment #136
hass CreditAttribution: hass commentedThat is a different issue... we do not need exactly 2 chars here.
Comment #137
jofitz CreditAttribution: jofitz at ComputerMinds commentedComment #138
markconroy CreditAttribution: markconroy as a volunteer and at Annertech commented@hass,
I don't think it is a different issue.
From the code supplied in #132, it specifically states
Unless, I am reading this wrong, we are saying that the user name will be at least 10ch wide (10 monospaced characters) and at most 20ch (20 monospaced characters). BUT, if the font being used is not monospaced, then 20ch may cut off characters mid-point through a character (an "o" might end up looking like a "c").
In my example, I only need 2 characters, but this seems to be suggesting that we need up-to-20 and no more than 20 (which makes it look very similar to my issue (solved with JS)).
Comment #139
hass CreditAttribution: hass commentedThe username need to be cut-off at a length that can be displayed properly without destroying the layout. So we define a width of a table column or an inline element and it cuts the length whereever it is needed. It is not important if it shows 10 letters with monospace and 11 letters in non-monospace fonts or vice versa. We only need to prevent that a username / display name of 255 chars destroys the layout of a page.
We can be a bit more flexible here... in past it was also not cut-off perfectly at a specific char.
Unicode::truncate()
is not that exact, too.Comment #140
markconroy CreditAttribution: markconroy as a volunteer and at Annertech commentedI get the point, but what I am saying is that we might end up cutting off letters/characters mid-way through the character itself. Leaving us with something like this (presuming the user name was longer than yours is):
Comment #141
hass CreditAttribution: hass commentedReally? I tested with monospace and non-monospace and all differences I have seen was one has a letter more than the other... the ellipsis was always shown. Can you show a fiddle that shows this issue? If we cannot solve it with CSS we need to stick with the current solution I guess.
Comment #142
markconroy CreditAttribution: markconroy as a volunteer and at Annertech commentedI am basing my info on the link to stackoverflow and caniuse from my previous comment.
StackOverflow:
- https://stackoverflow.com/questions/35328019/css-display-only-the-first-...
Can I Use:
- https://caniuse.com/#search=ch
Here's a basic fiddle showing it in action:
https://jsfiddle.net/3vwogyjs/1/
Comment #143
hass CreditAttribution: hass commentedPlease add text-overflow:ellipsis and you will see it works without issues.
https://jsfiddle.net/yubct0fo/
Comment #144
gnugethere a version with ellipsis and yes it totally works!
I really like this approach.
https://jsfiddle.net/e3ozc124/
Comment #145
markconroy CreditAttribution: markconroy as a volunteer and at Annertech commentedExcellent. Looks like we might have a solution so.
Comment #146
gnugethere a reroll of #126.
I will provide a patch with the CSS trick and without the API addition in my next comment to keep this moving.
Comment #147
gnugetComment #149
gnugetI found a problem with the new approach :-/
When the account is not verified the module appends a text letting the user know with this new approach that text is hidden.
This can be fixed if we add an extra tag to wrap the username and left the extra text outside of this tag but not sure if we can just change the markup at this point:
Without the patch:
With the patch:
Comment #150
gnugetLet's see what the testbot says.
Comment #151
gnugetComment #154
dsp1 CreditAttribution: dsp1 commentedis this issue adding a display name field?
my recommendation, which I guess is similar to this, was to change user name to user login, and then add a new user name field for display.
https://www.drupal.org/project/drupal/issues/295440
Comment #155
pescetti CreditAttribution: pescetti at Nuvole commentedThe patch at #150 applies correctly to Drupal core 8.5.3, but it doesn't apply any longer to Drupal core 8.5.4, released yesterday.
Comment #156
TommyChrisI rerolled the #150 for D8.5.4.
Comment #157
iamdroid CreditAttribution: iamdroid commentedI rerolled the #156 for D8.5.5.
Comment #159
alexpottComment #160
alexpottTruncated markup objects is super tricky. What happens if getDisplayName has added markup to the string - for whatever reason. This can end up in breaking the HTML. I think maybe we need to use
\Drupal\Component\Render\PlainTextOutput::renderFromHtml()
here to truncate safely. In fact, this makes me wonder if we shouldn't add a method to MarkupTrait to do this for us. Something like:I'm not sure that login information should do use the display name. Looking at the docs for getAccountName()
I think when we're dealing with login information we should use getAccountName().
Comment #161
alexpottI think these should all be getAccountName() - this is a test for what that user account can do.
Comment #162
alexpottAfter thinking about this some more I think we should complete the deprecation and convert everything to getAccountName() in #2787871: Properly deprecate getUserName() and use getAccountName() instead and then this issue can focus on when and where to use
getDisplayName()
Comment #163
alexpottComment #164
hass CreditAttribution: hass commentedI spend all the time already. Please use the patch here. I reviewed all places and changed them as needed.
Whenever we can - the DisplayName should be used and not AcountName.
You would invalidate the complete patch and we start at zero. This would be an extreme demotivating.
Comment #165
alexpottgetUsername()
- let's do that in #2787871: Properly deprecate getUserName() and use getAccountName() insteadAll three of these things are great things to do but doing them in the same issue means that the patch is large, hard to review and often has further scope creep (eg replace format_string() usage).
This is used in a test for an assertion message about permissions should be getAccountName()
This change is unnecessary this is a text assertion message in tests relating to whether the account is logged in.
+1 nice find.
I like this - making this always on makes heaps of sense.
This shouldn't be necessary - the test site is completely torn down and does not affect the next test.
+1,000,000 really great idea.
Comment #166
hass CreditAttribution: hass commentedWe can split the GetUsername / GetAccountName / GetDisplayName from this patch and work on the tests in a follow up. Are you fine with this? So this patch does not get broken completly. I will not spend another 2 days investigating if DisplayName or AccountName should be used. I already done this!
Comment #167
alexpott@hass but no of this is simple. For example:
This one is more complex. This is used by the password JS to ensure you don't match your login name so - getUsername() should definitely be here BUT also I think the password should not match the display name either. However, this change as it stands is incorrect. And needs a separate issue with new tests to change how this works to be able to have multiple usernames or something like that.
This is why I proprose breaking this up into more manageable pieces and doing the deprecation and getUsername -> getAccountName first because then the noise in this patch will be lessened. If we get #2787871: Properly deprecate getUserName() and use getAccountName() instead done I'm happy to re-roll this on top and and document all the places where getDisplayName() should be used and why.
Comment #168
TommyChrisI rerolled the #157 for D8.6.1
Comment #169
alexpottThis patch needs a major re-rolled now that #2787871: Properly deprecate getUserName() and use getAccountName() instead has landed.
Comment #170
hass CreditAttribution: hass commented@alexpot: Yes, and you offered to do the re-roll. :-)
Comment #171
alexpottHere's a reroll.
Comment #172
alexpottThe are a number of changes here that are unnecessary. And other that need discuss as far as I can see.
This logic can be a little simpler. Done that in the patch attached.
This type of change on an assertion message is not necessary. In fact I'd argue that this gets in the way of knowing which user has successfully logged in. And there are a number of other test changes like this that I think should be dropped. For example all the changes to CommentFieldAccessTest
I'm not totally convinced that name listed on the admin users page should be the display name. I think there is a case that admins need the real username that a user logs in with.
Similarly I'm not sure that these actions should use the display name. This is tricky because many of these already use the display name.
I think this is a very good idea but I'm scared that this is going to cause a lot of disruption for contrib and sites with automated tests.
Comment #175
hass CreditAttribution: hass commentedPlease keep in mind that the patch has not fixed many bugs in core. I only tried to fix the broken tests. This case is a prove of hundreds of test bugs mostly.
Display name need to be used everywhere with very rare exceptions. Nobody of the users should be able to gather the users usernames. An admin can always find the username in the user and he could also alter the view and add the account name when he need. If i use realname I search for realnames everywhere. I no longer think about usernames. However if I need the username, it can be found in the user and not only there, the query alter will search for both if you filter for usernames.
I think contrib need to learn about their bugs. The fixes are simple and it would improve the code quality. All failures that may happen - are bugs that need to be fixed. We should really enable this by default. I‘m not scared. Bad code fails as expected. I‘m more worried that many have not understood that display name should be used everywhere with just a few exceptions.
Comment #176
alexpottHere's a few fixes.
This code needs to be the same. It feels as though UserSession and User should be related in some way there's a lot of duplicate code. But we can open a follow-up discuss that. Also we need to be careful about how we truncated things with HTML in them so let's also remove HTML if we truncate. It also means we can do a correct count.
Comment #177
alexpottRemoved some of the unneeded changes from test assertion messages.
After reading through the patch I'm not sure that we need the new getDisplayNameTruncated() methods. It looks like we have them for asserts in tests. In HEAD truncation is part of template_preprocess_username() and not on an interface or anything. Obviously the changes in this patch make it so that truncation happens a lot more but the alternative approach would be to add something to the test classes or a UserTestingTrait or something.
The other thing that is interesting about the preprocess function is you have:
So name_raw is the username and name is from the display name and might be truncated. It feels like we'd want the untruncated display name.
Comment #180
jonathanshawI see the case, but I think that it's worse for admin if it's display name everywhere else except here. Consistency seems like the most important thing.
Comment #181
AaronMcHaleI think as long as the name links to the user's profile then it would be fine to use the display name and I agree that from a consistency point of view we should as it avoids any potential confusion.
I think the only case where we couldn't link to the user's profile is in the account deleted confirmation message but even then showing the display name would be better than the username, because again, it's consistent and so avoids confusion.
Comment #182
alexpottI not convinced by the arguments being made about the view to administer users. Not listing the username there feels really odd. This screen is about administering users. Finding them by the guarenteed site unique name feels correct. Say the user display name is being changed to be firstname lastname (which by the way is super tricky to get right - see https://www.kalzumeus.com/2010/06/17/falsehoods-programmers-believe-abou... but anyway) you have 0 zero guarantee that the name you are looking is unique.
Comment #183
alexpottAlso in Drupal 7 the admin screen didn't use the display name because it was not a view. This feels like an unintended side effect of converting to a view because we didn't have the type of test coverage being suggested here.
Comment #184
alexpott#183 I'm wrong. The Drupal 7 code and fallback to the entity list builder in Drupal 8 all use the
username
theme which all end-up callingtemplate_preprocess_username()
so we're always falling back to the display name fwiw. Still not sure about doing that but that change is not part of this issue. It would be great to make this issue only about testing and not doing any fixes. Each bugfix should have its own separate issue to discuss because I don't think this is simple.Comment #185
jonathanshawI suspect it would really help progress here if you could spell out explicitly which hunks should stay in the patch on this issue (or even just make a cut down patch).
If I understand right we'll then work in other child issues, and eventually this issue will spontaneously become green without further patching here?
Comment #186
hass CreditAttribution: hass commented@alexpotr: admin/people shows the DisplayName in D7 and not the username.
If admin/people view would show the username in Username column in D8 I'm fine. I can add a views alter in Realname (or core) and add another column with DisplayName field if a display name exists. This would be a working solution to me, too. I was never 100% happy in past with the DisplayName in Username column of admin/people. Often you need both when you administer a site. But this may be one rare exception in the whole system to show the username...
Comment #187
alexpottGiven that we're making this change we could remove the format_string() etc... the and use
assertEscaped($user->getDisplayName())
the default message is just as good.This is a functional change - it is correct but it deserves its own bug report and discussion.
This is a functional non-test change - I don't know if it is correct but it deserves its own bug report and discussion.
This is a functional change - it is correct but it deserves its own bug report and discussion.
Your password should not be the same as your username or your display name. So we need to do this in a separate issue.
Comment #188
alexpottHere's a patch with only test changes. It also changes the alter to not need to be truncated as that is the whole reason for the new getDisplayNameTruncated() is being added - so we don't need that change.
I still have a number of reservations about making the change to always turn on user name altering in the testing profile. For example, In contrib there probably are tests that are doing something similar to the ForumTest to test for double escaping and so doing this might force them to remove the assertion or disable the name altering.
In an ideal world we'd turn this on for core testing and make it really simple for contrib to opt-in and somehow tell contrib to update their tests without breaking them.
Comment #190
alexpottPatch attached hopefully fixes most of the tests. But I still feel that we cannot just add the test module to the testing profile. The way it breaks the quickstart test shows why we're making too many assumptions. What we need to do is in a functional tests
I also feel that by default we shouldn't have html in the altered name. This adds lots of complexity to the patch which is not really that relevant to the better test coverage.
Plus it would be great if people interested in the this issue could create the real bug issues for what's pointed out in #172 so we can fix and add tests for them. For example the user's tracker page title.
Also I'm not working on this patch for a bit so if anyone feels inspired to try to address the issues in this comment - go for it.
Comment #192
jonathanshawWhat's the roadmap with this?
Most contrib module maintainers are never going to learn/bother with it and so it will stay off for them until it's turned on by default. Which as @hass says hides their bugs from them.
But whenever we turn it on (either at start of D9.x branch or start of a D8 minor release cycle) will cause fails on previously green patches in contrib, which is confusing and disruptive.
Comment #193
alexpottBut the start of D9 is exactly when we should be making this sort of disruption. A test disruption which has the ability to work for you in the previous 8.x branch is what we should be doing.
Comment #194
jonathanshawOk, that's clear now.
Comment #195
hass CreditAttribution: hass commentedI can 100% assure you that core changes have broken my contrib modules test around 8 times in past 3 years. I think we overcomplicate what could happen and how difficult it is to fix. I always fixed the issues without bothering Core maintainers.
I can assure you that there are several places in core that choke when HTML is inside. There are really a number of bugs in core where HTML tags are checkplained only as an example. Something that should not happen, but shows a bug as the input filters are often not correct in views. I tried to put a finger in an open wound and intentionally try to show the broken things.
Well we could open another bunch of issues, but we need a task force to resolve them. Or they are not fixed in 5 years as they all stay in CNR.
Comment #196
TommyChrisI rerolled the #168 for D8.6.2
Comment #197
TommyChrisI rerolled the #196 for D8.6.3
Comment #198
hass CreditAttribution: hass commentedComment #201
TommyChrisI rerolled the #197 for D8.6.4
Comment #202
TommyChrisI rerolled the #202 for D8.6.5
Comment #203
apadernoComment #205
apadernoThe patches need to be created for the 8.7.x branch, not for any previous tag (such as 8.6.5 or 8.6.3). If the patch will be applied to previous versions, it will be still applied to branches.
Comment #206
tormiRerolled #190 against the 8.7.x branch.
Comment #207
tormiComment #208
alexpott@TommyChris and @tormi thanks for working on this. What would really really help is
Comment #211
super_romeo CreditAttribution: super_romeo commented#206 Patch Failed to Apply
Comment #212
TommyChrisI rerolled the #202 for D8.7.8
Comment #213
Berdirbasic reroll of the previous patch for 8.8.x but I'm very unsure about the direction here, just like @alexpott. Both introducing new methods and adding this by default to tests.
There is no reason for that html method to be on AccountInterface, we could easily make that a separate utility instead?
IMHO, a patch that just updates the actual code and then we add specific tests for that would have a much bigger chance to get in.
Comment #214
apadernoThe tests are falling because the following error:
Comment #215
apadernoShould not
$display_name->__toString()
be replaced by(string) $display_name
?Comment #216
BerdirFixed the duplicated use so that tests can run again.
We actually just have this problem in a client project on the one-time-login-link page but the current page is way too unwieldy to use it. As I said, my suggestion would be to extract only the actual non-test usages, add specific test coverage for that and get that committed, and pushing the other things to a non-major follow-up.
As a start, and for a patch that we can use, I've extracted just the changes in user.module (minus the getDisplayNameTruncated() part) and UserController into an additional patch file, because as far as I see, these are the only non-test changes left here as the tracker.module one has been fixed in a separate issue. Won't work yet for people who also need the html truncating part, but I would actually suggest to move that method to the Unicode class as a new static method, possibly in yet another separate issue.
Comment #217
BerdirLooks like for our project, we actually need to fix \Drupal\user\Form\UserPasswordResetForm::buildForm(), which the patch currently doesn't update yet. Since that's not failing, IMHO what the current test aproach is doing is basically testing the tests, but not the actual logic, we do not specific tests for that, otherwise we just assert that tests and actual code use the same method.
Comment #220
dsp1 CreditAttribution: dsp1 commentedit is very annoying this issue is not being taken serious by leadership. having the login username as display name is a security issue.
keeps getting kicked down the road.
Comment #227
mxr576Adding #3241232: [policy] Treat username enumerations as security bugs that require Security Advisories as related because username can be only protected if it is consistently used by Drupal core and contribs.
Comment #228
smustgrave CreditAttribution: smustgrave at Mobomo commentedThis issue is being reviewed by the kind folks in Slack, #need-reveiw-queue. We are working to keep the size of Needs Review queue [2700+ issues] to around 200, following Review a patch or merge require as a guide.
Sending back to NW for
1. Subsystem maintainer review
2. 10.1 patch
3. IS update. This may not be needed but after 3 years some things may have changed, better safe than sorry.
Comment #229
_utsavsharma CreditAttribution: _utsavsharma at OpenSense Labs for DrupalFit commentedTried to address point 2 of #228.
Please review.
Comment #230
_utsavsharma CreditAttribution: _utsavsharma at OpenSense Labs for DrupalFit commentedComment #231
smustgrave CreditAttribution: smustgrave at Mobomo commentedI have not reviewed the reroll but sending back for the other things to be addressed
Comment #232
mxr576The "raw" username is also exposed in
\Drupal\node\NodeForm
, so there is definitely more work to be done here.Comment #233
BerdirThat's true, and probably makes sense to convert.
> so there is definitely more work to be done here.
We'll need to figure out how to set the scope here, if we aim to replace everything then this issue might never be good enough. Maybe make it a meta so we can commit the improvements we have? We still need test coverage, though. But we have existing tests for display name, so we need to visit those UI's in that/those test(s).
Comment #234
mxr576Maybe this should be converted to a meta...? Because I can already see that several issues are references to this. Like this is an existing "subtask" for "The "raw" username is also exposed in \Drupal\node\NodeForm" in #3183509
Comment #235
AaronMcHaleAgree, smaller well scoped issues will be much easier to get done, and so converting this to a meta makes a lot of sense. In my experience if one change starts touching multiple different sub-systems that's a good indication that splitting it up will make it easier to scope and get done.
For example, with the recent generic Revision UI, we did the "core" implementation in one issue, then have separate issues for each core module. A similar approach here would probably work well.