Properly place fields into entity display on install [#2650192]

Follow-up to #2605086-15: User edit is broken after install

Problem/Motivation

+++ b/password_policy.install
@@ -1,54 +1,49 @@
+  $user_form_display = $storage->load('user.user.default');
+  if (!$user_form_display) {
+    $user_form_display = $storage->create([
...
+    ->setComponent('field_last_password_reset', [
...
+    ->setComponent('field_password_expiration', [

Actually I'm not sure that module should do that.
It's a install profile task to ship display and set weight

Proposed resolution

Discus and find solution
1) remove changes from install about positioning fields
2) set fields for view display

Remaining tasks

User interface changes

API changes

Data model changes

Comment	File	Size	Author
#11	password_policy-8.x-3.x-properly_place_fields_into_entity_display_on_install-2650192-11.patch	2.64 KB	AohRveTPV
#11	8.x-3.x: PHP 7.2 & MySQL 5.5, D8.7.3 48 pass
#7	properly_place_fields-2650192-7-D8.patch	2.59 KB	idimopoulos
#7	8.x-3.x: PHP 5.5 & MySQL 5.5, D8.4 46 pass PHP 5.6 & MySQL 5.5, D8.4 46 pass PHP 7 & MySQL 5.5, D8.4 46 pass
#4	properly_place_fields-2650192-4-D8.patch	1.16 KB	idimopoulos
#4	8.x-3.x: PHP 5.5 & MySQL 5.5, D8.4 45 pass, 1 fail PHP 5.6 & MySQL 5.5, D8.4 45 pass, 1 fail PHP 7 & MySQL 5.5, D8.4 45 pass, 1 fail

Support from Acquia helps fund testing for Drupal Acquia logo

Comments

Comment #1

14 January 2016 at 11:59

andypost created an issue. See original summary.

Comment #2

mroycroft CreditAttribution: mroycroft commented 15 December 2016 at 19:20

I agree, this could be done better. Here is a potential solution: add the field_last_password_reset and field_password_expiration as base fields on the user entity via hook_entity_base_field_info().

Comment #3

james.williams CreditAttribution: james.williams at ComputerMinds commented 12 January 2017 at 12:12

@mroycroft yes that would make sense, especially as those fields don't really make sense to remain if password_policy is uninstalled (see #2771129: "Field field_last_password_reset is unknown" while importing configuration on site without password_policy activated- though I suspect a hook_uninstall would still be needed to remove the fields on uninstallation even if they are originally added from a hook_entity_base_field_info() implementation).

Comment #4

idimopoulos CreditAttribution: idimopoulos at European Commission and European Union Institutions, Agencies and Bodies commented 2 May 2017 at 13:16

File	Size
properly_place_fields-2650192-4-D8.patch	1.16 KB
8.x-3.x: PHP 5.5 & MySQL 5.5, D8.4 45 pass, 1 fail PHP 5.6 & MySQL 5.5, D8.4 45 pass, 1 fail PHP 7 & MySQL 5.5, D8.4 45 pass, 1 fail

I am obviously not providing the entire solution here but I think that this kinda gets more important as it is blocking proper profile setup.

I have a case where the default user display form is installed in the profile. The problem is that the profile does not override existing configuration if it already exists. So what happens, is that password_policy which is a requirement to my profile, installs the user.user.default entity form display and then I cannot override it with my profile. This causes my tests to fail and my user fields to change.
This is certainly not a desired behavior.

I am providing a patch to remove this field setup. I do not know if this is currently a proper solution (is it breaking somewhere I could not notice if I remove this piece of code?). Anyway, in the hook_install, the module is setting a safe default value for the fields (like "do not reset the password of the users") so the fields are not actually necessary and should be up to the user to define them.
The way it is now, the user needs to create a separate module that has this as a dependency and manually override or delete the configuration provided here in order for the profile to work properly (not really convenient).

~~I also think that providing the fields via hook_entity_base_field_info() is also the proper solution and then do not do anything further than that.~~
Edit: Actually I do not have a strong opinion there as it is still working without issues for me with the config files. My thoughts are if we generally need to ever set the fields in the form display. We could also set the fields only if the default form display already exists. That would force it to be skipped if it is installed by a profile (in that case the profile should be responsible) and would only be invoked if there is an active configuration. But that would also raise the question of whether the user would agree for fields to randomly appear in his edit screen.

Comment #5

idimopoulos CreditAttribution: idimopoulos at European Commission and European Union Institutions, Agencies and Bodies commented 2 May 2017 at 13:36

Status:

Active

» Needs review

I also tried a clean site install with the patched version and it is working properly.
I checked the https://www.drupal.org/node/2605086 and the module was updated from updating the entity form display as a simple config to updating the entity form display as an entity form display object because it was breaking the /user/*/edit. Though I think that removing it entirely is a more proper solution here.

Also, I propose to change the title to "Do not alter the User's default form display on install" or something similar if the above patch is accepted.

Comment #6

2 May 2017 at 13:44

Status:

Needs review

» Needs work

The last submitted patch, 4: properly_place_fields-2650192-4-D8.patch, failed testing.

Comment #7

idimopoulos CreditAttribution: idimopoulos at European Commission and European Union Institutions, Agencies and Bodies commented 2 May 2017 at 14:45

File	Size
properly_place_fields-2650192-7-D8.patch	2.59 KB
8.x-3.x: PHP 5.5 & MySQL 5.5, D8.4 46 pass PHP 5.6 & MySQL 5.5, D8.4 46 pass PHP 7 & MySQL 5.5, D8.4 46 pass

1 file was hidden/shown/deleted

File	Size
properly_place_fields-2650192-4-D8.patch	1.16 KB
8.x-3.x: PHP 5.5 & MySQL 5.5, D8.4 45 pass, 1 fail PHP 5.6 & MySQL 5.5, D8.4 45 pass, 1 fail PHP 7 & MySQL 5.5, D8.4 45 pass, 1 fail

An attempt to update the tests cause my phpunit decided to be stubborn.

Comment #8

idimopoulos CreditAttribution: idimopoulos at European Commission and European Union Institutions, Agencies and Bodies commented 2 May 2017 at 14:46

Status:

Needs work

» Needs review

Comment #9

claudiu.cristea

Romanian

Arad 🇷🇴

CreditAttribution: claudiu.cristea as a volunteer and at Webikon commented 12 September 2018 at 13:46

Status:

Needs review

» Reviewed & tested by the community

Makes sense.

Comment #10

Zahor CreditAttribution: Zahor at Hook 42 commented 2 April 2019 at 20:45

Tested.

Comment #11

AohRveTPV CreditAttribution: AohRveTPV commented 25 June 2019 at 16:01

Status:

Reviewed & tested by the community

» Needs review

File	Size
password_policy-8.x-3.x-properly_place_fields_into_entity_display_on_install-2650192-11.patch	2.64 KB
8.x-3.x: PHP 7.2 & MySQL 5.5, D8.7.3 48 pass

Rerolled.

Thank you for the patch but I don't understand it. When you install, the "password expiration" and "last password reset" fields are no longer shown on the user form. You have to install Field UI and then manually enable the field. It seems to me like we want the fields to be added to the display by default, no?

Comment #12

AohRveTPV CreditAttribution: AohRveTPV commented 25 June 2019 at 16:07

Anyway, in the hook_install, the module is setting a safe default value for the fields (like "do not reset the password of the users") so the fields are not actually necessary and should be up to the user to define them.

My understanding is the primary purpose of these fields is:
(1) To allow an administrator to set whether a user's password is expired.
(2) To allow the user to see when their password was last reset.

In my (cursory) opinion it would be good for these fields to be shown by default. Otherwise the user has no way to see when their password was last reset. It is also a common need of administrators to expire passwords.

I'm sure Password Policy isn't the only module that adds fields to the user form on install.