Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Follow-up to #2605086-15: User edit is broken after install
Problem/Motivation
+++ b/password_policy.install
@@ -1,54 +1,49 @@
+ $user_form_display = $storage->load('user.user.default');
+ if (!$user_form_display) {
+ $user_form_display = $storage->create([
...
+ ->setComponent('field_last_password_reset', [
...
+ ->setComponent('field_password_expiration', [
Actually I'm not sure that module should do that.
It's a install profile task to ship display and set weight
Proposed resolution
Discus and find solution
1) remove changes from install about positioning fields
2) set fields for view display
Remaining tasks
User interface changes
API changes
Data model changes
Comment | File | Size | Author |
---|---|---|---|
#11 | password_policy-8.x-3.x-properly_place_fields_into_entity_display_on_install-2650192-11.patch | 2.64 KB | AohRveTPV |
| |||
#7 | properly_place_fields-2650192-7-D8.patch | 2.59 KB | idimopoulos |
Comments
Comment #2
mroycroft CreditAttribution: mroycroft commentedI agree, this could be done better. Here is a potential solution: add the
field_last_password_reset
andfield_password_expiration
as base fields on the user entity viahook_entity_base_field_info()
.Comment #3
james.williams CreditAttribution: james.williams at ComputerMinds commented@mroycroft yes that would make sense, especially as those fields don't really make sense to remain if password_policy is uninstalled (see #2771129: "Field field_last_password_reset is unknown" while importing configuration on site without password_policy activated- though I suspect a hook_uninstall would still be needed to remove the fields on uninstallation even if they are originally added from a hook_entity_base_field_info() implementation).
Comment #4
idimopoulos CreditAttribution: idimopoulos at European Commission and European Union Institutions, Agencies and Bodies commentedI am obviously not providing the entire solution here but I think that this kinda gets more important as it is blocking proper profile setup.
I have a case where the default user display form is installed in the profile. The problem is that the profile does not override existing configuration if it already exists. So what happens, is that password_policy which is a requirement to my profile, installs the user.user.default entity form display and then I cannot override it with my profile. This causes my tests to fail and my user fields to change.
This is certainly not a desired behavior.
I am providing a patch to remove this field setup. I do not know if this is currently a proper solution (is it breaking somewhere I could not notice if I remove this piece of code?). Anyway, in the hook_install, the module is setting a safe default value for the fields (like "do not reset the password of the users") so the fields are not actually necessary and should be up to the user to define them.
The way it is now, the user needs to create a separate module that has this as a dependency and manually override or delete the configuration provided here in order for the profile to work properly (not really convenient).
I also think that providing the fields viahook_entity_base_field_info()
is also the proper solution and then do not do anything further than that.Edit: Actually I do not have a strong opinion there as it is still working without issues for me with the config files. My thoughts are if we generally need to ever set the fields in the form display. We could also set the fields only if the default form display already exists. That would force it to be skipped if it is installed by a profile (in that case the profile should be responsible) and would only be invoked if there is an active configuration. But that would also raise the question of whether the user would agree for fields to randomly appear in his edit screen.
Comment #5
idimopoulos CreditAttribution: idimopoulos at European Commission and European Union Institutions, Agencies and Bodies commentedI also tried a clean site install with the patched version and it is working properly.
I checked the https://www.drupal.org/node/2605086 and the module was updated from updating the entity form display as a simple config to updating the entity form display as an entity form display object because it was breaking the /user/*/edit. Though I think that removing it entirely is a more proper solution here.
Also, I propose to change the title to "Do not alter the User's default form display on install" or something similar if the above patch is accepted.
Comment #7
idimopoulos CreditAttribution: idimopoulos at European Commission and European Union Institutions, Agencies and Bodies commentedAn attempt to update the tests cause my phpunit decided to be stubborn.
Comment #8
idimopoulos CreditAttribution: idimopoulos at European Commission and European Union Institutions, Agencies and Bodies commentedComment #9
claudiu.cristeaMakes sense.
Comment #10
Zahor CreditAttribution: Zahor at Hook 42 commentedTested.
Comment #11
AohRveTPV CreditAttribution: AohRveTPV commentedRerolled.
Thank you for the patch but I don't understand it. When you install, the "password expiration" and "last password reset" fields are no longer shown on the user form. You have to install Field UI and then manually enable the field. It seems to me like we want the fields to be added to the display by default, no?
Comment #12
AohRveTPV CreditAttribution: AohRveTPV commentedMy understanding is the primary purpose of these fields is:
(1) To allow an administrator to set whether a user's password is expired.
(2) To allow the user to see when their password was last reset.
In my (cursory) opinion it would be good for these fields to be shown by default. Otherwise the user has no way to see when their password was last reset. It is also a common need of administrators to expire passwords.
I'm sure Password Policy isn't the only module that adds fields to the user form on install.
Comment #13
james.williams CreditAttribution: james.williams at ComputerMinds commentedI suspect the approach from #2771129-86: "Field field_last_password_reset is unknown" while importing configuration on site without password_policy activated that uses base fields would be better than this anyway? There may be more work needed, but at the least, I don't think we need both tickets open.