Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
At present, users are imported with a name, status=1, and nothing else. #2953376: Adopt Content Moderation in Umami already proposes adding sensible roles to users. Should we not also follow normal practice and create email addresses, passwords(?), ... (anything else?)
I'll refrain from creating a patch just yet until #2983573: Use migrate to build Umami content rather than bespoke code. starts to take shape.
Comment | File | Size | Author |
---|---|---|---|
#4 | core-umami-user-emails-2983591-4-D8.patch | 1.12 KB | rattusrattus |
#8 | interdiff_4-8.txt | 1.06 KB | zuhair_ak |
#8 | core-umami-user-emails-2983591-8.patch | 648 bytes | zuhair_ak |
Comments
Comment #2
Eli-TThere is value in proceding with this independently of #2953376: Adopt Content Moderation in Umami as that is blocked on Migrate Source CSV coming in to core, and whilst that is an aspiration for 8.6.x, there are no guarantees at this point it will make it. But there may be value in doing this change in the meantime.
I would suggest we should create email addresses in the form firstname.lastname@example.com to avoid an Umami install sending emails to real people under any circumstances unless users have added edited them.
Setting passwords however is a no-go. If we did this, then any publicly routable Umami install would have default working credentials publically available.
The patch at #2953376: Adopt Content Moderation in Umami creates roles and assigns an Author role to the users. I suggest we leave that functionality there.
Renaming this issue as I think email addresses are the only thing to do specifically here.
Comment #3
martin_qGood call on all these points.
Comment #4
rattusrattus CreditAttribution: rattusrattus at Agile Collective commentedComment #5
Eli-TComment #6
Eli-TI've reviewed the code in the patch and it looks good. I've tested it on simplytest.me and confirmed all the users now have email addreses in the correct format, all for the domain example.com so will never be usable for a password reset.
I do note that we have two users Megan Collins Quinlan and Megan Collins, where I suspect the intention was to have a single user. However, this was introduced in #2960483: Add an article to Umami - Mocktails so shouldn't hold up this issue.
Comment #7
alexpottCrediting @Eli-T for issue review and @martin_q for issue creation.
Let's not add a new function this could get confusing if someone expects it to alway get the demo user email even if it has been changed. Less API. If you need the users email later we can get it from the user object.
So we can do:
Comment #8
zuhair_akMade the changes and added the patch.
Comment #9
John Cook CreditAttribution: John Cook at Creode commentedThanks for the patch zuhair_ak.
This addresses alexpott's comments in #7. Makes a nice, small patch.
After installation, the users have email addresses in the format of full.name@example.com.
I'm setting to RTBC.
Comment #10
alexpottCommitted 78699ba and pushed to 8.6.x. Thanks!