Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.It took me a little while of reading the instructions, scratching my head, reading the code, and then re-reading the instructions before I figured out exactly how this should work. My issue was that even though I protected eMail and password for a specific demo user, the demo user itself could change their own eMail and password. Well, that clearly was not on. Yet to get it to work properly, I had to disable the "Change own password" and "Change own eMail" permissions for all roles of which the demo user was part. Well, that then had impacts on what the demo user could do in my demo system, which defeated the point of having a demo user in the first place. So, after scratching my head a bit, I came up with the following patch to create a "up_self" setting, which fundamentally overrides permissions (and set it as such as the descriptor). That way, I could check off that checkbox, and then permissions would be ignored in the hook_form_alter call, looking just at the protection settings. Works nicely for me, and I can leave permissions as-is for other users.
The patch also includes a couple of changes to #description fields, and not unsetting the password field, but rather changing it with a description to tell the user what is actually going on, as I feel this is better vis-a-vis UI design and not confusing the user.
Finally, just a comment on the architecture of the module itself after having made this patch. In order to get this to work, I had to add a column to the table. Per third normal form, this should not have to be the case, as the value of the attribute (column) here for this instance should depend on "the key, the whole key, and nothing but the key". However, it does also depend on the column name itself. Perhaps a better and more flexible architecture would be to put the table into third-normal form, introduce a second table that is in fact the column names, and make appropriate other changes in the code to get the array of things protected from that second table, perhaps mapped to the form element IDs. That way, it would be extendable later on with just new data. Just a thought...
shawn
| Comment | File | Size | Author |
|---|---|---|---|
| #3 | patch.6.x-1.2.txt | 5.27 KB | sdsheridan |
| patch.6.x-1.2.txt | 5.27 KB | sdsheridan |
Comments
Comment #1
hunmonk CreditAttribution: hunmonk commentedyour patch appears to be backwards.
i don't believe that database tables should *always* be fully normalized. sometimes it's good to sacrifice that for ease of implementation, or to reduce joins.
i'll address the other stuff when you roll an updated patch.
Comment #2
hunmonk CreditAttribution: hunmonk commentedfeatures are closed for the 6.x branch.
Comment #3
sdsheridanah, bugga... sorry 'bout that... try this one.
Comment #4
hunmonk CreditAttribution: hunmonk commentedsince features are closed for the 6.x branch, i would need this re-rolled for 7.x. i'm just about done with the 7.x upgrade, so if you'll grab the 7.x-1.x-dev tarball in about a week or so, you can re-roll from there.
also, i noticed that your patch has no upgrade path -- you would need a userprotect_update_700X() function in userprotect.install that will allow existing users to upgrade their database.
Comment #5
sdsheridanhmmm... well, given there's not heaps of info (that i found) on Drupal.org about 7.x and creating modules for it / what's different, not quite sure how to go about doing that...
Comment #6
hunmonk CreditAttribution: hunmonk commentedhttp://drupal.org/update/modules/6/7
Comment #7
hunmonk CreditAttribution: hunmonk commentedsee http://drupal.org/project/userprotect#commitment for how feature requests are handled