Problem/Motivation

When visiting admin/config/people/login_security on Drupal 11 (11.3.x), the page throws an InvalidArgumentException:

The error originates from the config_translation module attempting to determine if login_security.settings is translatable in order to render the "Translate" local task tab. In Drupal 11, TypedConfigManager::get() strictly enforces that config data must exist in the active config storage. When $this->configStorage->read('login_security.settings') returns FALSE, the exception is thrown.

This occurs because the config_translation access check (ConfigTranslationOverviewAccess::doCheckAccess()) calls ConfigMapperManager::hasTranslatable('login_security.settings'), which in turn calls TypedConfigManager::get() — a method that is now stricter in Drupal 11 core compared to Drupal 10.

Full stack trace:

Drupal\Core\Config\TypedConfigManager->get() (Line: 85)
Drupal\config_translation\ConfigMapperManager->hasTranslatable('login_security.settings') (Line: 458)
Drupal\config_translation\ConfigNamesMapper->hasTranslatable() (Line: 110)
Drupal\config_translation\Access\ConfigTranslationOverviewAccess->doCheckAccess() (Line: 70)
Drupal\config_translation\Access\ConfigTranslationOverviewAccess->access() (Line: 246)
...

Steps to reproduce

  1. Install Drupal 11.3.x with the config_translation module enabled.
  2. Install login_security 2.x (drupal/login_security: ^2.0).
  3. Enable the login_security module.
  4. Navigate to admin/config/people/login_security.
  5. Observe the fatal error: "The website encountered an unexpected error. Try again later."

Proposed resolution

The login_security.settings config object must exist in active configuration storage before the config_translation access check is invoked. Possible resolutions:

  1. Ensure the module's config/install/login_security.settings.yml is properly imported into active configuration during module installation on Drupal 11.
  2. Alternatively, handle the case where the config may not yet exist by catching the InvalidArgumentException in the module's route subscriber or event subscriber, or by verifying config existence before TypedConfigManager::get() is called.
  3. Review whether the module's .install file or hook implementations need updates for Drupal 11 compatibility to guarantee config is written to active storage.

Remaining tasks

  • Confirm whether the issue is caused by missing config in active storage after a Drupal 10 → 11 upgrade, or also on fresh Drupal 11 installs.
  • Determine if config/install/login_security.settings.yml is being properly picked up during installation on Drupal 11.
  • Write a fix and add test coverage.
  • Review and commit.

User interface changes

None. The settings form at admin/config/people/login_security will simply become accessible again.

API changes

None.

Data model changes

None.

CommentFileSizeAuthor
#2 login_security-3588248-2.patch2.58 KBbala_28

Comments

bala_28 created an issue. See original summary.

bala_28’s picture

bala_28 commented
StatusFileSize
new login_security-3588248-2.patch2.58 KB

Verify the patch made for Drupal 11.3.8