Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Hi
Is it possible not to show persistent login to users?
I want the administrator only to see users' persistent logins.
Thanks
Sarah
Comment | File | Size | Author |
---|---|---|---|
#15 | persistent_login-user_task_permission-2899530-15.patch | 2.25 KB | josebc |
Comments
Comment #2
0Sarah0Al CreditAttribution: 0Sarah0Al commentedComment #3
gappleCurrently this could be achieved by altering the
persistent_login.user_tokens_list
route in a custom module to modify the access requirements, but there isn't an option within Persistent Login itself.https://www.drupal.org/docs/8/api/routing-system/altering-existing-route...
Comment #4
0Sarah0Al CreditAttribution: 0Sarah0Al commentedThanks!
I used the code from the link you provided to deny access to 'persistent_login.user_tokens_list' route and hide the local task from users.
This will work for now thank you.
Comment #5
0Sarah0Al CreditAttribution: 0Sarah0Al commentedComment #6
josebc CreditAttribution: josebc at Vardot commentedWhy not just make it a permission?
Comment #8
0Sarah0Al CreditAttribution: 0Sarah0Al commentedAwesome..
It works perfectly.
I can see the new added permission here admin/people/permissions
Thanks alot :)
Comment #9
gappleAs noted in #2500903: Provide individual information on a user's created tokens, my intent for the page is to provide a user more information about any active sessions and enable them to be revoked, like many other services allow.
I think this is something valuable for a user to have control over, so I am unlikely to introduce an option within the module which can remove that ability from users.
Comment #10
gappleComment #11
truls1502#6 works.
@gapple, I understand your point of view very well. But when the client is asking about it to specific roles, it would be nice to have it included rather than adding an extra patch for it.
I hope if you could possibly to reconsider to add it included the module.
Comment #12
W01F CreditAttribution: W01F commented+1 for making this a configurable option. Sometimes we want to keep options/buttons/etc. as simple as possible, and in this case (for the most part) the user has already agreed to/selected to keep an active session open by checking "Remember me".
Comment #13
Mohammed J. RazemChanging the title of the issue to be more descriptive.
@gapple your point makes sense. However, this feature request does NOT remove this option - rather makes it optional for the site owner to decide whether to show it or not for their users.
I think this is an important user experience improvement for Site Builders who do not want to write custom hooks to remove this option if they do not want to show it their users.
Comment #14
gapplePermissions are opt-in for site builders to grant as needed, while I think access to this feature should be enabled-by-default. I don't think it would be correct for the module to assign the permission by default to existing (on module install) and new roles - at least I'm not aware of any other modules that currently do so.
Comment #15
josebc CreditAttribution: josebc at Vardot commented@gapple its not very common but I found a few that do it :)
https://git.drupalcode.org/project/commerce/blob/0b5a3fb6093b3e76b81d29c...
https://git.drupalcode.org/project/google_analytics/blob/8.x-2.x/google_...
https://git.drupalcode.org/project/legal/blob/8.x-1.x/legal.install
Updating patch to enable on install
Comment #16
Rajab Natshah CreditAttribution: Rajab Natshah at Vardot commentedComment #17
Rajab Natshah CreditAttribution: Rajab Natshah at Vardot commentedTested in many projects.
Comment #18
jonathanshawI see granting it to the authenticated role on existing installs (which is all the patch does) as unproblematic.
I think the feature is especially valuable right now because without #2500903: Provide individual information on a user's created tokens this page is not very useful and rather puzzling for end users.
I don't think the permission name should include 'tab'. Better something more generic like 'access persistent login records' or 'access persistent login history' or 'access persistent login information'.
Comment #19
Rajab Natshah CreditAttribution: Rajab Natshah at Vardot commentedHopping to have this nice feature committed into the module.
Comment #20
Rajab Natshah CreditAttribution: Rajab Natshah at Vardot commented