There is an unexpected difference when assigning a role normally vs. with the RoleAssign module.
If, as a Drupal administrator user, I assign the Content Editor role to a user, the only role listed for that user on the People page and in views is "Content Editor".
If, as a Site Admin user using RoleAssign, I assign the Content Editor role to a user, that user is listed on the People page and in views as having both the "Content Editor" and "Authenticated user" roles.
I would expect them to function identically. Since any user with the Content Editor role is inherently an authenticated user, I believe that Drupal Core is correct in not also setting the Authenticated User role manually.
In my situation, I don't want to show "Authenticated user" as a role in my Manage Users view; to do so while using RoleAssign, I'd need to override the view field in order to not display that role when it has been set by RoleAssign.
Comment | File | Size | Author |
---|---|---|---|
#5 | skip_authenticated_user_role-2758855-5.patch | 611 bytes | AlanHDev |
|
Comments
Comment #1
Anonymous (not verified) CreditAttribution: Anonymous at Ashday Interactive Systems commentedJKerschner created an issue. See original summary.
Comment #2
Dane Powell CreditAttribution: Dane Powell at Acquia commentedI cannot replicate this using 8.1.0-alpha2, is this something you can reproduce?
Comment #3
Anonymous (not verified) CreditAttribution: Anonymous at Ashday Interactive Systems commentedI am still experiencing the bug on that version of the module. I'm unsure of how to give instructions to reproduce beyond those that are in the initial issue, but I have seen this bug on several sites.
Comment #4
AlanHDev CreditAttribution: AlanHDev at Investis Digital commentedI have replicated the same issue with 8.1.0-alpha2 on a Drupal 8.2.3 site. I will do some investigation.
Comment #5
AlanHDev CreditAttribution: AlanHDev at Investis Digital commentedThe core user module on D8 doesn't add the Authenticated User role so when roleassign creates the list of roles to add to the user replacing the current ones, it too should exclude the authenticated user role.
The "roleassign_get_unassignable_roles()" function in roleassign.module returns an array of roles that are not assignable by a restricted user which are added to the user being saved. Having the Authenticated User role returned in this array means it is always added when the user is saved.
The attached patch unsets the Authenticated User role in the $all_roles array thus excluding it from the list obtained via user_role_names(TRUE). This could alternatively be accomplished by modifying the roleassign_user_presave function.
Comment #7
salvisThank you for the research and patch, Alan-H!