Contrib.social

Unify anonymous and registered users

Open on Drupal.org β†’
Created on 8 October 2012, over 13 years ago
Updated 21 August 2023, over 2 years ago

Problem/Motivation

Currently it is very complicated to implement features for anonymous users. There is no API to handle anonymous users. There are multiple scenarios in which a proper API for that would come in handy: Commenting, Voting, eCommerce, etc. - All these scenarios currently mostly work through custom code and workarounds in core and contrib.

Example: In case of the core Comment module we have to make use of ugly use-case specific implementations to allow anonymous users to post comments: There are specific properties on the comment entity that are only required by anonymous users which hold the e-mail address, name, homepage, etc. On top of these properties we compute things like the author name, etc. which could easily be pulled from the user entity instead if both, registered and anonymous users would be allowed to use that entity in a unified way.

Proposed resolution

We propose to unify anonymous- and registered users in the 'user' and separating that from the actual 'account' of a user. Every visitor of a site can potentially be a user. By registering on the website a user would get an 'account' attached to his user entity through which he can identify himself as that user. Until then, this happens exclusively through the session. The idea of separating accounts from users has been moved to a follow-up/related issue at πŸ“Œ [P-1] Separate the account information from the user entity. Active

Any visitor, registered or not, can become a 'user'. That means that, whenever something that should be available to anonymous users but somehow requires a user entity (or would be better of if it had one) happens on the website... we generate a user entity. Thus, a 'user' is any type of person that we want to be able to store information for. This could be anything from anonymous commenters (core) or voters (contrib) through to contacts in a complex, contributed CRM system as well as registered users who frequent the site.

Benefits

  • Adding an 'Anonymous User API'
  • A standard way of storing information about people whether they’re registered users or not. An example of the current fragmentation is the comment module, where the uid and a name, mail and homepage are currently stored as properties against a post. Then on rendering a fake account is created from this data and passed into account functions such as format_username().
  • A useful data structure for building a CRM system on top of in contrib. At the moment a lot of heavy lifting and juggling is required to attempt to manage storing data against a contact that may or not be a registered user. If everything worked with anonymous users, a CRM system would instantly have access to all of the modules that currently integrate with accounts, such as Commerce and Profile2.
  • Modules that are designed for working with Users but useful for other things (simplenews, voting api / fivestar, comment, etc.) won't have to implement their own storage or custom API's to work with anonymous users. E.g. Simplenews would no longer need the simplenews_subscriber entity - It could store any information it needed in a Profile2 type defined in code.

The way forward

We will be working in a Sandbox project for now.

✨ Feature request
Status

Active

Component

Idea

Created by

πŸ‡¬πŸ‡§United Kingdom yautja_cetanu

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

  • Comment over 2 years ago β†’
    πŸ‡ΊπŸ‡ΈUnited States smustgrave

    While taking a look at πŸ“Œ [P-1] Separate the account information from the user entity. Active @catch found this issue and mentioned they both could be moved to the ideas queue.

    @catch should receive credit for finding this though.

  • Comment about 2 years ago β†’
    πŸ‡¬πŸ‡§United Kingdom AaronMcHale Edinburgh, Scotland

    This is a really good idea! I have definitely wanted something like this in the past and so can really appreciate the use-cases mentioned in the summary.

    If Drupal is to become a first-class Digital Experience Platform, we need the data structures to support that. Email subscribers to a newsletter are also a good example here, an email subscriber should be able to update their preferences, but they shouldn't need to have a full account just to do that or to subscribe in the first place.

  • Comment almost 2 years ago β†’
    πŸ‡΅πŸ‡ͺPeru krystalcode

    Some thoughts on this.

    The User entity in Drupal has a very specific meaning. It is not a Person, it is a User, meaning somebody that uses the system. Otherwise, it is not a user, it is something else.

    Regarding some of the examples mentioned:

    - Email subscribers, that would be a separate Email Subscriber entity provided by the module that provides the newsletter functionality. If the subscriber does not need to log in to update their preferences, then, there is no reason to have a User for the subscriber; the Email Subscriber entity will be updatable by an anonymous user according to whatever criteria anyway.

    - CRM contact, again, that's not a User, a custom or contrib module should provide a Contact entity with all the required features, there is no reason to make a Contact be a User if they don't log into the system.

    - If an entity needs extra data that should not be stored on the main entity, then the profile module or alternative should allow creating a profile or data record and attach it to other entities. That is, the solution is not to make the Contact entity a User, the solution is to attach another data record to the Contact.

    - About anonymous users commenting, I'm not sure why there is a fake session created. Without knowing the reason, it seems better to me that the comment entity just holds the data for the comment and they are rendered as fields. If somebody would comment why a session is needed, that could help understand the case.

    All that said, it is possible to stretch the meaning of the User entity a bit. For example, an anonymous user that comments also uses the system even without logging in. A user that subscribes to the emails via the website, and then visits the website to unsubscriber, also uses the system.

    The argument of being able to use modules/features that are tailored to users is a strong argument as well. I disagree with it as an architect; for example, for integrating CRM Contacts with Commerce (as per the examples listed in this issue's description), the correct solution would be to improve the Commerce system to not require a User entity. Or, as mentioned above, to improve the Profile module to be able to attach profiles to any entity. However, let's be practical, it would be very useful and opening up many possibilities if we could just use those modules without having to rewrite them - who will do that?

    In that case, I think that the solution would be to make the User entity bundleable. Then the default behavior will be kept exactly the same as now where the default bundle will be for Authenticated users. Then modules could add a Contact bundle, an Anonymous User bundle etc.

    Modules should be very careful though if they automatically generate users for anonymous visitors, and be sure to take into account the following:

    - Purge users that are not required any longer, otherwise the database can end up with an extremely large number of unnecessary entities - depending on the use case. Imagine creating a user for each session, even if the actual visitor is the same physical person on the same physical device.
    - Be careful with GDPR or other privacy related requirements.
    - Be cautious of potential performance impact.

    In summary, I think that the best is to add support for bundles on the User entity in Drupal core without changing anything there. And then have custom/contrib to take advantage of them as needed.

  • Comment almost 2 years ago β†’
    πŸ‡¬πŸ‡§United Kingdom AaronMcHale Edinburgh, Scotland

    In summary, I think that the best is to add support for bundles on the User entity in Drupal core without changing anything else there. And then have custom/contrib to take advantage of them as needed.

    Adding bundles to the user entity could be a really good way of enabling some of these usecases. I had a use case a while back for user bundles, where I had two types of users who had very different business requirements and it would be enough to justify two different "user types".

    The User Bundle contrib module β†’ shows that adding bundles to user is definitely feasible.

    Having said that, from a product perspective, does it really make sense to introduce the concept of "user types", does that just complicate things for site builders when, arguably, most sites won't have a need for that feature. Maybe it is better to just leave that to the contrib project.

    The proposal in this issue though I think is still valid on its own, whether we add user bundles or not. Perhaps a better justification would be, making it easier for themes, like Olivero and Claro, to allow the user to customize some aspects of the theme (for example turn on dark mode), in a way which saves those preferences to the session, so that it still works for users who are logged out. That is a legitimate potential use case that we could have in Core, whereas the CRM or email subscriber use cases are not strictly Core use cases.

  • Comment 8 months ago β†’
    πŸ‡³πŸ‡ΏNew Zealand quietone

    The Ideas project is being deprecated. This issue is moved to the Drupal project. Check that the selected component is correct. Also, add the relevant tags, especially any 'needs manager review' tags.

    Changing to the standard issue template β†’ would also help other contributors.

contrib.social Blog FAQ Discussions
Production build 0.71.5 2024