- Issue created by @andreasderijcke
- Merge request !7Issue 3411502 Fix role 'Authenticated user' missing from role list when using roleassign → (Open) created by andreasderijcke
- Issue was unassigned.
- Status changed to Needs review
12 months ago 9:40pm 31 December 2023 - 🇧🇪Belgium andreasderijcke Antwerpen / Gent
See MR7 for suggested fix.
When changing the code, I noticed 2 other problems due to the changes of 🐛 RoleAssign with User CSV Import form alter doesn't work Fixed :
- The introduced checks, in case the roleassign config returns NULL or mixed (chances are low, since roleassign defines the default config as an empy array) are done after array_filter() is applied. In anyway, if the config returns anything other than an array, the page will still crash.
Additionally, I saw no reason why array_filter() should still be applied. Perhaps it was different with older major versions of roleassign. - Because of the empty() check, filtering of the roles is skipped when there are no roles whitelisted in roleassign. This is the inverse result of what you would expect. If roleassign doesn't allow assigning of any roles, the 'Authenticated user' role should be the only option left, not put the door wide open for all roles (which is the default behaviour without roleassign).
Both issues are addressed in the proposed fix.
- The introduced checks, in case the roleassign config returns NULL or mixed (chances are low, since roleassign defines the default config as an empy array) are done after array_filter() is applied. In anyway, if the config returns anything other than an array, the page will still crash.