Role 'Authenticated user' missing from role list when using roleassign

Created on 31 December 2023, 12 months ago

Problem/Motivation

The code as originally introduced in #3129022: created a module to make this work with module roleassign: what next? probably already contained this bug, as the 'Authenticated user' role will always assigned to any user and (should) therefor not be part of the whitelist of the roleassign module (unless they had it back then and removed it along the way).

Nonetheless, the current result is that you cannot import users anymore with just the 'Authenticated user' role.

Steps to reproduce

Use current DEV version with roleassign installed. Whatever amount of roles you whitelist in roleassign config, the disabled and checked 'Authenticated user' is never present anymore.

Trying to import using no roles selection will fail.

🐛 Bug report
Status

Needs review

Version

2.0

Component

Code

Created by

🇧🇪Belgium andreasderijcke Antwerpen / Gent

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Merge Requests

Comments & Activities

  • Issue created by @andreasderijcke
  • Issue was unassigned.
  • Status changed to Needs review 12 months ago
  • 🇧🇪Belgium andreasderijcke Antwerpen / Gent

    See MR7 for suggested fix.

    When changing the code, I noticed 2 other problems due to the changes of 🐛 RoleAssign with User CSV Import form alter doesn't work Fixed :

    1. The introduced checks, in case the roleassign config returns NULL or mixed (chances are low, since roleassign defines the default config as an empy array) are done after array_filter() is applied. In anyway, if the config returns anything other than an array, the page will still crash.
      Additionally, I saw no reason why array_filter() should still be applied. Perhaps it was different with older major versions of roleassign.
    2. Because of the empty() check, filtering of the roles is skipped when there are no roles whitelisted in roleassign. This is the inverse result of what you would expect. If roleassign doesn't allow assigning of any roles, the 'Authenticated user' role should be the only option left, not put the door wide open for all roles (which is the default behaviour without roleassign).

    Both issues are addressed in the proposed fix.

Production build 0.71.5 2024