Contrib.social

Provide function to get the administrator role ID

Open on Drupal.org β†’
Created on 5 January 2024, 11 months ago

Problem/Motivation

It would be useful to be able to easily get the role ID of the administrator role.

Proposed resolution

This code appears in RoleSettingsForm::buildForm():

    $admin_roles = $this->roleStorage->getQuery()
      ->condition('is_admin', TRUE)
      ->execute();
    $default_value = reset($admin_roles);

I would like a function added that includes this code so it can be re-used.

Remaining tasks

Agree that it should be done. Decided on the name of the new function. Implement the function and use it in RoleSettingsForm::buildForm() and any other places this is used.

User interface changes

None.

API changes

None except the addition of the function.

Data model changes

None.

Release notes snippet

✨ Feature request
Status

Active

Version

11.0 πŸ”₯

Component
User systemΒ  β†’

Last updated about 5 hours ago

Created by

πŸ‡¨πŸ‡¦Canada Liam Morland Ontario, CA πŸ‡¨πŸ‡¦

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

  • Issue created by @Liam Morland
  • Status changed to Postponed: needs info 11 months ago
  • Comment 11 months ago β†’
    πŸ‡¦πŸ‡ΊAustralia larowlan πŸ‡¦πŸ‡ΊπŸ.au GMT+10

    Wondering what the use case is, generally speaking we should be checking permissions not roles

  • Status changed to Active 11 months ago
  • Comment 11 months ago β†’
    πŸ‡¨πŸ‡¦Canada Liam Morland Ontario, CA πŸ‡¨πŸ‡¦

    The tickets that reference this one would probably use such a function.

    In my case, I wanted to customize which roles auto_username module acts on. The problem with using permissions is that the administrator role always has all of them. If I made a permission which would cause users to be excluded from auto_username, the administrator role would be excluded even if I don't want it to be.

  • Comment 11 months ago β†’
    πŸ‡¬πŸ‡§United Kingdom longwave UK

    It feels like your permission is inverted. Permissions should grant access to something rather than revoke it.

  • Comment 11 months ago β†’
    πŸ‡¨πŸ‡¦Canada Liam Morland Ontario, CA πŸ‡¨πŸ‡¦

    A permission could grant a user the ability to avoid having auto_username change their username. But perhaps we actually want administrators to have auto-generated usernames. So we make the permission mean that they have access to auto_username generating their username. Now we can't choose that administrators customize their own names.

    The function I'm asking for is useful in the context of having methods like ::hasRole() and ::getRoles(). On the same basis it could be argued that those methods should not exist because everything should be done with permissions.

contrib.social Blog FAQ Discussions
Production build 0.71.5 2024