- Issue created by @slowflyer
- Assigned to abhishek_virasat
- Status changed to Needs review
10 months ago 10:26am 24 January 2024 - 🇮🇳India abhishek_virasat
@yuriy.babenko, i have fixed the issue and created MR. Please kindly review it.
- Status changed to Needs work
10 months ago 2:58pm 24 January 2024 - 🇺🇸United States mradcliffe USA
Oh, thanks for catching this and providing an initial merge request.
I think a test would have definitely helped catch this, but I don't have any test coverage. I'm guessing a kernel test would probably be easiest rather than a functional test. If you feel comfortable with that, then go ahead, or I can work on that myself.
Increasing the priority to Major since this is important functionality if frequency is used.
- 🇺🇸United States mradcliffe USA
Writing a test reveals that this functionality has been broken in Drupal 8. I don't use frequency 0 myself.
I'm not sure it is even possible to fix the functionality at the moment. The session id is changed after postSave by the user entity, and this is after the update hook.
So Drupal core prevents this functionality from working. I think this is related to 📌 Implement Symfony SessionListener Active and #3187037: Lost Symfony features cased by missing parent calls in SessionManager → .
I think resolution here is to remove the functionality. Users that change their password, when there is an agreement with frequency "every login", will be forced to agree again. And then open a follow-up that is postponed on core itself.
-
mradcliffe →
committed 3967b214 on 3.0.x
Issue #3416657 by mradcliffe: Removes broken functionality to bypass...
-
mradcliffe →
committed 3967b214 on 3.0.x
- Status changed to Fixed
10 months ago 3:39pm 31 January 2024 Automatically closed - issue fixed for 2 weeks with no activity.