- Issue created by @mradcliffe
- Status changed to Needs work
10 months ago 3:44pm 31 January 2024 - Merge request !12Issue #3418398: Refactors frequency session checking β (Open) created by mradcliffe
Follow-up from π Wrong order of parameters in function agreement_user_update(EntityInterface $account) Fixed
When an agreement frequency is set to "Every login" and a user changes their password, this forces the user to agree again.
There was functionality in previous releases for Drupal 6 and Drupal 7 that auto-agreed. This functionality never worked in releases for Drupal 8 or greater because the User entity updates the session id after hook_ENTITY_TYPE_update().
1. Update the default agreement frequency to 0
2. Log in as an unprivileged user account.
3. Accept the agreement
4. Visit the account form
5. Change the user password
6. The user is presented with the agreement again.
In order to work around this limitation in Drupal session handling, we probably need to refactor how agreement checking works. It may be a good idea to check once, store in key_value_expirable based on frequency, and use that instead per agreement type and user. This is going to cause a lot of changes internally in AgreementHandler
work on a refactor
No
Internal API only.
No, new storage only.
Needs work
3.0
Code