Improve 'Exculde override Enforce' logic
| Project: | Automated Logout |
| Version: | 4.7.x-1.x-dev |
| Component: | Code |
| Category: | feature request |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | closed |
Hello.
I've studied your module and would like to propose a new simple but valuable feature:
The logic of finding if logout should be performed based on user role is hardcoded and it is like this: "if a user is found to be in a role that allows disabling this feature, this overrides any enforcement".
I have special type of registered users 'operator'. I want autologout is performed for operators ONLY. If I set Exculde for authenticated users and Enforce for operators it will not work - Exculde will overwrite. Using By user may help but it is very inconvenient when we have hundreds of operators.
I propose you to make an option group or checkbox which will determine will Exculde override Enforce or the vise versa ... something like that.
What about it?
#1
If you want to supply a patch I'd be happy to review it but otherwise I don't have time for new features right now, only bug fixes.
#2
Hello.
This is a patch for the feature I proposed. An idea is to give control on autologout policy. The patch does the following:
1. Adds a new variable autologout_mode which can be one of 0,1,2 determining which policy did you choose.
2. Adds a autologout_mode combobox on a settings page.
3. _autologout_by_role() function improved:
- role foreach cycle was optimized to avoid scanning for unnecessary roles.
- logic was changed to depend on autologout_mode setting. Now user can choose whether enforcement, excluding or 'By user' settings will override other settings (in case of user has several roles).
Thanks. Please, give me any feedback about this feature.
If you accept it, could you please implement it in Drupal 5.0 and HEAD versions?
#3
Hi, thanks, I'll try and look at this soon. One question I have though. What are the effects of this for a user who is currently using autologout?
i.e. If I'm a user and I downloaded the latest greatest version of the module (the module after applying this patch) what are the effects? Will it continue to work with their previous settings without changing anything?
Basically, when providing additional features it's important not to break current functionality. If the patch is applied it may be fine for you but for a 1000 other users it may "suddenly stop working as expected". That can't happen.
#4
Yes, you are right - users will have to change an added setting to 'Excluding overrides' to make everything works as before. To avoid this I set this new policy setting to 'Excluding overrides' value by default.
So, there should be no problems now, because 'Excluding overrides' is the policy logic used before.
Now, more abilities are possible. For instance, you can set all roles to NOT TO logout and force only several roles to logout depend on their own settings which was impossible before because Exclude overrided everything and we needed to set Enforce for Auth users (which means that all users will be autologouted).
I'm not saying that my implementation is perfect but it widens policy logic.
#5
Sorry. Forgot the patch. Here it is. The single change is
var $autologout_mode = 1;
#6
#7
house cleaning.