In previous versions of Drupal, the menu item for user/login would be access denied for authenticated users. This meant that you could create a menu link (perhaps in the primary navigation) entitled something like "Login/Register" and point it to the "user/login" path. When the user logged in, the menu item would go away (because they didn't have permission for it anymore).

In Drupal 6, the authenticated user still has permission for user/login. Because of this, the menu item does not disappear from the site navigation once the user is logged in.

CommentFileSizeAuthor
#1 user_login_perm-179695.patch355 byteschx

Comments

chx’s picture

chx commented
Status: Active » Reviewed & tested by the community
StatusFileSize
new user_login_perm-179695.patch355 bytes

I wonder why jjeff have not rolled this trivial patch...

jjeff’s picture

jjeff commented

Because jjeff is lazy! ...and he has not quite figured out the new menu system yet... and did I mention lazy?

:-)

Thanks chx

gábor hojtsy’s picture

gábor hojtsy
he/him
Primary language Hungarian
Location Hungary
commented
Status: Reviewed & tested by the community » Needs work

Hm, chx, you proposed to remove the anonymous check on user/login here: http://drupal.org/node/172765 So I'd rather not add it back in now just to play limbo with that fix. Maybe we can come up with something which fits both issues?

Tobias Maier’s picture

Tobias Maier commented

gabor: i don't think you are right.
take a look at comment #13 of the issue mentioned.
it talks about the "user" path NOT about "user/login", like this patch of chx

catch’s picture

catch
he/him
Primary language English
commented
Status: Needs work » Needs review

In that case, setting back to needs review. I agree this is a very useful behaviour to have and it'd be a shame to lose it.

chx’s picture

chx commented
Status: Needs review » Reviewed & tested by the community

Then I think this issue is again RTBC. Yes, the linked issue was about the page user which has double role. Actually that patch broke this one, because before that it inherited from 'user' now it needs explicit definition. user/register has no such problems, it has its own complicated access callback. And user/password also has anonymous check. Only user/login is without an explicit check.

moshe weitzman’s picture

moshe weitzman commented

Seems quite reasonable to me.

gábor hojtsy’s picture

gábor hojtsy
he/him
Primary language Hungarian
Location Hungary
commented
Status: Reviewed & tested by the community » Fixed

Thanks for the explanation, I really overlooked the fundamental difference between the two patches. This is now committed!

Anonymous’s picture

(not verified) commented
Status: Fixed » Closed (fixed)