1)Create a role "not verified user" which have less permissions than "authenticated user"

2) Go on this page : /user/user/list

3) Think how can I upgrade manually a "not verified user" to "authenticated user" ?

4) But the current drupal answer is "Remove the role not verified user" of your user.

=> This a usability issue. "Authenticated user" is not always the "smallest" role after "anonymous" role regarding permissions.

The page /user/user/list doesn't really take this cases in consideration.

Comments

julma’s picture

Title: Upgrade a user from a role smaller role than "authenticated user" to the "authenticated user" role » Upgrade a user from a role smaller than "authenticated user" to the "authenticated user" role
julma’s picture

spelling fault in the title sorry

damien tournoud’s picture

I don't really understand the issue. Permission granted to the "authenticated user" role apply to all authenticated users. You can't create a role that has less permissions then the "authenticated user" role.

julma’s picture

Generally "authenticated" role is seen as the "normal" role for users.

But sometimes, it can be useful to be able to temporaly downgrade a normal user to a role with less permission. The general use case is when you want user to perform a given action before he can recover his normal permissions.

In my example, I ve created a role "not verified user" and the action I want the user to perform is "checking email drupal send to him to verify his account".
I am using the loggintoboggan module http://drupal.org/project/logintoboggan
User can create his password directly from the register form. In the meantime as a "not verified user" he can still edit his basic account information and even change his password if he wants but he hasn't yet most of permissions granted to normal user. Latter if he changes his email adress, he loose his status of normal "authenticated" until he confirms his email again.

Lot of other use case examples could be found.

The usability issue is that in this form /admin/user/user/list
You need to "remove" the role with less permissions to come back to the normal "authenticated" user role.

This is not intuitive for a basic drupal administrator who don't care about how drupal works.

A possible solution :

In the form /admin/user/user/list
Replace "add role" and "remove role" by "change role to"

julma’s picture

By the way Damien, it is possible to create a role that has less permissions than the "authenticated user" role.

dpearcefl’s picture

How do you create an authenticated user with less permissions than the authenticated user role?

Status: Active » Closed (outdated)

Automatically closed because Drupal 6 is no longer supported. If the issue verifiably applies to later versions, please reopen with details and update the version.