This might be related to the similar issue at http://drupal.org/node/372884; but then again, the behaviour is a bit different, and it's also the next release of the module...

I have a Drupal 6.10 install, with the only non-default modules enabled being contact and path. Without logintoboggan enabled, the registration process works fine through the Drupal user module, including the use of email validation. Having logintoboggan enabled, and with both 'set password' and 'immediate login' activated, the registration initially seems to work fine. In particular, a new user is also given the role as configured in the non-authenticated role dropdown. Looking into into the users_roles table of the database, I can also see the correct relation between a newly created user and the respective role.

If the new user uses the link in his confirmation email in order to validate his email, he sees a message saying 'You have successfully validated your e-mail address.', but afterwards there are only access denied messages even to content that is visible to an anonymous user. The admin interface does not show any role associated with the user; looking into the users_roles relation table again, the entry for the new user has disappeared (instead of his role having being changed to the authenticated user role - which is what I would expect it to do - right?).

If there's anything else non-standard about my setup, it might be that I have configured MySQL to use increments of 2 for all autoincrements.

Where in the code is the authenticated role set after a successful email validation? I have found where the pre-authentication role is removed from the users_roles table (in logintoboggan_validate_email()). A few lines later, the authenticated role is set in $account->roles, which is later passed on to an update call of user_module_invoke(). Is the latter supposed to set up the correct content of the users_role table?

I would be extremely grateful if you could give me hints on how to track this down further.

Comments

hunmonk’s picture

hunmonk commented
Status: Active » Closed (works as designed)

drupal core automatically sets the auth user role and loads it into the $user object when building the user. LT removes the role dynamically each page load when the user is in the pre auth role. so in the process of validating, LT only needs to remove the pre auth role, after which it also stops removing the auth role for the user as well.

sounds to me like you have a config issue, possibly with your permissions.

marquardt’s picture

marquardt commented

What would prevent core from setting the user role to the authenticated one? I can do that manually (as an administrator), and everything is fine afterwards - including the proper content in the users_roles table.

Many thanks.

hunmonk’s picture

hunmonk commented

you've lost me. there is no way to manually enable the auth role in 6.x -- users with accounts get the role, period.

marquardt’s picture

marquardt commented

yeah but for some reason, at least in my configuration, they don't.

marquardt’s picture

marquardt commented

Ok, found it - I think.

In logintoboggan.module, core's variable DRUPAL_AUTHENTICATED_RID is used, which is defined as 2 in core's include/bootstrap.inc. Due to my even/odd setup of the autoincrements in the database (and due to using an odd base), the actual value for the 'authenticated user' role is 3, however; so DRUPAL_AUTHENTICATED_RID doesn't reflect the actual ID of the authenticated user role. As a consequence (I think), the role setting the user module usually does doesn't work any more.

I have checked this by setting the the value of DRUPAL_AUTHENTICATED_RID to 3, and things worked fine afterwards.

EDIT: And it's indeed a known problem (see this core issue which also includes a patch for Drupal core (5.x and 6(.10)).

liliplanet’s picture

liliplanet commented

Hi,

I've tried the patch in #5 for Drupal 6.13, but still no joy. After email link validation the user is not assigned a role in user/user/list (it's just blank).

I need this as I sort my users by role .. and well, the blank roles are not available :)

Setup:

Allow users to login using their e-mail address: enabled
Use two e-mail fields on registration form: disabled
Set password: enabled
Immediate login: disabled

Has anyone perhaps found a solution, would most appreciate any reply, and thank you.

hunmonk’s picture

hunmonk commented

@Liliplanet: please re-read my comment in #3

also, admin/user/user does _not_ show the auth role in the table -- it would be silly to display it, since every user on the site has it ;)

if you want to know who's not receiving auth permissions, and you have LT enabled and configured, then filter by the pre-auth role.

marquardt’s picture

marquardt commented

The patch for Drupal core only affects the setup of the Drupal data base at installation time - once the data base is set up, the patch won't help. You need a fresh install for it to work.

liliplanet’s picture

liliplanet commented

Thank you Hunmonk and Marquardt for your reply. Perhaps I should be a little more clear ..

I have a custom membership system where users expire after a certain period. They then automatically become 'authenticated role'. That is naturally also for users that have used the verification link.

I have a directory that sorts users by role. Because the users in authenticated role do not seem to be assigned a valid role, they appear in the directory although in my filters only the paid users roles are selected.

Do I create a new role .. but how will the authenticated users automatically be assigned this new role? I need a valid role for these users.

Look most forward to your reply, and again thank you.
Lilian