For a long time I've been wondering if this was possible, and eventually I decided to try writing a patch for it :)
The attached patch removes Drupal's hardcoded anonymous and authenticated user roles and replaces them with a simple system where any role on a site can be auto-assigned to users (a) before they log in, and (b) right after they have registered for an account.
The patch is basically functional and has the following advantages:
- The "anonymous user" and "authenticated user" roles that Drupal currently has are weird and confusing. Why? Because "anonymous" and "authenticated" represent states of interaction with a computer, but most other roles represent categories of people (think "Editor", "Administrator", etc). Things would be much clearer if the roles that users are automatically assigned work the same way as other roles on the site. For example, in this initial patch the default install profile starts off with anonymous users being assigned to a "Guest" role and newly-registered users being granted a "Member" role, but the expert profile doesn't start with any roles at all, and sites are free to use whatever roles are meaningful to them.
- The patch makes it possible to auto-assign the same role for both (a) and (b) above, if you want unauthenticated and authenticated users on your site to share the same base set of permissions. (No more clicking two checkboxes in a row on the permissions page!)
- Some sites have no need for "authenticated users" at all (for example, single user blogs). Currently, Drupal forces that role on them, but this patch means it won't anymore.
- If your site registration policies get more strict (for example, if you previously allowed open registration but then later switched to requiring email verification), this patch allows you to easily separate your users into "before" and "after" by switching the role that is auto-assigned to newly registered users. For example, you could create a new role called "Verified Member" and auto-assign that; you can then safely grant this new role more permissions knowing that anyone who gets it must have gone through more verification steps during registration than users who got the older "Member" role.
- Any patch which involves deleting as much ugly, special-case code as this one does can't be a bad thing :)
Screenshots are attached as well. I think this patch actually makes sense, but it's a big change so someone please tell me where I went wrong with it :)
Comment | File | Size | Author |
---|---|---|---|
#28 | remove-hardcoded-roles-468768-28.patch | 29.36 KB | klaasvw |
expert_install_permissions_page.png | 70.69 KB | David_Rothstein | |
expert_install_user_settings_page.png | 95.19 KB | David_Rothstein | |
default_install_permissions_page.png | 106.53 KB | David_Rothstein | |
default_install_user_settings_page.png | 99.11 KB | David_Rothstein |
Comments
Comment #1
David_Rothstein CreditAttribution: David_Rothstein commentedNote that the following are possible disadvantages or things that still need work:
Comment #2
David_Rothstein CreditAttribution: David_Rothstein commentedThis certainly still needs work as per the comment above, but I'm very very curious to see what the testbot will say about it...
Comment #3
webchickWow. Interesting patch. subscribing for now.
Comment #4
sundrupal_anonymous_role() and drupal_registration_role() always need to return values, because there is a certain amount of functionality that depends on it. (mostly in contrib modules)
Comment #5
David_Rothstein CreditAttribution: David_Rothstein commented@sun: I'm not exactly sure what you mean. Can you give an example?
BTW, I ran the tests locally and it's not as bad as it could be. Got something like 11,000 passes and 90 failures (all the failures were in contact.module, and probably easy to fix). Then it hit the user.module tests and SimpleTest exploded and crashed :) Probably to be expected. So mostly it seems like the tests that this breaks are well-concentrated where they should be, which is a good thing.
Comment #6
Damien Tournoud CreditAttribution: Damien Tournoud commentedInteresting patch. Removing the hard-coded "authenticated user" role makes a lot of sense. On the other hand, removing the hard-coded "anonymous user" role only makes sense if we could dynamically add a role to an anonymous user, which is currently impossible. This would be truly awesome, as it would mean that we can do some kind of segmentation between anonymous users.
Comment #7
ksenzeeLove this idea. Anywhere you really do need a check for "is this user logged in or not?" you can just use $user->uid == 0, so I don't think David's first point in #1 is actually that much of an issue.
Comment #8
catchI really like this. For a while I've been thinking about use cases like giving every user a role on registration, but taking that role away again if they abuse the site (but don't necessarily do enough to warrant blocking). This would allow that out of the box without any nasty hacks.
Comment #9
yoroy CreditAttribution: yoroy commentedSubscribe. And kudos for a well written issue. It helps a lot.
Comment #10
joshmillerSounds like we have two states any role can be:
According to Dries and Catch in the discussion going on over at d7ux.org: Admin Header, we may need to add one more state: Administrator.
I believe this is what #182023: Add a third default role to core for handling Administrative duties is all about. I will be cross-posting there.
Comment #11
zirvap CreditAttribution: zirvap commentedWhat does a site look like to a user without any role? Can she view any content? Or, well, view or do anything at all?
I can see why it could be useful to give the same role to both logged in and not logged in users, but I don't see how it's a good thing to make it possible to have users without any role at all.
Comment #12
Dries CreditAttribution: Dries commentedThis patch is very interesting indeed. Tracking it.
Comment #13
catch@zirvap - if you remove all permissions from anonymous and authenticated users, then they can't access anything anyway, so there's really no change there.
Comment #14
sunPerhaps offtopic, but related:
The {users_roles}.tid column exists in Drupal's schema and was supposed to allow tagging of user roles (which was never implemented).
Comment #15
EvanDonovan CreditAttribution: EvanDonovan commentedThis is a great idea. Subscribing.
Comment #16
joshmillerAnother related patch that has been committed: #480660: Add an 'administrator' role to core
Comment #17
michaelfavia CreditAttribution: michaelfavia commentedI attempted to remedy this same problem with a much less powerful but also much simpler solution. i made the names of the roles editable and added descriptions to the roles #393406: "Edit" links on roles admin page are confusing to users: "Edit permissions" should be the primary link. While i put all of my weight behind this patch instead, i would like to offer it as a partial solution if your isnt generally acceptable by everyone. It solves the first part of your issue but fails to offer the same benefits of the rest which I personally find valuable.
I do have a small concern with hiding all of these options under "site settings > user" though. I would never think to look there and i know my users wouldnt. This is why i advocated moving user settings under a menu local task for admin/user/user #391412: Move contact form, post, and user settings below Site configuration (original title was: Move "user settings" under user as a local menu task) and role settings under roles (admin/user/roles). This is inline with putting the configuration of items in place with the items they modify. We are exacerbating the "i have to go all the way across my site to change a setting for roles when I'm already in roles section".
i realize that nobody likes the menu local tasks because of issues with visibility, etc but I think we can mitigate/fix those with decent design, the new admin bar (with hierarchy), and add child links below admin menu items in some similar fashion to: http://drupal.org/files/issues/screenshot1_0_5.png
Comment #18
dropcube CreditAttribution: dropcube commentedInteresting, subscribing.
Comment #19
Pasquallesubscribe
Comment #20
ronald_istos CreditAttribution: ronald_istos commentedThink this is well worth it - subscribing
Comment #21
sunComment #22
mparker17Subscribe
Comment #23
SeanBannister CreditAttribution: SeanBannister commentedsub
Comment #24
xjmVery interesting; tracking.
Help fix "+1 subscribe" posts: see http://drupal.org/node/34496 and http://3281d.com/2009/03/27/death-to-subscribe-comments
Comment #25
ergonlogicMore than two years without activity... Is this still relevant, or blocked by some other issue?
Comment #26
Anonymous (not verified) CreditAttribution: Anonymous commentedI've also never understood the annonymouse and authenticated(HARDCODED) roles when all you have to do to determine who is registered and who is not is just
$GLOBALS['user']->uid == 0
condition. I think that this should be totally removed from the core since it makes absolutely no sense at all.Comment #27
yoroy CreditAttribution: yoroy commentedStill relevant. I don't think blocked on anything else, it needs someone to pick it back up and reroll the initial patch from git.
Comment #28
klaasvw CreditAttribution: klaasvw commentedHere's a reroll of the original patch together with some additional changes for code that was introduced since the previous patch. The main difference is that the standard install profile will create anonymous and registered roles while the minimal one comes with no roles.
I still need to work on this because it doesn't remove the roles from the tests. They are being used in several tests for checking functionality for anonymous users that involves permissions assigned to the anonymous role (e.g. posting comments).
As was originally stated by David, this is a tough one to implement and has a possible issue. Right now the registered role gets assigned automatically to new users. How do we handle existing users or switching the role? I was thinking of two ways:
- Always assign the role on user load instead of assigning it in the database. This might be an issue if we want tighter control over users and want to be able to remove the role from a single user.
- Provide an option for a batch job to run when the role is changed, assigning the role to all users. This introduces additional problems like removing the previous registered role and it's not great for sites with many user accounts.
Personally I'm in favor of the first option. It basically functions like the authenticated user role used to work and it doesn't introduce any messy things like having to run batch jobs. If having tighter control over the roles is an issue there's always the possibility to override or remove the role on hook_user_load for modules.
Any thoughts or suggestions on how to tackle this?
Also, any ideas on making tests relying on the roles compatible with this? Should the test profile always create these roles?
Comment #29
tim.plunkettSending to the testbot.
Comment #31
klaasvw CreditAttribution: klaasvw commented#28: remove-hardcoded-roles-468768-28.patch queued for re-testing.
Comment #33
amc CreditAttribution: amc commentedPossibly related (and may be able to be incorporated into this patch): #749298: Anonymous user name should be used on permissions screen
Comment #34
mgiffordThis issue #479708: Rename 'Authenticated user' and 'anonymous user' so they are clearer is stopped by this one.