Every time the $user object is saved all user selectable roles are removed automatically in the hook_user function at line 144

 foreach ($admin_defined_roles as $rid) {
       unset($edit['roles'][$rid]);
}

This is all fine when the account is changed via the form that contains these selectable roles , but what if the $user object is updated via manual functions (user_save) or other modules (rules) ?

I suggest you add some sort of check to see that a form has been submitted containing the role values we require.

Personally, to get around this I added a little conditional hack.

if ($edit['user_selectable_roles']){
   foreach ($admin_defined_roles as $rid) {
	       unset($edit['roles'][$rid]);
    }
}

This isn't much of an issue , but it still renders the module inflexible for bigger , more complicated sites.

Thanks for the module.

Comments

johnhanley’s picture

johnhanley commented

Mihai, thanks for pointing this out.

You are correct: the code you specified should only fire when the form element $edit['user_selectable_roles'] exists AND after an account page has been updated.

Let me give this matter some thought, but the solution you illustrated seems reasonable to me.

johnhanley’s picture

johnhanley commented
Version: 6.x-1.x-dev » 6.x-1.1
Assigned: Unassigned » johnhanley
Status: Active » Fixed

I just released a new version for both branches, which includes a fix for this bug. Thanks!

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.