diff --git a/core/includes/bootstrap.inc b/core/includes/bootstrap.inc
index f65ab4c..517be72 100644
--- a/core/includes/bootstrap.inc
+++ b/core/includes/bootstrap.inc
@@ -147,14 +147,14 @@ const DRUPAL_BOOTSTRAP_LANGUAGE = 6;
const DRUPAL_BOOTSTRAP_FULL = 7;
/**
- * Role ID for anonymous users; should match what's in the "role" table.
+ * Role name for anonymous users; should match what's in the "role" table.
*/
-const DRUPAL_ANONYMOUS_RID = 1;
+const DRUPAL_ANONYMOUS_ROLE = 'anonymous_user';
/**
- * Role ID for authenticated users; should match what's in the "role" table.
+ * Role name for authenticated users; should match what's in the "role" table.
*/
-const DRUPAL_AUTHENTICATED_RID = 2;
+const DRUPAL_AUTHENTICATED_ROLE = 'authenticated_user';
/**
* The number of bytes in a kilobyte.
@@ -1991,8 +1991,7 @@ function drupal_anonymous_user() {
$user = new stdClass();
$user->uid = 0;
$user->hostname = ip_address();
- $user->roles = array();
- $user->roles[DRUPAL_ANONYMOUS_RID] = 'anonymous user';
+ $user->roles = array(DRUPAL_ANONYMOUS_ROLE => TRUE);
return $user;
}
diff --git a/core/includes/session.inc b/core/includes/session.inc
index b07997c..1912ba2 100644
--- a/core/includes/session.inc
+++ b/core/includes/session.inc
@@ -110,8 +110,8 @@ function _drupal_session_read($sid) {
// Add roles element to $user.
$user->roles = array();
- $user->roles[DRUPAL_AUTHENTICATED_RID] = 'authenticated user';
- $user->roles += db_query("SELECT r.rid, r.name FROM {role} r INNER JOIN {users_roles} ur ON ur.rid = r.rid WHERE ur.uid = :uid", array(':uid' => $user->uid))->fetchAllKeyed(0, 1);
+ $user->roles[DRUPAL_AUTHENTICATED_ROLE] = TRUE;
+ $user->roles += db_query("SELECT r.name FROM {role} r INNER JOIN {users_roles} ur ON ur.role_name = r.name WHERE ur.uid = :uid", array(':uid' => $user->uid))->fetchAllKeyed(0, 0);
}
elseif ($user) {
// The user is anonymous or blocked. Only preserve two fields from the
diff --git a/core/includes/update.inc b/core/includes/update.inc
index fb6f450..77d4c4a 100644
--- a/core/includes/update.inc
+++ b/core/includes/update.inc
@@ -131,6 +131,9 @@ function update_prepare_d8_bootstrap() {
);
db_change_field('url_alias', 'language', 'langcode', $langcode_spec, $langcode_indexes);
}
+
+ // Prepare the role name system for session bootstrapping.
+ update_prepare_d8_role_names();
}
}
}
@@ -224,6 +227,78 @@ function update_prepare_d8_language() {
}
/**
+ * Prepare a minimal working D8 role name system.
+ *
+ * This is required for session bootstrapping during an upgrade from D7.
+ */
+function update_prepare_d8_role_names() {
+ if (!db_field_exists('role', 'label')) {
+ // Add the 'label' column to the role table.
+ $label_column = array(
+ 'type' => 'varchar',
+ 'length' => 255,
+ 'default' => '',
+ 'description' => 'Role label.',
+ 'translatable' => TRUE,
+ );
+ db_add_field('role', 'label', $label_column);
+
+ // Copy the old role name to the label.
+ db_query("UPDATE {role} SET label = name");
+ // Copy the role id to the name column, the rid is our new machine name. The
+ // only exception are the anonymous and authenticated user roles.
+ db_query('UPDATE {role} SET name = rid WHERE rid NOT IN (1, 2)');
+ db_update('role')
+ ->fields(array('name' => DRUPAL_ANONYMOUS_ROLE))
+ ->condition('rid', 1)
+ ->execute();
+ db_update('role')
+ ->fields(array('name' => DRUPAL_AUTHENTICATED_ROLE))
+ ->condition('rid', 2)
+ ->execute();
+ }
+ if (!db_field_exists('role_permission', 'role_name')) {
+ // Add the 'role_name' column to the role_permission table.
+ $column = array(
+ 'type' => 'varchar',
+ 'length' => 64,
+ 'description' => 'Foreign Key: {role}.name.',
+ );
+ db_add_field('role_permission', 'role_name', $column);
+
+ db_query('UPDATE {role_permission} SET role_name = rid WHERE rid NOT IN (1, 2)');
+ db_update('role_permission')
+ ->fields(array('role_name' => DRUPAL_ANONYMOUS_ROLE))
+ ->condition('rid', 1)
+ ->execute();
+ db_update('role_permission')
+ ->fields(array('role_name' => DRUPAL_AUTHENTICATED_ROLE))
+ ->condition('rid', 2)
+ ->execute();
+ }
+ if (!db_field_exists('users_roles', 'role_name')) {
+ // Add the 'role_name' column to the users_roles table.
+ $column = array(
+ 'type' => 'varchar',
+ 'length' => 64,
+ 'default' => '',
+ 'description' => 'Primary Key: {role}.name for role.',
+ );
+ db_add_field('users_roles', 'role_name', $column);
+
+ db_query('UPDATE {users_roles} SET role_name = rid WHERE rid NOT IN (1, 2)');
+ db_update('users_roles')
+ ->fields(array('role_name' => DRUPAL_ANONYMOUS_ROLE))
+ ->condition('rid', 1)
+ ->execute();
+ db_update('users_roles')
+ ->fields(array('role_name' => DRUPAL_AUTHENTICATED_ROLE))
+ ->condition('rid', 2)
+ ->execute();
+ }
+}
+
+/**
* Adds modules to the system table in a Drupal core update.
*
* @param $modules
diff --git a/core/modules/block/block.admin.inc b/core/modules/block/block.admin.inc
index 2b98d2a..9363eae 100644
--- a/core/modules/block/block.admin.inc
+++ b/core/modules/block/block.admin.inc
@@ -458,7 +458,7 @@ function block_admin_configure($form, &$form_state, $module, $delta) {
}
// Per-role visibility.
- $default_role_options = db_query("SELECT rid FROM {block_role} WHERE module = :module AND delta = :delta", array(
+ $default_role_options = db_query("SELECT role_name FROM {block_role} WHERE module = :module AND delta = :delta", array(
':module' => $block->module,
':delta' => $block->delta,
))->fetchCol();
@@ -552,10 +552,10 @@ function block_admin_configure_submit($form, &$form_state) {
->condition('module', $form_state['values']['module'])
->condition('delta', $form_state['values']['delta'])
->execute();
- $query = db_insert('block_role')->fields(array('rid', 'module', 'delta'));
- foreach (array_filter($form_state['values']['roles']) as $rid) {
+ $query = db_insert('block_role')->fields(array('role_name', 'module', 'delta'));
+ foreach (array_filter($form_state['values']['roles']) as $role_name) {
$query->values(array(
- 'rid' => $rid,
+ 'role_name' => $role_name,
'module' => $form_state['values']['module'],
'delta' => $form_state['values']['delta'],
));
@@ -672,10 +672,10 @@ function block_add_block_form_submit($form, &$form_state) {
}
$query->execute();
- $query = db_insert('block_role')->fields(array('rid', 'module', 'delta'));
- foreach (array_filter($form_state['values']['roles']) as $rid) {
+ $query = db_insert('block_role')->fields(array('role_name', 'module', 'delta'));
+ foreach (array_filter($form_state['values']['roles']) as $role_name) {
$query->values(array(
- 'rid' => $rid,
+ 'role_name' => $role_name,
'module' => $form_state['values']['module'],
'delta' => $delta,
));
diff --git a/core/modules/block/block.install b/core/modules/block/block.install
index 1b450cd..b1e7fcb 100644
--- a/core/modules/block/block.install
+++ b/core/modules/block/block.install
@@ -117,16 +117,16 @@ function block_schema() {
'not null' => TRUE,
'description' => "The block's unique delta within module, from {block}.delta.",
),
- 'rid' => array(
- 'type' => 'int',
- 'unsigned' => TRUE,
+ 'role_name' => array(
+ 'type' => 'varchar',
+ 'length' => 64,
'not null' => TRUE,
- 'description' => "The user's role ID from {users_roles}.rid.",
+ 'description' => "The role name from {role}.name.",
),
),
- 'primary key' => array('module', 'delta', 'rid'),
+ 'primary key' => array('module', 'delta', 'role_name'),
'indexes' => array(
- 'rid' => array('rid'),
+ 'role_name' => array('role_name'),
),
);
@@ -267,6 +267,44 @@ function block_update_8001() {
}
/**
+ * Role IDs are replaced with role machine names.
+ */
+function block_update_8002() {
+ $column = array(
+ 'type' => 'varchar',
+ 'length' => 64,
+ // Allow NULL values temporarily to be able to add the field for existing
+ // records.
+ 'not null' => FALSE,
+ 'description' => "The role name from {role}.name.",
+ );
+ db_add_field('block_role', 'role_name', $column);
+
+ db_query('UPDATE {block_role} SET role_name = rid WHERE rid NOT IN (1, 2)');
+ db_update('block_role')
+ ->fields(array('role_name' => DRUPAL_ANONYMOUS_ROLE))
+ ->condition('rid', 1)
+ ->execute();
+ db_update('block_role')
+ ->fields(array('role_name' => DRUPAL_AUTHENTICATED_ROLE))
+ ->condition('rid', 2)
+ ->execute();
+
+ // The role name field must not be NULL.
+ $column['not null'] = TRUE;
+ db_change_field('block_role', 'role_name', 'role_name', $column);
+
+ db_drop_field('block_role', 'rid');
+ // Update the primary key of the block_role table.
+ db_drop_primary_key('block_role');
+ db_add_primary_key('block_role', array('module', 'delta', 'role_name'));
+
+ // Update the index of the block_role table.
+ db_drop_index('block_role', 'rid');
+ db_add_index('block_role', 'role_name', array('role_name'));
+}
+
+/**
* @} End of "addtogroup updates-7.x-to-8.x"
* The next series of updates should start at 9000.
*/
diff --git a/core/modules/block/block.module b/core/modules/block/block.module
index 97f59e9..25175bc 100644
--- a/core/modules/block/block.module
+++ b/core/modules/block/block.module
@@ -597,8 +597,8 @@ function block_custom_block_save($edit, $delta) {
*/
function block_form_user_profile_form_alter(&$form, &$form_state) {
$account = $form['#user'];
- $rids = array_keys($account->roles);
- $result = db_query("SELECT DISTINCT b.* FROM {block} b LEFT JOIN {block_role} r ON b.module = r.module AND b.delta = r.delta WHERE b.status = 1 AND b.custom <> 0 AND (r.rid IN (:rids) OR r.rid IS NULL) ORDER BY b.weight, b.module", array(':rids' => $rids));
+ $role_names = array_keys($account->roles);
+ $result = db_query("SELECT DISTINCT b.* FROM {block} b LEFT JOIN {block_role} r ON b.module = r.module AND b.delta = r.delta WHERE b.status = 1 AND b.custom <> 0 AND (r.role_name IN (:role_names) OR r.role_name IS NULL) ORDER BY b.weight, b.module", array(':role_names' => $role_names));
$blocks = array();
foreach ($result as $block) {
@@ -793,9 +793,9 @@ function block_block_list_alter(&$blocks) {
// Build an array of roles for each block.
$block_roles = array();
- $result = db_query('SELECT module, delta, rid FROM {block_role}');
+ $result = db_query('SELECT module, delta, role_name FROM {block_role}');
foreach ($result as $record) {
- $block_roles[$record->module][$record->delta][] = $record->rid;
+ $block_roles[$record->module][$record->delta][] = $record->role_name;
}
// Build an array of langcodes allowed per block.
@@ -1026,7 +1026,7 @@ function template_preprocess_block(&$variables) {
*/
function block_user_role_delete($role) {
db_delete('block_role')
- ->condition('rid', $role->rid)
+ ->condition('role_name', $role->name)
->execute();
}
diff --git a/core/modules/block/block.test b/core/modules/block/block.test
index e6b2e42..da67498 100644
--- a/core/modules/block/block.test
+++ b/core/modules/block/block.test
@@ -111,7 +111,7 @@ class BlockTestCase extends WebTestBase {
// Set visibility only for authenticated users, to verify delete functionality.
$edit = array();
- $edit['roles[2]'] = TRUE;
+ $edit['roles[' . DRUPAL_AUTHENTICATED_ROLE . ']'] = TRUE;
$this->drupalPost('admin/structure/block/manage/block/' . $bid . '/configure', $edit, t('Save block'));
// Delete the created custom block & verify that it's been deleted and no longer appearing on the page.
@@ -189,7 +189,7 @@ class BlockTestCase extends WebTestBase {
// authenticated users.
$edit = array();
$edit['pages'] = 'user*';
- $edit['roles[' . DRUPAL_AUTHENTICATED_RID . ']'] = TRUE;
+ $edit['roles[' . DRUPAL_AUTHENTICATED_ROLE . ']'] = TRUE;
$this->drupalPost('admin/structure/block/manage/' . $block['module'] . '/' . $block['delta'] . '/configure', $edit, t('Save block'));
// Move block to the first sidebar.
diff --git a/core/modules/book/book.test b/core/modules/book/book.test
index 00995cb..ba961df 100644
--- a/core/modules/book/book.test
+++ b/core/modules/book/book.test
@@ -282,8 +282,8 @@ class BookTestCase extends WebTestBase {
// Give anonymous users the permission 'node test view'.
$edit = array();
- $edit['1[node test view]'] = TRUE;
- $this->drupalPost('admin/people/permissions/1', $edit, t('Save permissions'));
+ $edit[DRUPAL_ANONYMOUS_ROLE . '[node test view]'] = TRUE;
+ $this->drupalPost('admin/people/permissions/' . DRUPAL_ANONYMOUS_ROLE, $edit, t('Save permissions'));
$this->assertText(t('The changes have been saved.'), t("Permission 'node test view' successfully assigned to anonymous users."));
// Test correct display of the block.
@@ -318,8 +318,8 @@ class BookTestCase extends WebTestBase {
// Give anonymous users the permission 'node test view'.
$edit = array();
- $edit['1[node test view]'] = TRUE;
- $this->drupalPost('admin/people/permissions/1', $edit, t('Save permissions'));
+ $edit[DRUPAL_ANONYMOUS_ROLE . '[node test view]'] = TRUE;
+ $this->drupalPost('admin/people/permissions/' . DRUPAL_ANONYMOUS_ROLE, $edit, t('Save permissions'));
$this->assertText(t('The changes have been saved.'), t('Permission \'node test view\' successfully assigned to anonymous users.'));
// Create a book.
diff --git a/core/modules/comment/comment.module b/core/modules/comment/comment.module
index 79f2ecb..2521d06 100644
--- a/core/modules/comment/comment.module
+++ b/core/modules/comment/comment.module
@@ -1354,16 +1354,16 @@ function comment_node_update_index(Node $node) {
if ($index_comments === NULL) {
// Find and save roles that can 'access comments' or 'search content'.
$perms = array('access comments' => array(), 'search content' => array());
- $result = db_query("SELECT rid, permission FROM {role_permission} WHERE permission IN ('access comments', 'search content')");
+ $result = db_query("SELECT role_name, permission FROM {role_permission} WHERE permission IN ('access comments', 'search content')");
foreach ($result as $record) {
- $perms[$record->permission][$record->rid] = $record->rid;
+ $perms[$record->permission][$record->role_name] = $record->role_name;
}
// Prevent indexing of comments if there are any roles that can search but
// not view comments.
$index_comments = TRUE;
- foreach ($perms['search content'] as $rid) {
- if (!isset($perms['access comments'][$rid]) && ($rid <= DRUPAL_AUTHENTICATED_RID || !isset($perms['access comments'][DRUPAL_AUTHENTICATED_RID]))) {
+ foreach ($perms['search content'] as $role_name) {
+ if (!isset($perms['access comments'][$role_name]) && ($role_name == DRUPAL_ANONYMOUS_ROLE || $role_name == DRUPAL_AUTHENTICATED_ROLE || !isset($perms['access comments'][DRUPAL_AUTHENTICATED_ROLE]))) {
$index_comments = FALSE;
break;
}
@@ -2189,7 +2189,7 @@ function theme_comment_post_forbidden($variables) {
// We only output a link if we are certain that users will get permission
// to post comments by logging in.
$comment_roles = user_roles(TRUE, 'post comments');
- $authenticated_post_comments = isset($comment_roles[DRUPAL_AUTHENTICATED_RID]);
+ $authenticated_post_comments = isset($comment_roles[DRUPAL_AUTHENTICATED_ROLE]);
}
if ($authenticated_post_comments) {
diff --git a/core/modules/comment/comment.test b/core/modules/comment/comment.test
index 2e0a209..a1e23d0 100644
--- a/core/modules/comment/comment.test
+++ b/core/modules/comment/comment.test
@@ -626,7 +626,7 @@ class CommentInterfaceTest extends CommentHelperCase {
// Prepare for anonymous comment submission (comment approval enabled).
variable_set('user_register', USER_REGISTER_VISITORS);
$this->drupalLogin($this->admin_user);
- user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array(
+ user_role_change_permissions(DRUPAL_ANONYMOUS_ROLE, array(
'access comments' => TRUE,
'post comments' => TRUE,
'skip comment approval' => FALSE,
@@ -650,7 +650,7 @@ class CommentInterfaceTest extends CommentHelperCase {
// Prepare for anonymous comment submission (no approval required).
$this->drupalLogin($this->admin_user);
- user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array(
+ user_role_change_permissions(DRUPAL_ANONYMOUS_ROLE, array(
'access comments' => TRUE,
'post comments' => TRUE,
'skip comment approval' => TRUE,
@@ -814,9 +814,9 @@ class CommentInterfaceTest extends CommentHelperCase {
variable_set('user_register', $info['user_register']);
// Change user permissions.
- $rid = ($this->loggedInUser ? DRUPAL_AUTHENTICATED_RID : DRUPAL_ANONYMOUS_RID);
+ $role_name = ($this->loggedInUser ? DRUPAL_AUTHENTICATED_ROLE : DRUPAL_ANONYMOUS_ROLE);
$perms = array_intersect_key($info, array('access comments' => 1, 'post comments' => 1, 'skip comment approval' => 1, 'edit own comments' => 1));
- user_role_change_permissions($rid, $perms);
+ user_role_change_permissions($role_name, $perms);
// Output verbose debugging information.
// @see Drupal\simpletest\TestBase::error()
@@ -1103,7 +1103,7 @@ class CommentAnonymous extends CommentHelperCase {
function testAnonymous() {
$this->drupalLogin($this->admin_user);
// Enabled anonymous user comments.
- user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array(
+ user_role_change_permissions(DRUPAL_ANONYMOUS_ROLE, array(
'access comments' => TRUE,
'post comments' => TRUE,
'skip comment approval' => TRUE,
@@ -1188,7 +1188,7 @@ class CommentAnonymous extends CommentHelperCase {
$this->drupalLogout();
// Reset.
- user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array(
+ user_role_change_permissions(DRUPAL_ANONYMOUS_ROLE, array(
'access comments' => FALSE,
'post comments' => FALSE,
'skip comment approval' => FALSE,
@@ -1207,7 +1207,7 @@ class CommentAnonymous extends CommentHelperCase {
$this->assertNoFieldByName('subject', '', t('Subject field not found.'));
$this->assertNoFieldByName("comment_body[$langcode][0][value]", '', t('Comment field not found.'));
- user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array(
+ user_role_change_permissions(DRUPAL_ANONYMOUS_ROLE, array(
'access comments' => TRUE,
'post comments' => FALSE,
'skip comment approval' => FALSE,
@@ -1217,7 +1217,7 @@ class CommentAnonymous extends CommentHelperCase {
$this->assertLink('Log in', 1, t('Link to log in was found.'));
$this->assertLink('register', 1, t('Link to register was found.'));
- user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array(
+ user_role_change_permissions(DRUPAL_ANONYMOUS_ROLE, array(
'access comments' => FALSE,
'post comments' => TRUE,
'skip comment approval' => TRUE,
@@ -1584,7 +1584,7 @@ class CommentApprovalTest extends CommentHelperCase {
*/
function testApprovalAdminInterface() {
// Set anonymous comments to require approval.
- user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array(
+ user_role_change_permissions(DRUPAL_ANONYMOUS_ROLE, array(
'access comments' => TRUE,
'post comments' => TRUE,
'skip comment approval' => FALSE,
@@ -1653,7 +1653,7 @@ class CommentApprovalTest extends CommentHelperCase {
*/
function testApprovalNodeInterface() {
// Set anonymous comments to require approval.
- user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array(
+ user_role_change_permissions(DRUPAL_ANONYMOUS_ROLE, array(
'access comments' => TRUE,
'post comments' => TRUE,
'skip comment approval' => FALSE,
@@ -1732,13 +1732,13 @@ class CommentBlockFunctionalTest extends CommentHelperCase {
// Test that a user without the 'access comments' permission cannot see the
// block.
$this->drupalLogout();
- user_role_revoke_permissions(DRUPAL_ANONYMOUS_RID, array('access comments'));
+ user_role_revoke_permissions(DRUPAL_ANONYMOUS_ROLE, array('access comments'));
// drupalCreateNode() does not automatically flush content caches unlike
// posting a node from a node form.
cache_clear_all();
$this->drupalGet('');
$this->assertNoText($block['title'], t('Block was not found.'));
- user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array('access comments'));
+ user_role_grant_permissions(DRUPAL_ANONYMOUS_ROLE, array('access comments'));
// Test that a user with the 'access comments' permission can see the
// block.
diff --git a/core/modules/contact/contact.test b/core/modules/contact/contact.test
index c80f21d..89d73ed 100644
--- a/core/modules/contact/contact.test
+++ b/core/modules/contact/contact.test
@@ -44,7 +44,7 @@ class ContactSitewideTestCase extends WebTestBase {
$this->deleteCategories();
// Ensure that the contact form won't be shown without categories.
- user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array('access site-wide contact form'));
+ user_role_grant_permissions(DRUPAL_ANONYMOUS_ROLE, array('access site-wide contact form'));
$this->drupalLogout();
$this->drupalGet('contact');
$this->assertResponse(404);
@@ -85,7 +85,7 @@ class ContactSitewideTestCase extends WebTestBase {
$this->assertRaw(t('Category %category has been saved.', array('%category' => $category)), t('Category successfully saved.'));
// Ensure that the contact form is shown without a category selection input.
- user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array('access site-wide contact form'));
+ user_role_grant_permissions(DRUPAL_ANONYMOUS_ROLE, array('access site-wide contact form'));
$this->drupalLogout();
$this->drupalGet('contact');
$this->assertText(t('Your e-mail address'), t('Contact form is shown when there is one category.'));
@@ -111,12 +111,12 @@ class ContactSitewideTestCase extends WebTestBase {
$this->drupalLogout();
// Check to see that anonymous user cannot see contact page without permission.
- user_role_revoke_permissions(DRUPAL_ANONYMOUS_RID, array('access site-wide contact form'));
+ user_role_revoke_permissions(DRUPAL_ANONYMOUS_ROLE, array('access site-wide contact form'));
$this->drupalGet('contact');
$this->assertResponse(403, t('Access denied to anonymous user without permission.'));
// Give anonymous user permission and see that page is viewable.
- user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array('access site-wide contact form'));
+ user_role_grant_permissions(DRUPAL_ANONYMOUS_ROLE, array('access site-wide contact form'));
$this->drupalGet('contact');
$this->assertResponse(200, t('Access granted to anonymous user with permission.'));
@@ -344,12 +344,12 @@ class ContactPersonalTestCase extends WebTestBase {
// Test that anonymous users can access the contact form.
$this->drupalLogout();
- user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array('access user contact forms'));
+ user_role_grant_permissions(DRUPAL_ANONYMOUS_ROLE, array('access user contact forms'));
$this->drupalGet('user/' . $this->contact_user->uid . '/contact');
$this->assertResponse(200);
// Revoke the personal contact permission for the anonymous user.
- user_role_revoke_permissions(DRUPAL_ANONYMOUS_RID, array('access user contact forms'));
+ user_role_revoke_permissions(DRUPAL_ANONYMOUS_ROLE, array('access user contact forms'));
$this->drupalGet('user/' . $this->contact_user->uid . '/contact');
$this->assertResponse(403);
diff --git a/core/modules/field/modules/text/text.test b/core/modules/field/modules/text/text.test
index a41e8cd..7c8739a 100644
--- a/core/modules/field/modules/text/text.test
+++ b/core/modules/field/modules/text/text.test
@@ -215,8 +215,10 @@ class TextFieldTestCase extends WebTestBase {
$format = filter_format_load($edit['format']);
$format_id = $format->format;
$permission = filter_permission_name($format);
- $rid = max(array_keys($this->web_user->roles));
- user_role_grant_permissions($rid, array($permission));
+ $roles = $this->web_user->roles;
+ unset($roles[DRUPAL_AUTHENTICATED_ROLE]);
+ $role = key($roles);
+ user_role_grant_permissions($role, array($permission));
$this->drupalLogin($this->web_user);
// Display edition form.
diff --git a/core/modules/file/tests/file.test b/core/modules/file/tests/file.test
index febd1da..7f0a8c3 100644
--- a/core/modules/file/tests/file.test
+++ b/core/modules/file/tests/file.test
@@ -556,7 +556,7 @@ class FileFieldWidgetTestCase extends FileFieldTestCase {
// Remove access comments permission from anon user.
$edit = array(
- '1[access comments]' => FALSE,
+ DRUPAL_ANONYMOUS_ROLE . '[access comments]' => FALSE,
);
$this->drupalPost('admin/people/permissions', $edit, t('Save permissions'));
diff --git a/core/modules/filter/filter.admin.inc b/core/modules/filter/filter.admin.inc
index 40a5eab..8f4f482 100644
--- a/core/modules/filter/filter.admin.inc
+++ b/core/modules/filter/filter.admin.inc
@@ -319,8 +319,8 @@ function filter_admin_format_form_submit($form, &$form_state) {
// Save user permissions.
if ($permission = filter_permission_name($format)) {
- foreach ($format->roles as $rid => $enabled) {
- user_role_change_permissions($rid, array($permission => $enabled));
+ foreach ($format->roles as $role_name => $enabled) {
+ user_role_change_permissions($role_name, array($permission => $enabled));
}
}
diff --git a/core/modules/filter/filter.module b/core/modules/filter/filter.module
index 5d5589e..1f0bf3b 100644
--- a/core/modules/filter/filter.module
+++ b/core/modules/filter/filter.module
@@ -451,7 +451,7 @@ function filter_formats_reset() {
* @param $format
* An object representing the text format.
* @return
- * An array of role names, keyed by role ID.
+ * An array of role names, keyed by role name.
*/
function filter_get_roles_by_format($format) {
// Handle the fallback format upfront (all roles have access to this format).
@@ -466,17 +466,17 @@ function filter_get_roles_by_format($format) {
/**
* Retrieves a list of text formats that are allowed for a given role.
*
- * @param $rid
- * The user role ID to retrieve text formats for.
+ * @param $role_name
+ * The user role name to retrieve text formats for.
* @return
* An array of text format objects that are allowed for the role, keyed by
* the text format ID and ordered by weight.
*/
-function filter_get_formats_by_role($rid) {
+function filter_get_formats_by_role($role_name) {
$formats = array();
foreach (filter_formats() as $format) {
$roles = filter_get_roles_by_format($format);
- if (isset($roles[$rid])) {
+ if (isset($roles[$role_name])) {
$formats[$format->format] = $format;
}
}
diff --git a/core/modules/filter/filter.test b/core/modules/filter/filter.test
index 923a047..f20d5b5 100644
--- a/core/modules/filter/filter.test
+++ b/core/modules/filter/filter.test
@@ -319,7 +319,7 @@ class FilterAdminTestCase extends WebTestBase {
$edit = array();
$edit['format'] = drupal_strtolower($this->randomName());
$edit['name'] = $this->randomName();
- $edit['roles[2]'] = 1;
+ $edit['roles[' . DRUPAL_AUTHENTICATED_ROLE . ']'] = 1;
$edit['filters[' . $second_filter . '][status]'] = TRUE;
$edit['filters[' . $first_filter . '][status]'] = TRUE;
$this->drupalPost('admin/config/content/formats/add', $edit, t('Save configuration'));
@@ -329,7 +329,7 @@ class FilterAdminTestCase extends WebTestBase {
$format = filter_format_load($edit['format']);
$this->assertNotNull($format, t('Format found in database.'));
- $this->assertFieldByName('roles[2]', '', t('Role found.'));
+ $this->assertFieldByName('roles[' . DRUPAL_AUTHENTICATED_ROLE . ']', '', t('Role found.'));
$this->assertFieldByName('filters[' . $second_filter . '][status]', '', t('Line break filter found.'));
$this->assertFieldByName('filters[' . $first_filter . '][status]', '', t('Url filter found.'));
@@ -340,8 +340,8 @@ class FilterAdminTestCase extends WebTestBase {
// Allow authenticated users on full HTML.
$format = filter_format_load($full);
$edit = array();
- $edit['roles[1]'] = 0;
- $edit['roles[2]'] = 1;
+ $edit['roles[' . DRUPAL_ANONYMOUS_ROLE . ']'] = 0;
+ $edit['roles[' . DRUPAL_AUTHENTICATED_ROLE . ']'] = 1;
$this->drupalPost('admin/config/content/formats/' . $full, $edit, t('Save configuration'));
$this->assertRaw(t('The text format %format has been updated.', array('%format' => $format->name)), t('Full HTML format successfully updated.'));
@@ -391,10 +391,10 @@ class FilterAdminTestCase extends WebTestBase {
// Full HTML.
$edit = array();
- $edit['roles[2]'] = FALSE;
+ $edit['roles[' . DRUPAL_AUTHENTICATED_ROLE . ']'] = FALSE;
$this->drupalPost('admin/config/content/formats/' . $full, $edit, t('Save configuration'));
$this->assertRaw(t('The text format %format has been updated.', array('%format' => $format->name)), t('Full HTML format successfully reverted.'));
- $this->assertFieldByName('roles[2]', $edit['roles[2]'], t('Changes reverted.'));
+ $this->assertFieldByName('roles[' . DRUPAL_AUTHENTICATED_ROLE . ']', $edit['roles[' . DRUPAL_AUTHENTICATED_ROLE . ']'], t('Changes reverted.'));
// Filter order.
$edit = array();
@@ -515,23 +515,25 @@ class FilterFormatAccessTestCase extends WebTestBase {
}
function testFormatRoles() {
- // Get the role ID assigned to the regular user; it must be the maximum.
- $rid = max(array_keys($this->web_user->roles));
+ // Get the role name assigned to the regular user.
+ $roles = $this->web_user->roles;
+ unset($roles[DRUPAL_AUTHENTICATED_ROLE]);
+ $role_name = key($roles);
// Check that this role appears in the list of roles that have access to an
// allowed text format, but does not appear in the list of roles that have
// access to a disallowed text format.
- $this->assertTrue(in_array($rid, array_keys(filter_get_roles_by_format($this->allowed_format))), t('A role which has access to a text format appears in the list of roles that have access to that format.'));
- $this->assertFalse(in_array($rid, array_keys(filter_get_roles_by_format($this->disallowed_format))), t('A role which does not have access to a text format does not appear in the list of roles that have access to that format.'));
+ $this->assertTrue(in_array($role_name, array_keys(filter_get_roles_by_format($this->allowed_format))), t('A role which has access to a text format appears in the list of roles that have access to that format.'));
+ $this->assertFalse(in_array($role_name, array_keys(filter_get_roles_by_format($this->disallowed_format))), t('A role which does not have access to a text format does not appear in the list of roles that have access to that format.'));
// Check that the correct text format appears in the list of formats
// available to that role.
- $this->assertTrue(in_array($this->allowed_format->format, array_keys(filter_get_formats_by_role($rid))), t('A text format which a role has access to appears in the list of formats available to that role.'));
- $this->assertFalse(in_array($this->disallowed_format->format, array_keys(filter_get_formats_by_role($rid))), t('A text format which a role does not have access to does not appear in the list of formats available to that role.'));
+ $this->assertTrue(in_array($this->allowed_format->format, array_keys(filter_get_formats_by_role($role_name))), t('A text format which a role has access to appears in the list of formats available to that role.'));
+ $this->assertFalse(in_array($this->disallowed_format->format, array_keys(filter_get_formats_by_role($role_name))), t('A text format which a role does not have access to does not appear in the list of formats available to that role.'));
// Check that the fallback format is always allowed.
$this->assertEqual(filter_get_roles_by_format(filter_format_load(filter_fallback_format())), user_roles(), t('All roles have access to the fallback format.'));
- $this->assertTrue(in_array(filter_fallback_format(), array_keys(filter_get_formats_by_role($rid))), t('The fallback format appears in the list of allowed formats for any role.'));
+ $this->assertTrue(in_array(filter_fallback_format(), array_keys(filter_get_formats_by_role($role_name))), t('The fallback format appears in the list of allowed formats for any role.'));
}
/**
@@ -772,7 +774,7 @@ class FilterSecurityTestCase extends WebTestBase {
filter_format_save($filtered_html_format);
$filtered_html_permission = filter_permission_name($filtered_html_format);
- user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array($filtered_html_permission));
+ user_role_grant_permissions(DRUPAL_ANONYMOUS_ROLE, array($filtered_html_permission));
$this->admin_user = $this->drupalCreateUser(array('administer modules', 'administer filters', 'administer site configuration'));
$this->drupalLogin($this->admin_user);
@@ -1829,7 +1831,7 @@ class FilterHooksTestCase extends WebTestBase {
$edit = array();
$edit['format'] = drupal_strtolower($this->randomName());
$edit['name'] = $name;
- $edit['roles[1]'] = 1;
+ $edit['roles[' . DRUPAL_ANONYMOUS_ROLE . ']'] = 1;
$this->drupalPost('admin/config/content/formats/add', $edit, t('Save configuration'));
$this->assertRaw(t('Added text format %format.', array('%format' => $name)), t('New format created.'));
$this->assertText('hook_filter_format_insert invoked.', t('hook_filter_format_insert was invoked.'));
@@ -1838,7 +1840,7 @@ class FilterHooksTestCase extends WebTestBase {
// Update text format.
$edit = array();
- $edit['roles[2]'] = 1;
+ $edit['roles[' . DRUPAL_AUTHENTICATED_ROLE . ']'] = 1;
$this->drupalPost('admin/config/content/formats/' . $format_id, $edit, t('Save configuration'));
$this->assertRaw(t('The text format %format has been updated.', array('%format' => $name)), t('Format successfully updated.'));
$this->assertText('hook_filter_format_update invoked.', t('hook_filter_format_update() was invoked.'));
diff --git a/core/modules/image/image.test b/core/modules/image/image.test
index f9a4ec1..2297f8d 100644
--- a/core/modules/image/image.test
+++ b/core/modules/image/image.test
@@ -618,7 +618,7 @@ class ImageFieldDisplayTestCase extends ImageFieldTestCase {
*/
function testImageFieldFormattersPrivate() {
// Remove access content permission from anonymous users.
- user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array('access content' => FALSE));
+ user_role_change_permissions(DRUPAL_ANONYMOUS_ROLE, array('access content' => FALSE));
$this->_testImageFieldFormatters('private');
}
diff --git a/core/modules/node/node.api.php b/core/modules/node/node.api.php
index ce3b784..2edf632 100644
--- a/core/modules/node/node.api.php
+++ b/core/modules/node/node.api.php
@@ -139,7 +139,7 @@
* associated with permission to view, edit, and delete individual nodes.
*
* The realms and grant IDs can be arbitrarily defined by your node access
- * module; it is common to use role IDs as grant IDs, but that is not
+ * module; it is common to use role names as grant IDs, but that is not
* required. Your module could instead maintain its own list of users, where
* each list has an ID. In that case, the return value of this hook would be
* an array of the list IDs that this user is a member of.
diff --git a/core/modules/node/node.test b/core/modules/node/node.test
index 9188bad..82895c6 100644
--- a/core/modules/node/node.test
+++ b/core/modules/node/node.test
@@ -876,7 +876,7 @@ class NodeAccessUnitTest extends NodeWebTestCase {
parent::setUp();
// Clear permissions for authenticated users.
db_delete('role_permission')
- ->condition('rid', DRUPAL_AUTHENTICATED_RID)
+ ->condition('role_name', DRUPAL_AUTHENTICATED_ROLE)
->execute();
}
@@ -1584,7 +1584,7 @@ class NodeAdminTestCase extends NodeWebTestCase {
// Remove the "view own unpublished content" permission which is set
// by default for authenticated users so we can test this permission
// correctly.
- user_role_revoke_permissions(DRUPAL_AUTHENTICATED_RID, array('view own unpublished content'));
+ user_role_revoke_permissions(DRUPAL_AUTHENTICATED_ROLE, array('view own unpublished content'));
$this->admin_user = $this->drupalCreateUser(array('access administration pages', 'access content overview', 'administer nodes', 'bypass node access'));
$this->base_user_1 = $this->drupalCreateUser(array('access content overview'));
@@ -1833,7 +1833,7 @@ class NodeBlockFunctionalTest extends NodeWebTestCase {
$this->drupalLogin($this->admin_user);
// Disallow anonymous users to view content.
- user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array(
+ user_role_change_permissions(DRUPAL_ANONYMOUS_ROLE, array(
'access content' => FALSE,
));
diff --git a/core/modules/php/php.test b/core/modules/php/php.test
index 7f86ecc..480a2ab 100644
--- a/core/modules/php/php.test
+++ b/core/modules/php/php.test
@@ -38,8 +38,8 @@ class PHPTestCase extends WebTestBase {
// Verify that anonymous and authenticated user roles do not have access.
$this->drupalGet('admin/config/content/formats/' . $php_format_id);
- $this->assertFieldByName('roles[1]', FALSE, t('Anonymous users do not have access to PHP code format.'));
- $this->assertFieldByName('roles[2]', FALSE, t('Authenticated users do not have access to PHP code format.'));
+ $this->assertFieldByName('roles[' . DRUPAL_ANONYMOUS_ROLE . ']', FALSE, t('Anonymous users do not have access to PHP code format.'));
+ $this->assertFieldByName('roles[' . DRUPAL_AUTHENTICATED_ROLE . ']', FALSE, t('Authenticated users do not have access to PHP code format.'));
}
/**
diff --git a/core/modules/poll/poll.test b/core/modules/poll/poll.test
index b43c4073..b3ab206 100644
--- a/core/modules/poll/poll.test
+++ b/core/modules/poll/poll.test
@@ -491,7 +491,7 @@ class PollVoteCheckHostname extends PollWebTestCase {
$this->drupalLogin($this->admin_user);
// Allow anonymous users to vote on polls.
- user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array(
+ user_role_change_permissions(DRUPAL_ANONYMOUS_ROLE, array(
'access content' => TRUE,
'vote on polls' => TRUE,
'cancel own vote' => TRUE,
diff --git a/core/modules/rdf/rdf.test b/core/modules/rdf/rdf.test
index 0c60f41..1a667b2 100644
--- a/core/modules/rdf/rdf.test
+++ b/core/modules/rdf/rdf.test
@@ -433,7 +433,7 @@ class RdfCommentAttributesTestCase extends CommentHelperCase {
$this->web_user = $this->drupalCreateUser(array('access comments', 'post comments', 'create article content', 'access user profiles'));
// Enables anonymous user comments.
- user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array(
+ user_role_change_permissions(DRUPAL_ANONYMOUS_ROLE, array(
'access comments' => TRUE,
'post comments' => TRUE,
'skip comment approval' => TRUE,
@@ -593,7 +593,7 @@ class RdfTrackerAttributesTestCase extends WebTestBase {
function setUp() {
parent::setUp('rdf', 'rdf_test', 'tracker');
// Enable anonymous posting of content.
- user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array(
+ user_role_change_permissions(DRUPAL_ANONYMOUS_ROLE, array(
'create article content' => TRUE,
'access comments' => TRUE,
'post comments' => TRUE,
diff --git a/core/modules/search/search.test b/core/modules/search/search.test
index 619055c..4c64265 100644
--- a/core/modules/search/search.test
+++ b/core/modules/search/search.test
@@ -788,9 +788,9 @@ class SearchCommentTestCase extends SearchWebTestCase {
$this->drupalPost('admin/config/content/formats/' . $filtered_html_format_id, $edit, t('Save configuration'));
// Allow anonymous users to search content.
$edit = array(
- DRUPAL_ANONYMOUS_RID . '[search content]' => 1,
- DRUPAL_ANONYMOUS_RID . '[access comments]' => 1,
- DRUPAL_ANONYMOUS_RID . '[post comments]' => 1,
+ DRUPAL_ANONYMOUS_ROLE . '[search content]' => 1,
+ DRUPAL_ANONYMOUS_ROLE . '[access comments]' => 1,
+ DRUPAL_ANONYMOUS_ROLE . '[post comments]' => 1,
);
$this->drupalPost('admin/people/permissions', $edit, t('Save permissions'));
@@ -849,7 +849,7 @@ class SearchCommentTestCase extends SearchWebTestCase {
$comment_body = 'Test comment body';
$this->comment_subject = 'Test comment subject';
$this->admin_role = $this->admin_user->roles;
- unset($this->admin_role[DRUPAL_AUTHENTICATED_RID]);
+ unset($this->admin_role[DRUPAL_AUTHENTICATED_ROLE]);
$this->admin_role = key($this->admin_role);
// Create a node.
@@ -863,17 +863,17 @@ class SearchCommentTestCase extends SearchWebTestCase {
$this->drupalPost('comment/reply/' . $this->node->nid, $edit_comment, t('Save'));
$this->drupalLogout();
- $this->setRolePermissions(DRUPAL_ANONYMOUS_RID);
+ $this->setRolePermissions(DRUPAL_ANONYMOUS_ROLE);
$this->checkCommentAccess('Anon user has search permission but no access comments permission, comments should not be indexed');
- $this->setRolePermissions(DRUPAL_ANONYMOUS_RID, TRUE);
+ $this->setRolePermissions(DRUPAL_ANONYMOUS_ROLE, TRUE);
$this->checkCommentAccess('Anon user has search permission and access comments permission, comments should be indexed', TRUE);
$this->drupalLogin($this->admin_user);
$this->drupalGet('admin/people/permissions');
// Disable search access for authenticated user to test admin user.
- $this->setRolePermissions(DRUPAL_AUTHENTICATED_RID, FALSE, FALSE);
+ $this->setRolePermissions(DRUPAL_AUTHENTICATED_ROLE, FALSE, FALSE);
$this->setRolePermissions($this->admin_role);
$this->checkCommentAccess('Admin user has search permission but no access comments permission, comments should not be indexed');
@@ -881,21 +881,21 @@ class SearchCommentTestCase extends SearchWebTestCase {
$this->setRolePermissions($this->admin_role, TRUE);
$this->checkCommentAccess('Admin user has search permission and access comments permission, comments should be indexed', TRUE);
- $this->setRolePermissions(DRUPAL_AUTHENTICATED_RID);
+ $this->setRolePermissions(DRUPAL_AUTHENTICATED_ROLE);
$this->checkCommentAccess('Authenticated user has search permission but no access comments permission, comments should not be indexed');
- $this->setRolePermissions(DRUPAL_AUTHENTICATED_RID, TRUE);
+ $this->setRolePermissions(DRUPAL_AUTHENTICATED_ROLE, TRUE);
$this->checkCommentAccess('Authenticated user has search permission and access comments permission, comments should be indexed', TRUE);
// Verify that access comments permission is inherited from the
// authenticated role.
- $this->setRolePermissions(DRUPAL_AUTHENTICATED_RID, TRUE, FALSE);
+ $this->setRolePermissions(DRUPAL_AUTHENTICATED_ROLE, TRUE, FALSE);
$this->setRolePermissions($this->admin_role);
$this->checkCommentAccess('Admin user has search permission and no access comments permission, but comments should be indexed because admin user inherits authenticated user\'s permission to access comments', TRUE);
// Verify that search content permission is inherited from the authenticated
// role.
- $this->setRolePermissions(DRUPAL_AUTHENTICATED_RID, TRUE, TRUE);
+ $this->setRolePermissions(DRUPAL_AUTHENTICATED_ROLE, TRUE, TRUE);
$this->setRolePermissions($this->admin_role, TRUE, FALSE);
$this->checkCommentAccess('Admin user has access comments permission and no search permission, but comments should be indexed because admin user inherits authenticated user\'s permission to search', TRUE);
@@ -904,12 +904,12 @@ class SearchCommentTestCase extends SearchWebTestCase {
/**
* Set permissions for role.
*/
- function setRolePermissions($rid, $access_comments = FALSE, $search_content = TRUE) {
+ function setRolePermissions($role_name, $access_comments = FALSE, $search_content = TRUE) {
$permissions = array(
'access comments' => $access_comments,
'search content' => $search_content,
);
- user_role_change_permissions($rid, $permissions);
+ user_role_change_permissions($role_name, $permissions);
}
/**
diff --git a/core/modules/simpletest/lib/Drupal/simpletest/WebTestBase.php b/core/modules/simpletest/lib/Drupal/simpletest/WebTestBase.php
index 277e97b..23e4aad 100644
--- a/core/modules/simpletest/lib/Drupal/simpletest/WebTestBase.php
+++ b/core/modules/simpletest/lib/Drupal/simpletest/WebTestBase.php
@@ -366,10 +366,10 @@ abstract class WebTestBase extends TestBase {
*/
protected function drupalCreateUser(array $permissions = array()) {
// Create a role with the given permission set, if any.
- $rid = FALSE;
+ $role_name = FALSE;
if ($permissions) {
- $rid = $this->drupalCreateRole($permissions);
- if (!$rid) {
+ $role_name = $this->drupalCreateRole($permissions);
+ if (!$role_name) {
return FALSE;
}
}
@@ -380,8 +380,8 @@ abstract class WebTestBase extends TestBase {
$edit['mail'] = $edit['name'] . '@example.com';
$edit['pass'] = user_password();
$edit['status'] = 1;
- if ($rid) {
- $edit['roles'] = array($rid => $rid);
+ if ($role_name) {
+ $edit['roles'] = array($role_name => $role_name);
}
$account = entity_create('user', $edit);
@@ -405,12 +405,13 @@ abstract class WebTestBase extends TestBase {
* @param $name
* (optional) String for the name of the role. Defaults to a random string.
* @return
- * Role ID of newly created role, or FALSE if role creation failed.
+ * Role name of newly created role, or FALSE if role creation failed.
*/
protected function drupalCreateRole(array $permissions, $name = NULL) {
// Generate random name if it was not passed.
if (!$name) {
- $name = $this->randomName();
+ // We only want lowercase machine names.
+ $name = strtolower($this->randomName());
}
// Check the all the permissions strings are valid.
@@ -421,14 +422,14 @@ abstract class WebTestBase extends TestBase {
// Create new role.
$role = new stdClass();
$role->name = $name;
- user_role_save($role);
- user_role_grant_permissions($role->rid, $permissions);
+ $result = user_role_save($role);
+ $this->assertTrue($result == SAVED_NEW, t('Created role of name: @name', array('@name' => $name)), t('Role'));
- $this->assertTrue(isset($role->rid), t('Created role of name: @name, id: @rid', array('@name' => $name, '@rid' => (isset($role->rid) ? $role->rid : t('-n/a-')))), t('Role'));
- if ($role && !empty($role->rid)) {
- $count = db_query('SELECT COUNT(*) FROM {role_permission} WHERE rid = :rid', array(':rid' => $role->rid))->fetchField();
+ if ($result == SAVED_NEW) {
+ user_role_grant_permissions($role->name, $permissions);
+ $count = db_query('SELECT COUNT(*) FROM {role_permission} WHERE role_name = :name', array(':name' => $role->name))->fetchField();
$this->assertTrue($count == count($permissions), t('Created permissions: @perms', array('@perms' => implode(', ', $permissions))), t('Role'));
- return $role->rid;
+ return $role->name;
}
else {
return FALSE;
diff --git a/core/modules/system/system.info b/core/modules/system/system.info
index 8a11985..2d89ffe 100644
--- a/core/modules/system/system.info
+++ b/core/modules/system/system.info
@@ -41,3 +41,4 @@ files[] = tests/uuid.test
files[] = tests/xmlrpc.test
files[] = tests/upgrade/upgrade.test
files[] = tests/upgrade/upgrade.language.test
+files[] = tests/upgrade/upgrade.roles.test
diff --git a/core/modules/system/system.test b/core/modules/system/system.test
index e4dc730..4c77f01 100644
--- a/core/modules/system/system.test
+++ b/core/modules/system/system.test
@@ -1006,8 +1006,8 @@ class AccessDeniedTestCase extends WebTestBase {
// Create an administrative user.
$this->admin_user = $this->drupalCreateUser(array('access administration pages', 'administer site configuration', 'administer blocks'));
- user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array('access user profiles'));
- user_role_grant_permissions(DRUPAL_AUTHENTICATED_RID, array('access user profiles'));
+ user_role_grant_permissions(DRUPAL_ANONYMOUS_ROLE, array('access user profiles'));
+ user_role_grant_permissions(DRUPAL_AUTHENTICATED_ROLE, array('access user profiles'));
}
function testAccessDenied() {
@@ -1083,8 +1083,8 @@ class PageNotFoundTestCase extends WebTestBase {
// Create an administrative user.
$this->admin_user = $this->drupalCreateUser(array('administer site configuration'));
- user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array('access user profiles'));
- user_role_grant_permissions(DRUPAL_AUTHENTICATED_RID, array('access user profiles'));
+ user_role_grant_permissions(DRUPAL_ANONYMOUS_ROLE, array('access user profiles'));
+ user_role_grant_permissions(DRUPAL_AUTHENTICATED_ROLE, array('access user profiles'));
}
function testPageNotFound() {
diff --git a/core/modules/system/tests/form.test b/core/modules/system/tests/form.test
index fe5f922..e5c489e 100644
--- a/core/modules/system/tests/form.test
+++ b/core/modules/system/tests/form.test
@@ -28,7 +28,7 @@ class FormsTestCase extends WebTestBase {
filter_format_save($filtered_html_format);
$filtered_html_permission = filter_permission_name($filtered_html_format);
- user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array($filtered_html_permission));
+ user_role_grant_permissions(DRUPAL_ANONYMOUS_ROLE, array($filtered_html_permission));
}
/**
diff --git a/core/modules/system/tests/menu.test b/core/modules/system/tests/menu.test
index dbd94a1..1f37fb4 100644
--- a/core/modules/system/tests/menu.test
+++ b/core/modules/system/tests/menu.test
@@ -1385,7 +1385,7 @@ class MenuBreadcrumbTestCase extends MenuWebTestCase {
// Verify breadcrumbs on user and user/%.
// We need to log back in and out below, and cannot simply grant the
// 'administer users' permission, since user_page() makes your head explode.
- user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array(
+ user_role_grant_permissions(DRUPAL_ANONYMOUS_ROLE, array(
'access user profiles',
));
$this->drupalLogout();
diff --git a/core/modules/system/tests/module.test b/core/modules/system/tests/module.test
index 761992d..ecfd12a 100644
--- a/core/modules/system/tests/module.test
+++ b/core/modules/system/tests/module.test
@@ -369,7 +369,7 @@ class ModuleUninstallTestCase extends WebTestBase {
drupal_uninstall_modules(array('module_test'));
// Are the perms defined by module_test removed from {role_permission}.
- $count = db_query("SELECT COUNT(rid) FROM {role_permission} WHERE permission = :perm", array(':perm' => 'module_test perm'))->fetchField();
+ $count = db_query("SELECT COUNT(role_name) FROM {role_permission} WHERE permission = :perm", array(':perm' => 'module_test perm'))->fetchField();
$this->assertEqual(0, $count, t('Permissions were all removed.'));
}
}
diff --git a/core/modules/system/tests/upgrade/drupal-7.roles.database.php b/core/modules/system/tests/upgrade/drupal-7.roles.database.php
new file mode 100644
index 0000000..a0ffe0a
--- /dev/null
+++ b/core/modules/system/tests/upgrade/drupal-7.roles.database.php
@@ -0,0 +1,63 @@
+fields(array(
+ 'rid',
+ 'name',
+ 'weight',
+))
+// Adds a role with an umlaut in it.
+->values(array(
+ 'rid' => '4',
+ 'name' => 'gärtner',
+ 'weight' => '3',
+))
+// Adds a very long role name.
+->values(array(
+ 'rid' => '5',
+ 'name' => 'very long role name that has exactly sixty-four characters in it',
+ 'weight' => '4',
+))
+// Adds a very similar role name to test edge cases.
+->values(array(
+ 'rid' => '6',
+ 'name' => 'very_long role name that has exactly sixty-four characters in it',
+ 'weight' => '5',
+))
+->execute();
+
+// Add the "Edit own comments" permission to the gärtner test role.
+db_insert('role_permission')->fields(array(
+ 'rid',
+ 'permission',
+ 'module',
+))
+->values(array(
+ 'rid' => '4',
+ 'permission' => 'edit own comments',
+ 'module' => 'comment',
+))
+->execute();
+
+// Adds some role visibility settings on the who's online block for the long
+// role.
+db_insert('block_role')->fields(array(
+ 'module',
+ 'delta',
+ 'rid',
+))
+->values(array(
+ 'module' => 'user',
+ 'delta' => 'online',
+ 'rid' => '5',
+))
+->execute();
diff --git a/core/modules/system/tests/upgrade/upgrade.roles.test b/core/modules/system/tests/upgrade/upgrade.roles.test
new file mode 100644
index 0000000..c1fcef5
--- /dev/null
+++ b/core/modules/system/tests/upgrade/upgrade.roles.test
@@ -0,0 +1,56 @@
+ 'Role upgrade test',
+ 'description' => 'Upgrade tests with role data.',
+ 'group' => 'Upgrade path',
+ );
+ }
+
+ public function setUp() {
+ // Path to the database dump files.
+ $this->databaseDumpFiles = array(
+ drupal_get_path('module', 'system') . '/tests/upgrade/drupal-7.bare.standard_all.database.php.gz',
+ drupal_get_path('module', 'system') . '/tests/upgrade/drupal-7.roles.database.php',
+ );
+ parent::setUp();
+ }
+
+ /**
+ * Tests a successful upgrade.
+ */
+ public function testRoleUpgrade() {
+ $this->assertTrue($this->performUpgrade(), 'The upgrade was completed successfully.');
+
+ // Check that "gärtner" has been converted to "4" and that the role
+ // edit page for it exists.
+ $this->drupalGet('admin/people/permissions/roles/edit/4');
+ $this->assertResponse(200, 'Role edit page for "gärtner" was found.');
+
+ // Check that the permission for "gärtner" still exists.
+ $this->drupalGet('admin/people/permissions/4');
+ $this->assertFieldChecked('edit-4-edit-own-comments', 'Edit own comments permission for "gärtner" is set correctly.');
+
+ // Check that the role visibility setting for the who's online block still
+ // exists.
+ $this->drupalGet('admin/structure/block/manage/user/online/configure');
+ $this->assertFieldChecked('edit-roles-5', "Who's online block visibility setting is correctly set for the long role name.");
+ // Check that the role name to label conversion was successful and that the
+ // labels are displayed.
+ $this->assertText('gärtner', 'Role label is displayed on block visibility settings.');
+ $this->assertText('very long role name that has exactly sixty-four characters in it', 'Role label is displayed on block visibility settings.');
+ $this->assertText('very_long role name that has exactly sixty-four characters in it', 'Role label is displayed on block visibility settings.');
+ }
+}
diff --git a/core/modules/user/lib/Drupal/user/UserStorageController.php b/core/modules/user/lib/Drupal/user/UserStorageController.php
index bd0d9b9..2500d7c 100644
--- a/core/modules/user/lib/Drupal/user/UserStorageController.php
+++ b/core/modules/user/lib/Drupal/user/UserStorageController.php
@@ -34,17 +34,17 @@ class UserStorageController extends EntityDatabaseStorageController {
$queried_users[$key]->data = unserialize($record->data);
$queried_users[$key]->roles = array();
if ($record->uid) {
- $queried_users[$record->uid]->roles[DRUPAL_AUTHENTICATED_RID] = 'authenticated user';
+ $queried_users[$record->uid]->roles[DRUPAL_AUTHENTICATED_ROLE] = TRUE;
}
else {
- $queried_users[$record->uid]->roles[DRUPAL_ANONYMOUS_RID] = 'anonymous user';
+ $queried_users[$record->uid]->roles[DRUPAL_ANONYMOUS_ROLE] = TRUE;
}
}
// Add any additional roles from the database.
- $result = db_query('SELECT r.rid, r.name, ur.uid FROM {role} r INNER JOIN {users_roles} ur ON ur.rid = r.rid WHERE ur.uid IN (:uids)', array(':uids' => array_keys($queried_users)));
+ $result = db_query('SELECT r.name, ur.uid FROM {role} r INNER JOIN {users_roles} ur ON ur.role_name = r.name WHERE ur.uid IN (:uids)', array(':uids' => array_keys($queried_users)));
foreach ($result as $record) {
- $queried_users[$record->uid]->roles[$record->rid] = $record->name;
+ $queried_users[$record->uid]->roles[$record->name] = TRUE;
}
// Add the full file objects for user pictures if enabled.
@@ -69,7 +69,7 @@ class UserStorageController extends EntityDatabaseStorageController {
$values['created'] = REQUEST_TIME;
}
// Users always have the authenticated user role.
- $values['roles'][DRUPAL_AUTHENTICATED_RID] = 'authenticated user';
+ $values['roles'][DRUPAL_AUTHENTICATED_ROLE] = TRUE;
return parent::create($values);
}
@@ -184,12 +184,12 @@ class UserStorageController extends EntityDatabaseStorageController {
->condition('uid', $entity->uid)
->execute();
- $query = db_insert('users_roles')->fields(array('uid', 'rid'));
- foreach (array_keys($entity->roles) as $rid) {
- if (!in_array($rid, array(DRUPAL_ANONYMOUS_RID, DRUPAL_AUTHENTICATED_RID))) {
+ $query = db_insert('users_roles')->fields(array('uid', 'role_name'));
+ foreach (array_keys($entity->roles) as $role_name) {
+ if (!in_array($role_name, array(DRUPAL_ANONYMOUS_ROLE, DRUPAL_AUTHENTICATED_ROLE))) {
$query->values(array(
'uid' => $entity->uid,
- 'rid' => $rid,
+ 'role_name' => $role_name,
));
}
}
@@ -211,12 +211,12 @@ class UserStorageController extends EntityDatabaseStorageController {
else {
// Save user roles.
if (count($entity->roles) > 1) {
- $query = db_insert('users_roles')->fields(array('uid', 'rid'));
- foreach (array_keys($entity->roles) as $rid) {
- if (!in_array($rid, array(DRUPAL_ANONYMOUS_RID, DRUPAL_AUTHENTICATED_RID))) {
+ $query = db_insert('users_roles')->fields(array('uid', 'role_name'));
+ foreach (array_keys($entity->roles) as $role_name) {
+ if (!in_array($role_name, array(DRUPAL_ANONYMOUS_ROLE, DRUPAL_AUTHENTICATED_ROLE))) {
$query->values(array(
'uid' => $entity->uid,
- 'rid' => $rid,
+ 'role_name' => $role_name,
));
}
}
diff --git a/core/modules/user/user.admin.inc b/core/modules/user/user.admin.inc
index c65883a..0e434b8 100644
--- a/core/modules/user/user.admin.inc
+++ b/core/modules/user/user.admin.inc
@@ -195,9 +195,9 @@ function user_admin_account() {
$accounts = array();
foreach ($result as $account) {
$users_roles = array();
- $roles_result = db_query('SELECT rid FROM {users_roles} WHERE uid = :uid', array(':uid' => $account->uid));
+ $roles_result = db_query('SELECT role_name FROM {users_roles} WHERE uid = :uid', array(':uid' => $account->uid));
foreach ($roles_result as $user_role) {
- $users_roles[] = $roles[$user_role->rid];
+ $users_roles[] = $roles[$user_role->role_name];
}
asort($users_roles);
@@ -280,8 +280,8 @@ function user_admin_settings() {
// Do not allow users to set the anonymous or authenticated user roles as the
// administrator role.
$roles = user_roles();
- unset($roles[DRUPAL_ANONYMOUS_RID]);
- unset($roles[DRUPAL_AUTHENTICATED_RID]);
+ unset($roles[DRUPAL_ANONYMOUS_ROLE]);
+ unset($roles[DRUPAL_AUTHENTICATED_ROLE]);
$roles[0] = t('disabled');
$form['admin_role']['user_admin_role'] = array(
@@ -647,12 +647,11 @@ function user_admin_settings() {
* @see user_admin_permissions_submit()
* @see theme_user_admin_permissions()
*/
-function user_admin_permissions($form, $form_state, $rid = NULL) {
-
+function user_admin_permissions($form, $form_state, $role_name = NULL) {
// Retrieve role names for columns.
$role_names = user_roles();
- if (is_numeric($rid)) {
- $role_names = array($rid => $role_names[$rid]);
+ if (!empty($role_name)) {
+ $role_names = array($role_name => $role_names[$role_name]);
}
// Fetch permissions for all roles or the one selected role.
$role_permissions = user_role_permissions($role_names);
@@ -694,10 +693,10 @@ function user_admin_permissions($form, $form_state, $rid = NULL) {
'#markup' => $perm_item['title'],
'#description' => theme('user_permission_description', array('permission_item' => $perm_item, 'hide' => $hide_descriptions)),
);
- foreach ($role_names as $rid => $name) {
+ foreach ($role_names as $role_name => $role_label) {
// Builds arrays for checked boxes for each role
- if (isset($role_permissions[$rid][$perm])) {
- $status[$rid][] = $perm;
+ if (isset($role_permissions[$role_name][$perm])) {
+ $status[$role_name][] = $perm;
}
}
}
@@ -705,14 +704,14 @@ function user_admin_permissions($form, $form_state, $rid = NULL) {
}
// Have to build checkboxes here after checkbox arrays are built
- foreach ($role_names as $rid => $name) {
- $form['checkboxes'][$rid] = array(
+ foreach ($role_names as $role_name => $role_label) {
+ $form['checkboxes'][$role_name] = array(
'#type' => 'checkboxes',
'#options' => $options,
- '#default_value' => isset($status[$rid]) ? $status[$rid] : array(),
- '#attributes' => array('class' => array('rid-' . $rid)),
+ '#default_value' => isset($status[$role_name]) ? $status[$role_name] : array(),
+ '#attributes' => array('class' => array('role_name-' . $role_name)),
);
- $form['role_names'][$rid] = array('#markup' => check_plain($name), '#tree' => TRUE);
+ $form['role_names'][$role_name] = array('#markup' => check_plain($role_label), '#tree' => TRUE);
}
$form['actions'] = array('#type' => 'actions');
@@ -729,8 +728,8 @@ function user_admin_permissions($form, $form_state, $rid = NULL) {
* @see user_admin_permissions()
*/
function user_admin_permissions_submit($form, &$form_state) {
- foreach ($form_state['values']['role_names'] as $rid => $name) {
- user_role_change_permissions($rid, $form_state['values'][$rid]);
+ foreach ($form_state['values']['role_names'] as $role_name => $role_label) {
+ user_role_change_permissions($role_name, $form_state['values'][$role_name]);
}
drupal_set_message(t('The changes have been saved.'));
@@ -764,17 +763,17 @@ function theme_user_admin_permissions($variables) {
'data' => drupal_render($form['permission'][$key]),
'class' => array('permission'),
);
- foreach (element_children($form['checkboxes']) as $rid) {
- $form['checkboxes'][$rid][$key]['#title'] = $roles[$rid] . ': ' . $form['permission'][$key]['#markup'];
- $form['checkboxes'][$rid][$key]['#title_display'] = 'invisible';
- $row[] = array('data' => drupal_render($form['checkboxes'][$rid][$key]), 'class' => array('checkbox'));
+ foreach (element_children($form['checkboxes']) as $role_name) {
+ $form['checkboxes'][$role_name][$key]['#title'] = $roles[$role_name] . ': ' . $form['permission'][$key]['#markup'];
+ $form['checkboxes'][$role_name][$key]['#title_display'] = 'invisible';
+ $row[] = array('data' => drupal_render($form['checkboxes'][$role_name][$key]), 'class' => array('checkbox'));
}
}
$rows[] = $row;
}
$header[] = (t('Permission'));
- foreach (element_children($form['role_names']) as $rid) {
- $header[] = array('data' => drupal_render($form['role_names'][$rid]), 'class' => array('checkbox'));
+ foreach (element_children($form['role_names']) as $role_name) {
+ $header[] = array('data' => drupal_render($form['role_names'][$role_name]), 'class' => array('checkbox'));
}
$output = theme('system_compact_link');
$output .= theme('table', array('header' => $header, 'rows' => $rows, 'attributes' => array('id' => 'permissions')));
@@ -826,16 +825,16 @@ function user_admin_roles($form, $form_state) {
'#tree' => TRUE,
);
$order = 0;
- foreach ($roles as $rid => $name) {
- $form['roles'][$rid]['#role'] = (object) array(
- 'rid' => $rid,
+ foreach ($roles as $name => $label) {
+ $form['roles'][$name]['#role'] = (object) array(
'name' => $name,
+ 'label' => $label,
'weight' => $order,
);
- $form['roles'][$rid]['#weight'] = $order;
- $form['roles'][$rid]['weight'] = array(
+ $form['roles'][$name]['#weight'] = $order;
+ $form['roles'][$name]['weight'] = array(
'#type' => 'textfield',
- '#title' => t('Weight for @title', array('@title' => $name)),
+ '#title' => t('Weight for @title', array('@title' => $label)),
'#title_display' => 'invisible',
'#size' => 4,
'#default_value' => $order,
@@ -843,20 +842,6 @@ function user_admin_roles($form, $form_state) {
);
$order++;
}
-
- $form['name'] = array(
- '#type' => 'textfield',
- '#title' => t('Name'),
- '#title_display' => 'invisible',
- '#size' => 32,
- '#maxlength' => 64,
- );
- $form['add'] = array(
- '#type' => 'submit',
- '#value' => t('Add role'),
- '#validate' => array('user_admin_role_validate'),
- '#submit' => array('user_admin_role_submit'),
- );
$form['actions'] = array('#type' => 'actions');
$form['actions']['submit'] = array(
'#type' => 'submit',
@@ -871,8 +856,8 @@ function user_admin_roles($form, $form_state) {
* Form submit function. Update the role weights.
*/
function user_admin_roles_order_submit($form, &$form_state) {
- foreach ($form_state['values']['roles'] as $rid => $role_values) {
- $role = $form['roles'][$rid]['#role'];
+ foreach ($form_state['values']['roles'] as $role_name => $role_values) {
+ $role = $form['roles'][$role_name]['#role'];
$role->weight = $role_values['weight'];
user_role_save($role);
}
@@ -891,25 +876,27 @@ function user_admin_roles_order_submit($form, &$form_state) {
function theme_user_admin_roles($variables) {
$form = $variables['form'];
- $header = array(t('Name'), t('Weight'), array('data' => t('Operations'), 'colspan' => 2));
- foreach (element_children($form['roles']) as $rid) {
- $name = $form['roles'][$rid]['#role']->name;
+ $header = array(t('Label'), t('Machine name'), t('Weight'), array('data' => t('Operations'), 'colspan' => 2));
+ foreach (element_children($form['roles']) as $role_name) {
+ $role = $form['roles'][$role_name]['#role'];
$row = array();
- if (in_array($rid, array(DRUPAL_ANONYMOUS_RID, DRUPAL_AUTHENTICATED_RID))) {
- $row[] = t('@name (locked)', array('@name' => $name));
- $row[] = drupal_render($form['roles'][$rid]['weight']);
+ if (in_array($role_name, array(DRUPAL_ANONYMOUS_ROLE, DRUPAL_AUTHENTICATED_ROLE))) {
+ $row[] = check_plain($role->label);
+ $row[] = t('@name (locked)', array('@name' => $role_name));
+ $row[] = drupal_render($form['roles'][$role_name]['weight']);
$row[] = '';
- $row[] = l(t('edit permissions'), 'admin/people/permissions/' . $rid);
+ $row[] = l(t('edit permissions'), 'admin/people/permissions/' . $role_name);
}
else {
- $row[] = check_plain($name);
- $row[] = drupal_render($form['roles'][$rid]['weight']);
- $row[] = l(t('edit role'), 'admin/people/permissions/roles/edit/' . $rid);
- $row[] = l(t('edit permissions'), 'admin/people/permissions/' . $rid);
+ $row[] = check_plain($role->label);
+ $row[] = check_plain($role_name);
+ $row[] = drupal_render($form['roles'][$role_name]['weight']);
+ $row[] = l(t('edit role'), 'admin/people/permissions/roles/edit/' . $role_name);
+ $row[] = l(t('edit permissions'), 'admin/people/permissions/' . $role_name);
}
$rows[] = array('data' => $row, 'class' => array('draggable'));
}
- $rows[] = array(array('data' => drupal_render($form['name']) . drupal_render($form['add']), 'colspan' => 4, 'class' => 'edit-name'));
+ $rows[] = array(array('data' => drupal_render($form['name']) . drupal_render($form['add']), 'colspan' => 5, 'class' => 'edit-name'));
drupal_add_tabledrag('user-roles', 'order', 'sibling', 'role-weight');
@@ -926,73 +913,60 @@ function theme_user_admin_roles($variables) {
* @see user_admin_role_validate()
* @see user_admin_role_submit()
*/
-function user_admin_role($form, $form_state, $role) {
- if ($role->rid == DRUPAL_ANONYMOUS_RID || $role->rid == DRUPAL_AUTHENTICATED_RID) {
+function user_admin_role($form, $form_state, $role = NULL) {
+ if ($role && ($role->name == DRUPAL_ANONYMOUS_ROLE || $role->name == DRUPAL_AUTHENTICATED_ROLE)) {
drupal_goto('admin/people/permissions/roles');
}
// Display the edit role form.
- $form['name'] = array(
+ $form['label'] = array(
'#type' => 'textfield',
- '#title' => t('Role name'),
- '#default_value' => $role->name,
+ '#title' => t('Role label'),
+ '#default_value' => isset($role->label) ? $role->label : '',
+ '#size' => 60,
+ '#maxlength' => 255,
+ '#description' => t('The label for this role. Example: "Moderator", "Editorial board", "Site architect".'),
+ );
+ $form['name'] = array(
+ '#type' => 'machine_name',
+ '#default_value' => isset($role->name) ? $role->name : '',
'#size' => 30,
- '#required' => TRUE,
'#maxlength' => 64,
- '#description' => t('The name for this role. Example: "moderator", "editorial board", "site architect".'),
- );
- $form['rid'] = array(
- '#type' => 'value',
- '#value' => $role->rid,
+ '#description' => t('The machine name for this role. Example: "moderator", "editorial_board", "site_architect".'),
+ '#disabled' => isset($role->name),
+ '#machine_name' => array(
+ 'exists' => 'user_role_load',
+ 'source' => array('label'),
+ ),
);
$form['weight'] = array(
'#type' => 'value',
- '#value' => $role->weight,
+ '#value' => isset($role->weight) ? $role->weight : NULL,
);
$form['actions'] = array('#type' => 'actions');
$form['actions']['submit'] = array(
'#type' => 'submit',
- '#value' => t('Save role'),
- );
- $form['actions']['delete'] = array(
- '#type' => 'submit',
- '#value' => t('Delete role'),
- '#submit' => array('user_admin_role_delete_submit'),
+ '#value' => isset($role) ? t('Save role') : t('Add role'),
);
+ if ($role) {
+ $form['actions']['delete'] = array(
+ '#type' => 'submit',
+ '#value' => t('Delete role'),
+ '#submit' => array('user_admin_role_delete_submit'),
+ );
+ }
return $form;
}
/**
- * Form validation handler for the user_admin_role() form.
- */
-function user_admin_role_validate($form, &$form_state) {
- if (!empty($form_state['values']['name'])) {
- if ($form_state['values']['op'] == t('Save role')) {
- $role = user_role_load_by_name($form_state['values']['name']);
- if ($role && $role->rid != $form_state['values']['rid']) {
- form_set_error('name', t('The role name %name already exists. Choose another role name.', array('%name' => $form_state['values']['name'])));
- }
- }
- elseif ($form_state['values']['op'] == t('Add role')) {
- if (user_role_load_by_name($form_state['values']['name'])) {
- form_set_error('name', t('The role name %name already exists. Choose another role name.', array('%name' => $form_state['values']['name'])));
- }
- }
- }
- else {
- form_set_error('name', t('You must specify a valid role name.'));
- }
-}
-
-/**
* Form submit handler for the user_admin_role() form.
*/
function user_admin_role_submit($form, &$form_state) {
$role = (object) $form_state['values'];
if ($form_state['values']['op'] == t('Save role')) {
user_role_save($role);
- drupal_set_message(t('The role has been renamed.'));
+ drupal_set_message(t('The role label has been renamed.'));
}
elseif ($form_state['values']['op'] == t('Add role')) {
user_role_save($role);
@@ -1006,16 +980,16 @@ function user_admin_role_submit($form, &$form_state) {
* Form submit handler for the user_admin_role() form.
*/
function user_admin_role_delete_submit($form, &$form_state) {
- $form_state['redirect'] = 'admin/people/permissions/roles/delete/' . $form_state['values']['rid'];
+ $form_state['redirect'] = 'admin/people/permissions/roles/delete/' . $form_state['values']['name'];
}
/**
* Form to confirm role delete operation.
*/
function user_admin_role_delete_confirm($form, &$form_state, $role) {
- $form['rid'] = array(
+ $form['name'] = array(
'#type' => 'value',
- '#value' => $role->rid,
+ '#value' => $role->name,
);
return confirm_form($form, t('Are you sure you want to delete the role %name ?', array('%name' => $role->name)), 'admin/people/permissions/roles', t('This action cannot be undone.'), t('Delete'));
}
@@ -1024,7 +998,7 @@ function user_admin_role_delete_confirm($form, &$form_state, $role) {
* Form submit handler for user_admin_role_delete_confirm().
*/
function user_admin_role_delete_confirm_submit($form, &$form_state) {
- user_role_delete((int) $form_state['values']['rid']);
+ user_role_delete($form_state['values']['name']);
drupal_set_message(t('The role has been deleted.'));
$form_state['redirect'] = 'admin/people/permissions/roles';
}
diff --git a/core/modules/user/user.api.php b/core/modules/user/user.api.php
index 8c7286e..3996d27 100644
--- a/core/modules/user/user.api.php
+++ b/core/modules/user/user.api.php
@@ -408,7 +408,7 @@ function hook_user_role_insert($role) {
// Save extra fields provided by the module to user roles.
db_insert('my_module_table')
->fields(array(
- 'rid' => $role->rid,
+ 'role_name' => $role->name,
'role_description' => $role->description,
))
->execute();
@@ -428,7 +428,7 @@ function hook_user_role_insert($role) {
function hook_user_role_update($role) {
// Save extra fields provided by the module to user roles.
db_merge('my_module_table')
- ->key(array('rid' => $role->rid))
+ ->key(array('role_name' => $role->name))
->fields(array(
'role_description' => $role->description
))
@@ -449,7 +449,7 @@ function hook_user_role_update($role) {
function hook_user_role_delete($role) {
// Delete existing instances of the deleted role.
db_delete('my_module_table')
- ->condition('rid', $role->rid)
+ ->condition('role_name', $role->name)
->execute();
}
diff --git a/core/modules/user/user.install b/core/modules/user/user.install
index ce11aaf..b8e040c 100644
--- a/core/modules/user/user.install
+++ b/core/modules/user/user.install
@@ -54,18 +54,18 @@ function user_schema() {
$schema['role_permission'] = array(
'description' => 'Stores the permissions assigned to user roles.',
'fields' => array(
- 'rid' => array(
- 'type' => 'int',
- 'unsigned' => TRUE,
+ 'role_name' => array(
+ 'type' => 'varchar',
+ 'length' => 64,
'not null' => TRUE,
- 'description' => 'Foreign Key: {role}.rid.',
+ 'description' => 'Foreign Key: {role}.name.',
),
'permission' => array(
'type' => 'varchar',
'length' => 128,
'not null' => TRUE,
'default' => '',
- 'description' => 'A single permission granted to the role identified by rid.',
+ 'description' => 'A single permission granted to the role identified by role_name.',
),
'module' => array(
'type' => 'varchar',
@@ -75,14 +75,14 @@ function user_schema() {
'description' => "The module declaring the permission.",
),
),
- 'primary key' => array('rid', 'permission'),
+ 'primary key' => array('role_name', 'permission'),
'indexes' => array(
'permission' => array('permission'),
),
'foreign keys' => array(
'role' => array(
- 'table' => 'roles',
- 'columns' => array('rid' => 'rid'),
+ 'table' => 'role',
+ 'columns' => array('role_name' => 'name'),
),
),
);
@@ -90,18 +90,18 @@ function user_schema() {
$schema['role'] = array(
'description' => 'Stores user roles.',
'fields' => array(
- 'rid' => array(
- 'type' => 'serial',
- 'unsigned' => TRUE,
- 'not null' => TRUE,
- 'description' => 'Primary Key: Unique role ID.',
- ),
'name' => array(
'type' => 'varchar',
'length' => 64,
'not null' => TRUE,
'default' => '',
'description' => 'Unique role name.',
+ ),
+ 'label' => array(
+ 'type' => 'varchar',
+ 'length' => 255,
+ 'default' => '',
+ 'description' => 'Role label.',
'translatable' => TRUE,
),
'weight' => array(
@@ -111,10 +111,7 @@ function user_schema() {
'description' => 'The weight of this role in listings and the user interface.',
),
),
- 'unique keys' => array(
- 'name' => array('name'),
- ),
- 'primary key' => array('rid'),
+ 'primary key' => array('name'),
'indexes' => array(
'name_weight' => array('name', 'weight'),
),
@@ -267,17 +264,17 @@ function user_schema() {
'default' => 0,
'description' => 'Primary Key: {users}.uid for user.',
),
- 'rid' => array(
- 'type' => 'int',
- 'unsigned' => TRUE,
+ 'role_name' => array(
+ 'type' => 'varchar',
+ 'length' => 64,
'not null' => TRUE,
- 'default' => 0,
- 'description' => 'Primary Key: {role}.rid for role.',
+ 'default' => '',
+ 'description' => 'Primary Key: {role}.name for role.',
),
),
- 'primary key' => array('uid', 'rid'),
+ 'primary key' => array('uid', 'role_name'),
'indexes' => array(
- 'rid' => array('rid'),
+ 'role_name' => array('role_name'),
),
'foreign keys' => array(
'user' => array(
@@ -285,8 +282,8 @@ function user_schema() {
'columns' => array('uid' => 'uid'),
),
'role' => array(
- 'table' => 'roles',
- 'columns' => array('rid' => 'rid'),
+ 'table' => 'role',
+ 'columns' => array('role_name' => 'name'),
),
),
);
@@ -322,28 +319,16 @@ function user_install() {
->execute();
// Built-in roles.
- $rid_anonymous = db_insert('role')
- ->fields(array('name' => 'anonymous user', 'weight' => 0))
+ db_insert('role')->fields(array(
+ 'name' => DRUPAL_ANONYMOUS_ROLE,
+ 'label' => 'Anonymous user',
+ 'weight' => 0))
->execute();
- $rid_authenticated = db_insert('role')
- ->fields(array('name' => 'authenticated user', 'weight' => 1))
+ db_insert('role')->fields(array(
+ 'name' => DRUPAL_AUTHENTICATED_ROLE,
+ 'label' => 'Authenticated user',
+ 'weight' => 1))
->execute();
-
- // Sanity check to ensure the anonymous and authenticated role IDs are the
- // same as the drupal defined constants. In certain situations, this will
- // not be true.
- if ($rid_anonymous != DRUPAL_ANONYMOUS_RID) {
- db_update('role')
- ->fields(array('rid' => DRUPAL_ANONYMOUS_RID))
- ->condition('rid', $rid_anonymous)
- ->execute();
- }
- if ($rid_authenticated != DRUPAL_AUTHENTICATED_RID) {
- db_update('role')
- ->fields(array('rid' => DRUPAL_AUTHENTICATED_RID))
- ->condition('rid', $rid_authenticated)
- ->execute();
- }
}
/**
@@ -399,5 +384,39 @@ function user_update_8001() {
}
/**
+ * Role IDs are replaced with role machine names.
+ *
+ * We do not need to add role_name database columns because they were already
+ * created earlier during the upgrade process.
+ *
+ * @see update_prepare_d8_role_names().
+ */
+function user_update_8002() {
+ // Set the new primary key in the role_permission table.
+ db_drop_primary_key('role_permission');
+ db_add_primary_key('role_permission', array('role_name', 'permission'));
+
+ // Set the new primary key in the users_roles table..
+ db_drop_primary_key('users_roles');
+ db_add_primary_key('users_roles', array('uid', 'role_name'));
+
+ // Remove the auto increment and the primary key setting so that it is
+ // possible to change the primary key of the role table.
+ $column = array(
+ 'type' => 'int',
+ 'unsigned' => TRUE,
+ 'description' => 'Old Primary Key: role ID. Use for upgrade purposes only!',
+ );
+ db_change_field('role', 'rid', 'rid', $column);
+ // Set the role name as primary key.
+ db_drop_primary_key('role');
+ db_add_primary_key('role', array('name'));
+
+ db_drop_field('role', 'rid');
+ db_drop_field('users_roles', 'rid');
+ db_drop_field('role_permission', 'rid');
+}
+
+/**
* @} End of "addtogroup updates-7.x-to-8.x"
*/
diff --git a/core/modules/user/user.module b/core/modules/user/user.module
index a23543f..f0aecb0 100644
--- a/core/modules/user/user.module
+++ b/core/modules/user/user.module
@@ -444,11 +444,11 @@ function user_password($length = 10) {
* Determine the permissions for one or more roles.
*
* @param $roles
- * An array whose keys are the role IDs of interest, such as $user->roles.
+ * An array whose keys are the role names of interest, such as $user->roles.
*
* @return
- * An array indexed by role ID. Each value is an array whose keys are the
- * permission strings for the given role ID.
+ * An array indexed by role name. Each value is an array whose keys are the
+ * permission strings for the given role name.
*/
function user_role_permissions($roles = array()) {
$cache = &drupal_static(__FUNCTION__, array());
@@ -456,29 +456,29 @@ function user_role_permissions($roles = array()) {
$role_permissions = $fetch = array();
if ($roles) {
- foreach ($roles as $rid => $name) {
- if (isset($cache[$rid])) {
- $role_permissions[$rid] = $cache[$rid];
+ foreach (array_keys($roles) as $role_name) {
+ if (isset($cache[$role_name])) {
+ $role_permissions[$role_name] = $cache[$role_name];
}
else {
- // Add this rid to the list of those needing to be fetched.
- $fetch[] = $rid;
+ // Add this role name to the list of those needing to be fetched.
+ $fetch[] = $role_name;
// Prepare in case no permissions are returned.
- $cache[$rid] = array();
+ $cache[$role_name] = array();
}
}
if ($fetch) {
// Get from the database permissions that were not in the static variable.
- // Only role IDs with at least one permission assigned will return rows.
- $result = db_query("SELECT rid, permission FROM {role_permission} WHERE rid IN (:fetch)", array(':fetch' => $fetch));
+ // Only role names with at least one permission assigned will return rows.
+ $result = db_query("SELECT role_name, permission FROM {role_permission} WHERE role_name IN (:fetch)", array(':fetch' => $fetch));
foreach ($result as $row) {
- $cache[$row->rid][$row->permission] = TRUE;
+ $cache[$row->role_name][$row->permission] = TRUE;
}
- foreach ($fetch as $rid) {
- // For every rid, we know we at least assigned an empty array.
- $role_permissions[$rid] = $cache[$rid];
+ foreach ($fetch as $role_name) {
+ // For every role name, we know we at least assigned an empty array.
+ $role_permissions[$role_name] = $cache[$role_name];
}
}
}
@@ -806,18 +806,18 @@ function user_account_form(&$form, &$form_state) {
// @todo This should be solved more elegantly. See issue #119038.
$checkbox_authenticated = array(
'#type' => 'checkbox',
- '#title' => $roles[DRUPAL_AUTHENTICATED_RID],
+ '#title' => $roles[DRUPAL_AUTHENTICATED_ROLE],
'#default_value' => TRUE,
'#disabled' => TRUE,
);
- unset($roles[DRUPAL_AUTHENTICATED_RID]);
+ unset($roles[DRUPAL_AUTHENTICATED_ROLE]);
$form['account']['roles'] = array(
'#type' => 'checkboxes',
'#title' => t('Roles'),
'#default_value' => (!$register && isset($account->roles) ? array_keys($account->roles) : array()),
'#options' => $roles,
'#access' => $roles && user_access('administer permissions'),
- DRUPAL_AUTHENTICATED_RID => $checkbox_authenticated,
+ DRUPAL_AUTHENTICATED_ROLE => $checkbox_authenticated,
);
$form['account']['notify'] = array(
@@ -1563,6 +1563,14 @@ function user_menu() {
'type' => MENU_LOCAL_TASK,
'weight' => -5,
);
+ $items['admin/people/permissions/roles/add'] = array(
+ 'title' => 'Add role',
+ 'page callback' => 'drupal_get_form',
+ 'page arguments' => array('user_admin_role'),
+ 'access arguments' => array('administer permissions'),
+ 'file' => 'user.admin.inc',
+ 'type' => MENU_LOCAL_ACTION,
+ );
$items['admin/people/permissions/roles/edit/%user_role'] = array(
'title' => 'Edit role',
'page arguments' => array('user_admin_role', 5),
@@ -2626,8 +2634,8 @@ function user_mail_tokens(&$replacements, $data, $options) {
* permission are returned.
*
* @return
- * An associative array with the role id as the key and the role name as
- * value.
+ * An associative array with the role machine name as the key and the label
+ * as value.
*/
function user_roles($membersonly = FALSE, $permission = NULL) {
$user_roles = &drupal_static(__FUNCTION__);
@@ -2635,7 +2643,7 @@ function user_roles($membersonly = FALSE, $permission = NULL) {
// Do not cache roles for specific permissions. This data is not requested
// frequently enough to justify the additional memory use.
if (empty($permission)) {
- $cid = $membersonly ? DRUPAL_AUTHENTICATED_RID : DRUPAL_ANONYMOUS_RID;
+ $cid = $membersonly ? DRUPAL_AUTHENTICATED_ROLE : DRUPAL_ANONYMOUS_ROLE;
if (isset($user_roles[$cid])) {
return $user_roles[$cid];
}
@@ -2643,29 +2651,28 @@ function user_roles($membersonly = FALSE, $permission = NULL) {
$query = db_select('role', 'r');
$query->addTag('translatable');
- $query->fields('r', array('rid', 'name'));
+ $query->fields('r', array('name', 'label'));
$query->orderBy('weight');
- $query->orderBy('name');
if (!empty($permission)) {
- $query->innerJoin('role_permission', 'p', 'r.rid = p.rid');
+ $query->innerJoin('role_permission', 'p', 'r.name = p.role_name');
$query->condition('p.permission', $permission);
}
$result = $query->execute();
$roles = array();
foreach ($result as $role) {
- switch ($role->rid) {
- // We only translate the built in role names
- case DRUPAL_ANONYMOUS_RID:
+ switch ($role->name) {
+ // We only translate the built-in role labels.
+ case DRUPAL_ANONYMOUS_ROLE:
if (!$membersonly) {
- $roles[$role->rid] = t($role->name);
+ $roles[$role->name] = t($role->label);
}
break;
- case DRUPAL_AUTHENTICATED_RID:
- $roles[$role->rid] = t($role->name);
+ case DRUPAL_AUTHENTICATED_ROLE:
+ $roles[$role->name] = t($role->label);
break;
default:
- $roles[$role->rid] = $role->name;
+ $roles[$role->name] = $role->label;
}
}
@@ -2678,41 +2685,19 @@ function user_roles($membersonly = FALSE, $permission = NULL) {
}
/**
- * Fetches a user role by role ID.
- *
- * @param $rid
- * An integer representing the role ID.
- *
- * @return
- * A fully-loaded role object if a role with the given ID exists, or FALSE
- * otherwise.
- *
- * @see user_role_load_by_name()
- */
-function user_role_load($rid) {
- return db_select('role', 'r')
- ->fields('r')
- ->condition('rid', $rid)
- ->execute()
- ->fetchObject();
-}
-
-/**
* Fetches a user role by role name.
*
- * @param $role_name
- * A string representing the role name.
+ * @param string $name
+ * An string representing the role name.
*
- * @return
+ * @return object
* A fully-loaded role object if a role with the given name exists, or FALSE
* otherwise.
- *
- * @see user_role_load()
*/
-function user_role_load_by_name($role_name) {
+function user_role_load($name) {
return db_select('role', 'r')
->fields('r')
- ->condition('name', $role_name)
+ ->condition('name', $name)
->execute()
->fetchObject();
}
@@ -2721,8 +2706,7 @@ function user_role_load_by_name($role_name) {
* Save a user role to the database.
*
* @param $role
- * A role object to modify or add. If $role->rid is not specified, a new
- * role will be created.
+ * A role object to modify or add.
* @return
* Status constant indicating if role was created or updated.
* Failure to write the user role record will return FALSE. Otherwise.
@@ -2744,14 +2728,20 @@ function user_role_save($role) {
// Let modules modify the user role before it is saved to the database.
module_invoke_all('user_role_presave', $role);
- if (!empty($role->rid) && $role->name) {
- $status = drupal_write_record('role', $role, 'rid');
- module_invoke_all('user_role_update', $role);
- }
- else {
+ $exists = db_select('role', 'r')
+ ->fields('r', array('name'))
+ ->condition('name', $role->name)
+ ->execute()
+ ->fetchAll();
+
+ if (empty($exists)) {
$status = drupal_write_record('role', $role);
module_invoke_all('user_role_insert', $role);
}
+ else {
+ $status = drupal_write_record('role', $role, 'name');
+ module_invoke_all('user_role_update', $role);
+ }
// Clear the user access cache.
drupal_static_reset('user_access');
@@ -2763,26 +2753,21 @@ function user_role_save($role) {
/**
* Delete a user role from database.
*
- * @param $role
- * A string with the role name, or an integer with the role ID.
+ * @param $role_name
+ * A string with the role name.
*/
-function user_role_delete($role) {
- if (is_int($role)) {
- $role = user_role_load($role);
- }
- else {
- $role = user_role_load_by_name($role);
- }
+function user_role_delete($role_name) {
+ $role = user_role_load($role_name);
db_delete('role')
- ->condition('rid', $role->rid)
+ ->condition('name', $role->name)
->execute();
db_delete('role_permission')
- ->condition('rid', $role->rid)
+ ->condition('role_name', $role->name)
->execute();
// Update the users who have this role set:
db_delete('users_roles')
- ->condition('rid', $role->rid)
+ ->condition('role_name', $role->name)
->execute();
module_invoke_all('user_role_delete', $role);
@@ -2797,7 +2782,7 @@ function user_role_delete($role) {
*/
function user_role_edit_access($role) {
// Prevent the system-defined roles from being altered or removed.
- if ($role->rid == DRUPAL_ANONYMOUS_RID || $role->rid == DRUPAL_AUTHENTICATED_RID) {
+ if ($role->name == DRUPAL_ANONYMOUS_ROLE || $role->name == DRUPAL_AUTHENTICATED_ROLE) {
return FALSE;
}
@@ -2829,8 +2814,8 @@ function user_permission_get_modules() {
* role, the form submit handler may directly pass the submitted values for the
* checkboxes form element to this function.
*
- * @param $rid
- * The ID of a user role to alter.
+ * @param $role_name
+ * The name of a user role to alter.
* @param $permissions
* An associative array, where the key holds the permission name and the value
* determines whether to grant or revoke that permission. Any value that
@@ -2850,37 +2835,37 @@ function user_permission_get_modules() {
* @see user_role_grant_permissions()
* @see user_role_revoke_permissions()
*/
-function user_role_change_permissions($rid, array $permissions = array()) {
+function user_role_change_permissions($role_name, array $permissions = array()) {
// Grant new permissions for the role.
$grant = array_filter($permissions);
if (!empty($grant)) {
- user_role_grant_permissions($rid, array_keys($grant));
+ user_role_grant_permissions($role_name, array_keys($grant));
}
// Revoke permissions for the role.
$revoke = array_diff_assoc($permissions, $grant);
if (!empty($revoke)) {
- user_role_revoke_permissions($rid, array_keys($revoke));
+ user_role_revoke_permissions($role_name, array_keys($revoke));
}
}
/**
* Grant permissions to a user role.
*
- * @param $rid
- * The ID of a user role to alter.
+ * @param $role_name
+ * The name of a user role to alter.
* @param $permissions
* A list of permission names to grant.
*
* @see user_role_change_permissions()
* @see user_role_revoke_permissions()
*/
-function user_role_grant_permissions($rid, array $permissions = array()) {
+function user_role_grant_permissions($role_name, array $permissions = array()) {
$modules = user_permission_get_modules();
// Grant new permissions for the role.
foreach ($permissions as $name) {
db_merge('role_permission')
->key(array(
- 'rid' => $rid,
+ 'role_name' => $role_name,
'permission' => $name,
))
->fields(array(
@@ -2897,18 +2882,18 @@ function user_role_grant_permissions($rid, array $permissions = array()) {
/**
* Revoke permissions from a user role.
*
- * @param $rid
- * The ID of a user role to alter.
+ * @param $role_name
+ * The name of a user role to alter.
* @param $permissions
* A list of permission names to revoke.
*
* @see user_role_change_permissions()
* @see user_role_grant_permissions()
*/
-function user_role_revoke_permissions($rid, array $permissions = array()) {
+function user_role_revoke_permissions($role_name, array $permissions = array()) {
// Revoke permissions for the role.
db_delete('role_permission')
- ->condition('rid', $rid)
+ ->condition('role_name', $role_name)
->condition('permission', $permissions, 'IN')
->execute();
@@ -2937,7 +2922,7 @@ function user_user_operations($form = array(), $form_state = array()) {
if (user_access('administer permissions')) {
$roles = user_roles(TRUE);
- unset($roles[DRUPAL_AUTHENTICATED_RID]); // Can't edit authenticated role.
+ unset($roles[DRUPAL_AUTHENTICATED_ROLE]); // Can't edit authenticated role.
$add_roles = array();
foreach ($roles as $key => $value) {
@@ -2966,14 +2951,14 @@ function user_user_operations($form = array(), $form_state = array()) {
// If the form has been posted, we need to insert the proper data for
// role editing if necessary.
if (!empty($form_state['submitted'])) {
- $operation_rid = explode('-', $form_state['values']['operation']);
- $operation = $operation_rid[0];
+ $operation_role = explode('-', $form_state['values']['operation']);
+ $operation = $operation_role[0];
if ($operation == 'add_role' || $operation == 'remove_role') {
- $rid = $operation_rid[1];
+ $role_name = $operation_role[1];
if (user_access('administer permissions')) {
$operations[$form_state['values']['operation']] = array(
'callback' => 'user_multiple_role_edit',
- 'callback arguments' => array($operation, $rid),
+ 'callback arguments' => array($operation, $role_name),
);
}
else {
@@ -3020,16 +3005,14 @@ function user_user_operations_block($accounts) {
/**
* Callback function for admin mass adding/deleting a user role.
*/
-function user_multiple_role_edit($accounts, $operation, $rid) {
- $role_name = db_query('SELECT name FROM {role} WHERE rid = :rid', array(':rid' => $rid))->fetchField();
-
+function user_multiple_role_edit($accounts, $operation, $role_name) {
switch ($operation) {
case 'add_role':
$accounts = user_load_multiple($accounts);
foreach ($accounts as $account) {
// Skip adding the role to the user if they already have it.
- if ($account !== FALSE && !isset($account->roles[$rid])) {
- $roles = $account->roles + array($rid => $role_name);
+ if ($account !== FALSE && !isset($account->roles[$role_name])) {
+ $roles = $account->roles + array($role_name => TRUE);
// For efficiency manually save the original account before applying
// any changes.
$account->original = clone $account;
@@ -3042,8 +3025,8 @@ function user_multiple_role_edit($accounts, $operation, $rid) {
$accounts = user_load_multiple($accounts);
foreach ($accounts as $account) {
// Skip removing the role from the user if they already don't have it.
- if ($account !== FALSE && isset($account->roles[$rid])) {
- $roles = array_diff($account->roles, array($rid => $role_name));
+ if ($account !== FALSE && isset($account->roles[$role_name])) {
+ $roles = array_diff_key($account->roles, array($role_name => TRUE));
// For efficiency manually save the original account before applying
// any changes.
$account->original = clone $account;
@@ -3158,11 +3141,11 @@ function user_filters() {
// Regular filters
$filters = array();
$roles = user_roles(TRUE);
- unset($roles[DRUPAL_AUTHENTICATED_RID]); // Don't list authorized role.
+ unset($roles[DRUPAL_AUTHENTICATED_ROLE]); // Don't list authorized role.
if (count($roles)) {
$filters['role'] = array(
'title' => t('role'),
- 'field' => 'ur.rid',
+ 'field' => 'ur.name',
'options' => array(
'[any]' => t('any'),
) + $roles,
@@ -3216,17 +3199,17 @@ function user_build_filter_query(SelectInterface $query) {
if ($key == 'permission') {
$account = entity_create('user', array());
$account->uid = 'user_filter';
- $account->roles = array(DRUPAL_AUTHENTICATED_RID => 1);
+ $account->roles = array(DRUPAL_AUTHENTICATED_ROLE => TRUE);
if (user_access($value, $account)) {
continue;
}
$users_roles_alias = $query->join('users_roles', 'ur', '%alias.uid = u.uid');
- $permission_alias = $query->join('role_permission', 'p', $users_roles_alias . '.rid = %alias.rid');
+ $permission_alias = $query->join('role_permission', 'p', $users_roles_alias . '.role_name = %alias.role_name');
$query->condition($permission_alias . '.permission', $value);
}
elseif ($key == 'role') {
$users_roles_alias = $query->join('users_roles', 'ur', '%alias.uid = u.uid');
- $query->condition($users_roles_alias . '.rid' , $value);
+ $query->condition($users_roles_alias . '.role_name' , $value);
}
else {
$query->condition($filters[$key]['field'], $value);
@@ -3670,8 +3653,8 @@ function user_register_submit($form, &$form_state) {
*/
function user_modules_installed($modules) {
// Assign all available permissions to the administrator role.
- $rid = variable_get('user_admin_role', 0);
- if ($rid) {
+ $role_name = variable_get('user_admin_role', 0);
+ if ($role_name) {
$permissions = array();
foreach ($modules as $module) {
if ($module_permissions = module_invoke($module, 'permission')) {
@@ -3679,7 +3662,7 @@ function user_modules_installed($modules) {
}
}
if (!empty($permissions)) {
- user_role_grant_permissions($rid, $permissions);
+ user_role_grant_permissions($role_name, $permissions);
}
}
}
diff --git a/core/modules/user/user.permissions.js b/core/modules/user/user.permissions.js
index 4b6d4c9..de38255 100644
--- a/core/modules/user/user.permissions.js
+++ b/core/modules/user/user.permissions.js
@@ -32,12 +32,13 @@ Drupal.behaviors.permissions = {
.attr('title', Drupal.t("This permission is inherited from the authenticated user role."))
.hide();
- $table.find('input[type=checkbox]').not('.rid-2, .rid-1').addClass('real-checkbox').each(function () {
+ $table.find('input[type=checkbox]').not('.role_name-anonymous_user, .role_name-authenticated_user').addClass('real-checkbox').each(function () {
$dummy.clone().insertAfter(this);
});
// Initialize the authenticated user checkbox.
- $table.find('input[type=checkbox].rid-2')
+ $table.find('input[type=checkbox].role_name-authenticated_user')
+ $('input[type=checkbox].role_name-authenticated_user', this)
.bind('click.permissions', self.toggle)
// .triggerHandler() cannot be used here, as it only affects the first
// element.
diff --git a/core/modules/user/user.test b/core/modules/user/user.test
index 7671eba..0bbaae0 100644
--- a/core/modules/user/user.test
+++ b/core/modules/user/user.test
@@ -1232,7 +1232,7 @@ class UserPictureTestCase extends WebTestBase {
class UserPermissionsTestCase extends WebTestBase {
protected $admin_user;
- protected $rid;
+ protected $role_name;
public static function getInfo() {
return array(
@@ -1247,10 +1247,10 @@ class UserPermissionsTestCase extends WebTestBase {
$this->admin_user = $this->drupalCreateUser(array('administer permissions', 'access user profiles', 'administer site configuration', 'administer modules', 'administer users'));
- // Find the new role ID - it must be the maximum.
- $all_rids = array_keys($this->admin_user->roles);
- sort($all_rids);
- $this->rid = array_pop($all_rids);
+ // Find the new role name.
+ $all_role_names = $this->admin_user->roles;
+ unset($all_role_names[DRUPAL_AUTHENTICATED_ROLE]);
+ $this->role_name = key($all_role_names);
}
/**
@@ -1258,13 +1258,13 @@ class UserPermissionsTestCase extends WebTestBase {
*/
function testUserPermissionChanges() {
$this->drupalLogin($this->admin_user);
- $rid = $this->rid;
+ $role_name = $this->role_name;
$account = $this->admin_user;
// Add a permission.
$this->assertFalse(user_access('administer nodes', $account), t('User does not have "administer nodes" permission.'));
$edit = array();
- $edit[$rid . '[administer nodes]'] = TRUE;
+ $edit[$role_name . '[administer nodes]'] = TRUE;
$this->drupalPost('admin/people/permissions', $edit, t('Save permissions'));
$this->assertText(t('The changes have been saved.'), t('Successful save message displayed.'));
drupal_static_reset('user_access');
@@ -1274,7 +1274,7 @@ class UserPermissionsTestCase extends WebTestBase {
// Remove a permission.
$this->assertTrue(user_access('access user profiles', $account), t('User has "access user profiles" permission.'));
$edit = array();
- $edit[$rid . '[access user profiles]'] = FALSE;
+ $edit[$role_name . '[access user profiles]'] = FALSE;
$this->drupalPost('admin/people/permissions', $edit, t('Save permissions'));
$this->assertText(t('The changes have been saved.'), t('Successful save message displayed.'));
drupal_static_reset('user_access');
@@ -1291,7 +1291,7 @@ class UserPermissionsTestCase extends WebTestBase {
// Set the user's role to be the administrator role.
$edit = array();
- $edit['user_admin_role'] = $this->rid;
+ $edit['user_admin_role'] = $this->role_name;
$this->drupalPost('admin/config/people/accounts', $edit, t('Save configuration'));
// Enable aggregator module and ensure the 'administer news feeds'
@@ -1306,7 +1306,7 @@ class UserPermissionsTestCase extends WebTestBase {
* Verify proper permission changes by user_role_change_permissions().
*/
function testUserRoleChangePermissions() {
- $rid = $this->rid;
+ $role_name = $this->role_name;
$account = $this->admin_user;
// Verify current permissions.
@@ -1319,7 +1319,7 @@ class UserPermissionsTestCase extends WebTestBase {
'administer nodes' => 1,
'access user profiles' => 0,
);
- user_role_change_permissions($rid, $permissions);
+ user_role_change_permissions($role_name, $permissions);
// Verify proper permission changes.
$this->assertTrue(user_access('administer nodes', $account), t('User now has "administer nodes" permission.'));
@@ -1374,7 +1374,9 @@ class UserAdminTestCase extends WebTestBase {
$this->assertText($user_c->name, t('Found user C on filtered by perm admin users page'));
// Filter the users by role. Grab the system-generated role name for User C.
- $edit['role'] = max(array_flip($user_c->roles));
+ $roles = $user_c->roles;
+ unset($roles[DRUPAL_AUTHENTICATED_ROLE]);
+ $edit['role'] = key($roles);
$this->drupalPost('admin/people', $edit, t('Refine'));
// Check if the correct users show up when filtered by role.
@@ -1897,7 +1899,7 @@ class UserSignatureTestCase extends WebTestBase {
$this->full_html_format = (object) $full_html_format;
filter_format_save($this->full_html_format);
- user_role_grant_permissions(DRUPAL_AUTHENTICATED_RID, array(filter_permission_name($this->filtered_html_format)));
+ user_role_grant_permissions(DRUPAL_AUTHENTICATED_ROLE, array(filter_permission_name($this->filtered_html_format)));
$this->checkPermissions(array(), TRUE);
// Create regular and administrative users.
@@ -2023,41 +2025,38 @@ class UserRoleAdminTestCase extends WebTestBase {
function testRoleAdministration() {
$this->drupalLogin($this->admin_user);
- // Test adding a role. (In doing so, we use a role name that happens to
- // correspond to an integer, to test that the role administration pages
- // correctly distinguish between role names and IDs.)
+ // Test adding a role.
$role_name = '123';
- $edit = array('name' => $role_name);
- $this->drupalPost('admin/people/permissions/roles', $edit, t('Add role'));
+ $edit = array('label' => $role_name, 'name' => $role_name);
+ $this->drupalPost('admin/people/permissions/roles/add', $edit, t('Add role'));
$this->assertText(t('The role has been added.'), t('The role has been added.'));
- $role = user_role_load_by_name($role_name);
+ $role = user_role_load($role_name);
$this->assertTrue(is_object($role), t('The role was successfully retrieved from the database.'));
// Try adding a duplicate role.
- $this->drupalPost(NULL, $edit, t('Add role'));
- $this->assertRaw(t('The role name %name already exists. Choose another role name.', array('%name' => $role_name)), t('Duplicate role warning displayed.'));
-
- // Test renaming a role.
- $old_name = $role_name;
- $role_name = '456';
- $edit = array('name' => $role_name);
- $this->drupalPost("admin/people/permissions/roles/edit/{$role->rid}", $edit, t('Save role'));
- $this->assertText(t('The role has been renamed.'), t('The role has been renamed.'));
- $this->assertFalse(user_role_load_by_name($old_name), t('The role can no longer be retrieved from the database using its old name.'));
- $this->assertTrue(is_object(user_role_load_by_name($role_name)), t('The role can be retrieved from the database using its new name.'));
+ $this->drupalPost('admin/people/permissions/roles/add', $edit, t('Add role'));
+ $this->assertRaw(t('The machine-readable name is already in use. It must be unique.'), t('Duplicate role warning displayed.'));
+
+ // Test renaming a role label.
+ $role_label = '456';
+ $edit = array('label' => $role_label);
+ $this->drupalPost("admin/people/permissions/roles/edit/{$role->name}", $edit, t('Save role'));
+ $this->assertText('The role label has been renamed.', 'The role has been renamed.');
+ $new_role = user_role_load($role_name);
+ $this->assertEqual($new_role->label, $role_label, 'The role label has been successfully changed.');
// Test deleting a role.
- $this->drupalPost("admin/people/permissions/roles/edit/{$role->rid}", NULL, t('Delete role'));
+ $this->drupalPost("admin/people/permissions/roles/edit/{$role->name}", NULL, t('Delete role'));
$this->drupalPost(NULL, NULL, t('Delete'));
$this->assertText(t('The role has been deleted.'), t('The role has been deleted'));
- $this->assertNoLinkByHref("admin/people/permissions/roles/edit/{$role->rid}", t('Role edit link removed.'));
- $this->assertFalse(user_role_load_by_name($role_name), t('A deleted role can no longer be loaded.'));
+ $this->assertNoLinkByHref("admin/people/permissions/roles/edit/{$role->name}", t('Role edit link removed.'));
+ $this->assertFalse(user_role_load($role_name), t('A deleted role can no longer be loaded.'));
// Make sure that the system-defined roles cannot be edited via the user
// interface.
- $this->drupalGet('admin/people/permissions/roles/edit/' . DRUPAL_ANONYMOUS_RID);
+ $this->drupalGet('admin/people/permissions/roles/edit/' . DRUPAL_ANONYMOUS_ROLE);
$this->assertResponse(403, t('Access denied when trying to edit the built-in anonymous role.'));
- $this->drupalGet('admin/people/permissions/roles/edit/' . DRUPAL_AUTHENTICATED_RID);
+ $this->drupalGet('admin/people/permissions/roles/edit/' . DRUPAL_AUTHENTICATED_ROLE);
$this->assertResponse(403, t('Access denied when trying to edit the built-in authenticated role.'));
}
@@ -2068,17 +2067,17 @@ class UserRoleAdminTestCase extends WebTestBase {
$this->drupalLogin($this->admin_user);
// Pick up a random role and get its weight.
- $rid = array_rand(user_roles());
- $role = user_role_load($rid);
+ $role_name = array_rand(user_roles());
+ $role = user_role_load($role_name);
$old_weight = $role->weight;
// Change the role weight and submit the form.
- $edit = array('roles['. $rid .'][weight]' => $old_weight + 1);
+ $edit = array('roles['. $role_name .'][weight]' => $old_weight + 1);
$this->drupalPost('admin/people/permissions/roles', $edit, t('Save order'));
$this->assertText(t('The role settings have been updated.'), t('The role settings form submitted successfully.'));
// Retrieve the saved role and compare its weight.
- $role = user_role_load($rid);
+ $role = user_role_load($role_name);
$new_weight = $role->weight;
$this->assertTrue(($old_weight + 1) == $new_weight, t('Role weight updated successfully.'));
}
@@ -2210,20 +2209,20 @@ class UserRolesAssignmentTestCase extends WebTestBase {
* again.
*/
function testAssignAndRemoveRole() {
- $rid = $this->drupalCreateRole(array('administer content types'));
+ $role_name = $this->drupalCreateRole(array('administer content types'));
$account = $this->drupalCreateUser();
// Assign the role to the user.
- $this->drupalPost('user/' . $account->uid . '/edit', array("roles[$rid]" => $rid), t('Save'));
+ $this->drupalPost('user/' . $account->uid . '/edit', array("roles[$role_name]" => $role_name), t('Save'));
$this->assertText(t('The changes have been saved.'));
- $this->assertFieldChecked('edit-roles-' . $rid, t('Role is assigned.'));
- $this->userLoadAndCheckRoleAssigned($account, $rid);
+ $this->assertFieldChecked('edit-roles-' . $role_name, t('Role is assigned.'));
+ $this->userLoadAndCheckRoleAssigned($account, $role_name);
// Remove the role from the user.
- $this->drupalPost('user/' . $account->uid . '/edit', array("roles[$rid]" => FALSE), t('Save'));
+ $this->drupalPost('user/' . $account->uid . '/edit', array("roles[$role_name]" => FALSE), t('Save'));
$this->assertText(t('The changes have been saved.'));
- $this->assertNoFieldChecked('edit-roles-' . $rid, t('Role is removed from user.'));
- $this->userLoadAndCheckRoleAssigned($account, $rid, FALSE);
+ $this->assertNoFieldChecked('edit-roles-' . $role_name, t('Role is removed from user.'));
+ $this->userLoadAndCheckRoleAssigned($account, $role_name, FALSE);
}
/**
@@ -2231,14 +2230,14 @@ class UserRolesAssignmentTestCase extends WebTestBase {
* be removed again.
*/
function testCreateUserWithRole() {
- $rid = $this->drupalCreateRole(array('administer content types'));
+ $role_name = $this->drupalCreateRole(array('administer content types'));
// Create a new user and add the role at the same time.
$edit = array(
'name' => $this->randomName(),
'mail' => $this->randomName() . '@example.com',
'pass[pass1]' => $pass = $this->randomString(),
'pass[pass2]' => $pass,
- "roles[$rid]" => $rid,
+ "roles[$role_name]" => $role_name,
);
$this->drupalPost('admin/people/create', $edit, t('Create new account'));
$this->assertText(t('Created a new user account for !name.', array('!name' => $edit['name'])));
@@ -2246,30 +2245,30 @@ class UserRolesAssignmentTestCase extends WebTestBase {
$account = user_load_by_name($edit['name']);
$this->drupalGet('user/' . $account->uid . '/edit');
- $this->assertFieldChecked('edit-roles-' . $rid, t('Role is assigned.'));
- $this->userLoadAndCheckRoleAssigned($account, $rid);
+ $this->assertFieldChecked('edit-roles-' . $role_name, t('Role is assigned.'));
+ $this->userLoadAndCheckRoleAssigned($account, $role_name);
// Remove the role again.
- $this->drupalPost('user/' . $account->uid . '/edit', array("roles[$rid]" => FALSE), t('Save'));
+ $this->drupalPost('user/' . $account->uid . '/edit', array("roles[$role_name]" => FALSE), t('Save'));
$this->assertText(t('The changes have been saved.'));
- $this->assertNoFieldChecked('edit-roles-' . $rid, t('Role is removed from user.'));
- $this->userLoadAndCheckRoleAssigned($account, $rid, FALSE);
+ $this->assertNoFieldChecked('edit-roles-' . $role_name, t('Role is removed from user.'));
+ $this->userLoadAndCheckRoleAssigned($account, $role_name, FALSE);
}
/**
* Check role on user object.
*
* @param object $account User.
- * @param integer $rid Role id.
+ * @param string $role_name Role name.
* @param bool $is_assigned True if the role should present on the account.
*/
- private function userLoadAndCheckRoleAssigned($account, $rid, $is_assigned = TRUE) {
+ private function userLoadAndCheckRoleAssigned($account, $role_name, $is_assigned = TRUE) {
$account = user_load($account->uid, TRUE);
if ($is_assigned) {
- $this->assertTrue(array_key_exists($rid, $account->roles), t('The role is present in the user object.'));
+ $this->assertTrue(array_key_exists($role_name, $account->roles), t('The role is present in the user object.'));
}
else {
- $this->assertFalse(array_key_exists($rid, $account->roles), t('The role is not present in the user object.'));
+ $this->assertFalse(array_key_exists($role_name, $account->roles), t('The role is not present in the user object.'));
}
}
}
diff --git a/profiles/minimal/minimal.install b/profiles/minimal/minimal.install
index e02ffcc..b185572 100644
--- a/profiles/minimal/minimal.install
+++ b/profiles/minimal/minimal.install
@@ -85,6 +85,6 @@ function minimal_install() {
variable_set('user_register', USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL);
// Enable default permissions for system roles.
- user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array('access content'));
- user_role_grant_permissions(DRUPAL_AUTHENTICATED_RID, array('access content'));
+ user_role_grant_permissions(DRUPAL_ANONYMOUS_ROLE, array('access content'));
+ user_role_grant_permissions(DRUPAL_AUTHENTICATED_ROLE, array('access content'));
}
diff --git a/profiles/standard/standard.install b/profiles/standard/standard.install
index eef8d0c..fd5e517 100644
--- a/profiles/standard/standard.install
+++ b/profiles/standard/standard.install
@@ -404,21 +404,22 @@ function standard_install() {
// Enable default permissions for system roles.
$filtered_html_permission = filter_permission_name($filtered_html_format);
- user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array('access content', 'access comments', $filtered_html_permission));
- user_role_grant_permissions(DRUPAL_AUTHENTICATED_RID, array('access content', 'access comments', 'post comments', 'skip comment approval', $filtered_html_permission));
+ user_role_grant_permissions(DRUPAL_ANONYMOUS_ROLE, array('access content', 'access comments', $filtered_html_permission));
+ user_role_grant_permissions(DRUPAL_AUTHENTICATED_ROLE, array('access content', 'access comments', 'post comments', 'skip comment approval', $filtered_html_permission));
// Create a default role for site administrators, with all available permissions assigned.
$admin_role = new stdClass();
$admin_role->name = 'administrator';
+ $admin_role->label = 'Administrator';
$admin_role->weight = 2;
user_role_save($admin_role);
- user_role_grant_permissions($admin_role->rid, array_keys(module_invoke_all('permission')));
+ user_role_grant_permissions($admin_role->name, array_keys(module_invoke_all('permission')));
// Set this as the administrator role.
- variable_set('user_admin_role', $admin_role->rid);
+ variable_set('user_admin_role', $admin_role->name);
// Assign user 1 the "administrator" role.
db_insert('users_roles')
- ->fields(array('uid' => 1, 'rid' => $admin_role->rid))
+ ->fields(array('uid' => 1, 'role_name' => $admin_role->name))
->execute();
// Create a Home link in the main menu.
diff --git a/profiles/testing/testing.install b/profiles/testing/testing.install
index bdd6154..2d11267 100644
--- a/profiles/testing/testing.install
+++ b/profiles/testing/testing.install
@@ -17,6 +17,6 @@ function testing_install() {
// Enable default permissions for system roles.
// @todo Remove dependency on Node module.
- user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array('access content'));
- user_role_grant_permissions(DRUPAL_AUTHENTICATED_RID, array('access content'));
+ user_role_grant_permissions(DRUPAL_ANONYMOUS_ROLE, array('access content'));
+ user_role_grant_permissions(DRUPAL_AUTHENTICATED_ROLE, array('access content'));
}