Mercurial > hg > isophonics-drupal-site

comparison core/modules/user/user.module @ 18:af1871eacc83

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Update to Drupal core 8.7.1
author Chris Cannam
date Thu, 09 May 2019 15:33:08 +0100
parents 129ea1e6d783
children
comparison
equal deleted inserted replaced
17:129ea1e6d783 18:af1871eacc83
6 */ 6 */
7 7
8 use Drupal\Component\Utility\Crypt; 8 use Drupal\Component\Utility\Crypt;
9 use Drupal\Component\Render\PlainTextOutput; 9 use Drupal\Component\Render\PlainTextOutput;
10 use Drupal\Component\Utility\Unicode; 10 use Drupal\Component\Utility\Unicode;
11 use Drupal\Core\Access\AccessibleInterface;
11 use Drupal\Core\Asset\AttachedAssetsInterface; 12 use Drupal\Core\Asset\AttachedAssetsInterface;
12 use Drupal\Core\Entity\Display\EntityViewDisplayInterface; 13 use Drupal\Core\Entity\Display\EntityViewDisplayInterface;
13 use Drupal\Core\Field\BaseFieldDefinition; 14 use Drupal\Core\Field\BaseFieldDefinition;
14 use Drupal\Core\Render\Element; 15 use Drupal\Core\Render\Element;
15 use Drupal\Core\Routing\RouteMatchInterface; 16 use Drupal\Core\Routing\RouteMatchInterface;
77 $output .= '<h3>' . t('About') . '</h3>'; 78 $output .= '<h3>' . t('About') . '</h3>';
78 $output .= '<p>' . t('The User module allows users to register, log in, and log out. It also allows users with proper permissions to manage user roles and permissions. For more information, see the <a href=":user_docs">online documentation for the User module</a>.', [':user_docs' => 'https://www.drupal.org/documentation/modules/user']) . '</p>'; 79 $output .= '<p>' . t('The User module allows users to register, log in, and log out. It also allows users with proper permissions to manage user roles and permissions. For more information, see the <a href=":user_docs">online documentation for the User module</a>.', [':user_docs' => 'https://www.drupal.org/documentation/modules/user']) . '</p>';
79 $output .= '<h3>' . t('Uses') . '</h3>'; 80 $output .= '<h3>' . t('Uses') . '</h3>';
80 $output .= '<dl>'; 81 $output .= '<dl>';
81 $output .= '<dt>' . t('Creating and managing users') . '</dt>'; 82 $output .= '<dt>' . t('Creating and managing users') . '</dt>';
82 $output .= '<dd>' . t('Through the <a href=":people">People administration page</a> you can add and cancel user accounts and assign users to roles. By editing one particular user you can change their username, email address, password, and information in other fields.', [':people' => \Drupal::url('entity.user.collection')]) . '</dd>'; 83 $output .= '<dd>' . t('Through the <a href=":people">People administration page</a> you can add and cancel user accounts and assign users to roles. By editing one particular user you can change their username, email address, password, and information in other fields.', [':people' => Url::fromRoute('entity.user.collection')->toString()]) . '</dd>';
83 $output .= '<dt>' . t('Configuring user roles') . '</dt>'; 84 $output .= '<dt>' . t('Configuring user roles') . '</dt>';
84 $output .= '<dd>' . t('<em>Roles</em> are used to group and classify users; each user can be assigned one or more roles. Typically there are two pre-defined roles: <em>Anonymous user</em> (users that are not logged in), and <em>Authenticated user</em> (users that are registered and logged in). Depending on how your site was set up, an <em>Administrator</em> role may also be available: users with this role will automatically be assigned any new permissions whenever a module is enabled. You can create additional roles on the <a href=":roles">Roles administration page</a>.', [':roles' => \Drupal::url('entity.user_role.collection')]) . '</dd>'; 85 $output .= '<dd>' . t('<em>Roles</em> are used to group and classify users; each user can be assigned one or more roles. Typically there are two pre-defined roles: <em>Anonymous user</em> (users that are not logged in), and <em>Authenticated user</em> (users that are registered and logged in). Depending on how your site was set up, an <em>Administrator</em> role may also be available: users with this role will automatically be assigned any new permissions whenever a module is enabled. You can create additional roles on the <a href=":roles">Roles administration page</a>.', [':roles' => Url::fromRoute('entity.user_role.collection')->toString()]) . '</dd>';
85 $output .= '<dt>' . t('Setting permissions') . '</dt>'; 86 $output .= '<dt>' . t('Setting permissions') . '</dt>';
86 $output .= '<dd>' . t('After creating roles, you can set permissions for each role on the <a href=":permissions_user">Permissions page</a>. Granting a permission allows users who have been assigned a particular role to perform an action on the site, such as viewing content, editing or creating a particular type of content, administering settings for a particular module, or using a particular function of the site (such as search).', [':permissions_user' => \Drupal::url('user.admin_permissions')]) . '</dd>'; 87 $output .= '<dd>' . t('After creating roles, you can set permissions for each role on the <a href=":permissions_user">Permissions page</a>. Granting a permission allows users who have been assigned a particular role to perform an action on the site, such as viewing content, editing or creating a particular type of content, administering settings for a particular module, or using a particular function of the site (such as search).', [':permissions_user' => Url::fromRoute('user.admin_permissions')->toString()]) . '</dd>';
87 $output .= '<dt>' . t('Managing account settings') . '</dt>'; 88 $output .= '<dt>' . t('Managing account settings') . '</dt>';
88 $output .= '<dd>' . t('The <a href=":accounts">Account settings page</a> allows you to manage settings for the displayed name of the Anonymous user role, personal contact forms, user registration settings, and account cancellation settings. On this page you can also manage settings for account personalization, and adapt the text for the email messages that users receive when they register or request a password recovery. You may also set which role is automatically assigned new permissions whenever a module is enabled (the Administrator role).', [':accounts' => \Drupal::url('entity.user.admin_form')]) . '</dd>'; 89 $output .= '<dd>' . t('The <a href=":accounts">Account settings page</a> allows you to manage settings for the displayed name of the Anonymous user role, personal contact forms, user registration settings, and account cancellation settings. On this page you can also manage settings for account personalization, and adapt the text for the email messages that users receive when they register or request a password recovery. You may also set which role is automatically assigned new permissions whenever a module is enabled (the Administrator role).', [':accounts' => Url::fromRoute('entity.user.admin_form')->toString()]) . '</dd>';
89 $output .= '<dt>' . t('Managing user account fields') . '</dt>'; 90 $output .= '<dt>' . t('Managing user account fields') . '</dt>';
90 $output .= '<dd>' . t('Because User accounts are an entity type, you can extend them by adding fields through the Manage fields tab on the <a href=":accounts">Account settings page</a>. By adding fields for e.g., a picture, a biography, or address, you can a create a custom profile for the users of the website. For background information on entities and fields, see the <a href=":field_help">Field module help page</a>.', [':field_help' => (\Drupal::moduleHandler()->moduleExists('field')) ? \Drupal::url('help.page', ['name' => 'field']) : '#', ':accounts' => \Drupal::url('entity.user.admin_form')]) . '</dd>'; 91 $output .= '<dd>' . t('Because User accounts are an entity type, you can extend them by adding fields through the Manage fields tab on the <a href=":accounts">Account settings page</a>. By adding fields for e.g., a picture, a biography, or address, you can a create a custom profile for the users of the website. For background information on entities and fields, see the <a href=":field_help">Field module help page</a>.', [':field_help' => (\Drupal::moduleHandler()->moduleExists('field')) ? Url::fromRoute('help.page', ['name' => 'field'])->toString() : '#', ':accounts' => Url::fromRoute('entity.user.admin_form')->toString()]) . '</dd>';
91 $output .= '</dl>'; 92 $output .= '</dl>';
92 return $output; 93 return $output;
93 94
94 case 'user.admin_create': 95 case 'user.admin_create':
95 return '<p>' . t("This web page allows administrators to register new users. Users' email addresses and usernames must be unique.") . '</p>'; 96 return '<p>' . t("This web page allows administrators to register new users. Users' email addresses and usernames must be unique.") . '</p>';
96 97
97 case 'user.admin_permissions': 98 case 'user.admin_permissions':
98 return '<p>' . t('Permissions let you control what users can do and see on your site. You can define a specific set of permissions for each role. (See the <a href=":role">Roles</a> page to create a role.) Any permissions granted to the Authenticated user role will be given to any user who is logged in to your site. From the <a href=":settings">Account settings</a> page, you can make any role into an Administrator role for the site, meaning that role will be granted all new permissions automatically. You should be careful to ensure that only trusted users are given this access and level of control of your site.', [':role' => \Drupal::url('entity.user_role.collection'), ':settings' => \Drupal::url('entity.user.admin_form')]) . '</p>'; 99 return '<p>' . t('Permissions let you control what users can do and see on your site. You can define a specific set of permissions for each role. (See the <a href=":role">Roles</a> page to create a role.) Any permissions granted to the Authenticated user role will be given to any user who is logged in to your site. From the <a href=":settings">Account settings</a> page, you can make any role into an Administrator role for the site, meaning that role will be granted all new permissions automatically. You should be careful to ensure that only trusted users are given this access and level of control of your site.', [':role' => Url::fromRoute('entity.user_role.collection')->toString(), ':settings' => Url::fromRoute('entity.user.admin_form')->toString()]) . '</p>';
99 100
100 case 'entity.user_role.collection': 101 case 'entity.user_role.collection':
101 return '<p>' . t('A role defines a group of users that have certain privileges. These privileges are defined on the <a href=":permissions">Permissions page</a>. Here, you can define the names and the display sort order of the roles on your site. It is recommended to order roles from least permissive (for example, Anonymous user) to most permissive (for example, Administrator user). Users who are not logged in have the Anonymous user role. Users who are logged in have the Authenticated user role, plus any other roles granted to their user account.', [':permissions' => \Drupal::url('user.admin_permissions')]) . '</p>'; 102 return '<p>' . t('A role defines a group of users that have certain privileges. These privileges are defined on the <a href=":permissions">Permissions page</a>. Here, you can define the names and the display sort order of the roles on your site. It is recommended to order roles from least permissive (for example, Anonymous user) to most permissive (for example, Administrator user). Users who are not logged in have the Anonymous user role. Users who are logged in have the Authenticated user role, plus any other roles granted to their user account.', [':permissions' => Url::fromRoute('user.admin_permissions')->toString()]) . '</p>';
102 103
103 case 'entity.user.field_ui_fields': 104 case 'entity.user.field_ui_fields':
104 return '<p>' . t('This form lets administrators add and edit fields for storing user data.') . '</p>'; 105 return '<p>' . t('This form lets administrators add and edit fields for storing user data.') . '</p>';
105 106
106 case 'entity.entity_form_display.user.default': 107 case 'entity.entity_form_display.user.default':
197 * loading a user object which has been altered during the page request. 198 * loading a user object which has been altered during the page request.
198 * 199 *
199 * @return array 200 * @return array
200 * An array of user objects, indexed by uid. 201 * An array of user objects, indexed by uid.
201 * 202 *
202 * @see entity_load_multiple() 203 * @deprecated in Drupal 8.0.0 and will be removed before Drupal 9.0.0. Use
203 * @see \Drupal\user\Entity\User::load() 204 * \Drupal\user\Entity\User::loadMultiple().
204 * @see user_load_by_mail() 205 *
205 * @see user_load_by_name() 206 * @see https://www.drupal.org/node/2266845
206 * @see \Drupal\Core\Entity\Query\QueryInterface
207 *
208 * @deprecated in Drupal 8.x, will be removed before Drupal 9.0.
209 * Use \Drupal\user\Entity\User::loadMultiple().
210 */ 207 */
211 function user_load_multiple(array $uids = NULL, $reset = FALSE) { 208 function user_load_multiple(array $uids = NULL, $reset = FALSE) {
209 @trigger_error('user_load_multiple() is deprecated in Drupal 8.0.0 and will be removed before Drupal 9.0.0. Use \Drupal\user\Entity\User::loadMultiple(). See https://www.drupal.org/node/2266845', E_USER_DEPRECATED);
212 if ($reset) { 210 if ($reset) {
213 \Drupal::entityManager()->getStorage('user')->resetCache($uids); 211 \Drupal::entityManager()->getStorage('user')->resetCache($uids);
214 } 212 }
215 return User::loadMultiple($uids); 213 return User::loadMultiple($uids);
216 } 214 }
226 * 224 *
227 * @return \Drupal\user\UserInterface 225 * @return \Drupal\user\UserInterface
228 * A fully-loaded user object upon successful user load, or NULL if the user 226 * A fully-loaded user object upon successful user load, or NULL if the user
229 * cannot be loaded. 227 * cannot be loaded.
230 * 228 *
231 * @deprecated in Drupal 8.x, will be removed before Drupal 9.0. 229 * @deprecated iin Drupal 8.0.0 and will be removed before Drupal 9.0.0. Use
232 * Use \Drupal\user\Entity\User::load(). 230 * Drupal\user\Entity\User::load().
233 * 231 *
234 * @see \Drupal\user\Entity\User::loadMultiple() 232 * @see https://www.drupal.org/node/2266845
235 */ 233 */
236 function user_load($uid, $reset = FALSE) { 234 function user_load($uid, $reset = FALSE) {
235 @trigger_error('user_load() is deprecated in Drupal 8.0.0 and will be removed before Drupal 9.0.0. Use \Drupal\user\Entity\User::load(). See https://www.drupal.org/node/2266845', E_USER_DEPRECATED);
237 if ($reset) { 236 if ($reset) {
238 \Drupal::entityManager()->getStorage('user')->resetCache([$uid]); 237 \Drupal::entityManager()->getStorage('user')->resetCache([$uid]);
239 } 238 }
240 return User::load($uid); 239 return User::load($uid);
241 } 240 }
407 function user_user_view_alter(array &$build, UserInterface $account, EntityViewDisplayInterface $display) { 406 function user_user_view_alter(array &$build, UserInterface $account, EntityViewDisplayInterface $display) {
408 if (user_picture_enabled() && !empty($build['user_picture'])) { 407 if (user_picture_enabled() && !empty($build['user_picture'])) {
409 foreach (Element::children($build['user_picture']) as $key) { 408 foreach (Element::children($build['user_picture']) as $key) {
410 $item = $build['user_picture'][$key]['#item']; 409 $item = $build['user_picture'][$key]['#item'];
411 if (!$item->get('alt')->getValue()) { 410 if (!$item->get('alt')->getValue()) {
412 $item->get('alt')->setValue(\Drupal::translation()->translate('Profile picture for user @username', ['@username' => $account->getUsername()])); 411 $item->get('alt')->setValue(\Drupal::translation()->translate('Profile picture for user @username', ['@username' => $account->getAccountName()]));
413 } 412 }
414 } 413 }
415 } 414 }
416 } 415 }
417 416
490 // that won't break tables by being too long. Keep an unshortened, 489 // that won't break tables by being too long. Keep an unshortened,
491 // unsanitized version, in case other preprocess functions want to implement 490 // unsanitized version, in case other preprocess functions want to implement
492 // their own shortening logic or add markup. If they do so, they must ensure 491 // their own shortening logic or add markup. If they do so, they must ensure
493 // that $variables['name'] is safe for printing. 492 // that $variables['name'] is safe for printing.
494 $name = $account->getDisplayName(); 493 $name = $account->getDisplayName();
495 $variables['name_raw'] = $account->getUsername(); 494 $variables['name_raw'] = $account->getAccountName();
496 if (mb_strlen($name) > 20) { 495 if (mb_strlen($name) > 20) {
497 $name = Unicode::truncate($name, 15, FALSE, TRUE); 496 $name = Unicode::truncate($name, 15, FALSE, TRUE);
498 $variables['truncated'] = TRUE; 497 $variables['truncated'] = TRUE;
499 } 498 }
500 else { 499 else {
501 $variables['truncated'] = FALSE; 500 $variables['truncated'] = FALSE;
502 } 501 }
503 $variables['name'] = $name; 502 $variables['name'] = $name;
504 $variables['profile_access'] = \Drupal::currentUser()->hasPermission('access user profiles'); 503 if ($account instanceof AccessibleInterface) {
504 $variables['profile_access'] = $account->access('view');
505 }
506 else {
507 $variables['profile_access'] = \Drupal::currentUser()->hasPermission('access user profiles');
508 }
505 509
506 $external = FALSE; 510 $external = FALSE;
507 // Populate link path and attributes if appropriate. 511 // Populate link path and attributes if appropriate.
508 if ($variables['uid'] && $variables['profile_access']) { 512 if ($variables['uid'] && $variables['profile_access']) {
509 // We are linking to a local user. 513 // We are linking to a local user.
547 * 551 *
548 * @see hook_user_login() 552 * @see hook_user_login()
549 */ 553 */
550 function user_login_finalize(UserInterface $account) { 554 function user_login_finalize(UserInterface $account) {
551 \Drupal::currentUser()->setAccount($account); 555 \Drupal::currentUser()->setAccount($account);
552 \Drupal::logger('user')->notice('Session opened for %name.', ['%name' => $account->getUsername()]); 556 \Drupal::logger('user')->notice('Session opened for %name.', ['%name' => $account->getAccountName()]);
553 // Update the user table timestamp noting user has logged in. 557 // Update the user table timestamp noting user has logged in.
554 // This is also used to invalidate one-time login links. 558 // This is also used to invalidate one-time login links.
555 $account->setLastLoginTime(REQUEST_TIME); 559 $account->setLastLoginTime(REQUEST_TIME);
556 \Drupal::entityManager() 560 \Drupal::entityManager()
557 ->getStorage('user') 561 ->getStorage('user')
599 * they can change their password. 603 * they can change their password.
600 */ 604 */
601 function user_pass_reset_url($account, $options = []) { 605 function user_pass_reset_url($account, $options = []) {
602 $timestamp = REQUEST_TIME; 606 $timestamp = REQUEST_TIME;
603 $langcode = isset($options['langcode']) ? $options['langcode'] : $account->getPreferredLangcode(); 607 $langcode = isset($options['langcode']) ? $options['langcode'] : $account->getPreferredLangcode();
604 return \Drupal::url('user.reset', 608 return Url::fromRoute('user.reset',
605 [ 609 [
606 'uid' => $account->id(), 610 'uid' => $account->id(),
607 'timestamp' => $timestamp, 611 'timestamp' => $timestamp,
608 'hash' => user_pass_rehash($account, $timestamp), 612 'hash' => user_pass_rehash($account, $timestamp),
609 ], 613 ],
610 [ 614 [
611 'absolute' => TRUE, 615 'absolute' => TRUE,
612 'language' => \Drupal::languageManager()->getLanguage($langcode), 616 'language' => \Drupal::languageManager()->getLanguage($langcode),
613 ] 617 ]
614 ); 618 )->toString();
615 } 619 }
616 620
617 /** 621 /**
618 * Generates a URL to confirm an account cancellation request. 622 * Generates a URL to confirm an account cancellation request.
619 * 623 *
633 */ 637 */
634 function user_cancel_url(UserInterface $account, $options = []) { 638 function user_cancel_url(UserInterface $account, $options = []) {
635 $timestamp = REQUEST_TIME; 639 $timestamp = REQUEST_TIME;
636 $langcode = isset($options['langcode']) ? $options['langcode'] : $account->getPreferredLangcode(); 640 $langcode = isset($options['langcode']) ? $options['langcode'] : $account->getPreferredLangcode();
637 $url_options = ['absolute' => TRUE, 'language' => \Drupal::languageManager()->getLanguage($langcode)]; 641 $url_options = ['absolute' => TRUE, 'language' => \Drupal::languageManager()->getLanguage($langcode)];
638 return \Drupal::url('user.cancel_confirm', [ 642 return Url::fromRoute('user.cancel_confirm', [
639 'user' => $account->id(), 643 'user' => $account->id(),
640 'timestamp' => $timestamp, 644 'timestamp' => $timestamp,
641 'hashed_pass' => user_pass_rehash($account, $timestamp), 645 'hashed_pass' => user_pass_rehash($account, $timestamp),
642 ], $url_options); 646 ], $url_options)->toString();
643 } 647 }
644 648
645 /** 649 /**
646 * Creates a unique hash value for use in time-dependent per-user URLs. 650 * Creates a unique hash value for use in time-dependent per-user URLs.
647 * 651 *
972 $replacements['[user:one-time-login-url]'] = user_pass_reset_url($data['user'], $options); 976 $replacements['[user:one-time-login-url]'] = user_pass_reset_url($data['user'], $options);
973 $replacements['[user:cancel-url]'] = user_cancel_url($data['user'], $options); 977 $replacements['[user:cancel-url]'] = user_cancel_url($data['user'], $options);
974 } 978 }
975 } 979 }
976 980
977 /*** Administrative features ***********************************************/
978
979 /** 981 /**
980 * Retrieves the names of roles matching specified conditions. 982 * Retrieves the names of roles matching specified conditions.
981 * 983 *
982 * @param bool $membersonly 984 * @param bool $membersonly
983 * (optional) Set this to TRUE to exclude the 'anonymous' role. Defaults to 985 * (optional) Set this to TRUE to exclude the 'anonymous' role. Defaults to
1279 'sameAsUsername' => t('Make it different from your username'), 1281 'sameAsUsername' => t('Make it different from your username'),
1280 'weak' => t('Weak'), 1282 'weak' => t('Weak'),
1281 'fair' => t('Fair'), 1283 'fair' => t('Fair'),
1282 'good' => t('Good'), 1284 'good' => t('Good'),
1283 'strong' => t('Strong'), 1285 'strong' => t('Strong'),
1284 'username' => \Drupal::currentUser()->getUsername(), 1286 'username' => \Drupal::currentUser()->getAccountName(),
1285 ]; 1287 ];
1286 } 1288 }
1287 1289
1288 $element['#attached']['library'][] = 'user/drupal.user'; 1290 $element['#attached']['library'][] = 'user/drupal.user';
1289 $element['#attached']['drupalSettings']['password'] = $password_settings; 1291 $element['#attached']['drupalSettings']['password'] = $password_settings;