Mercurial > hg > isophonics-drupal-site
view core/modules/user/src/Plugin/Action/RemoveRoleUser.php @ 13:5fb285c0d0e3
Update Drupal core to 8.4.7 via Composer. Security update; I *think* we've
been lucky to get away with this so far, as we don't support self-registration
which seems to be used by the so-called "drupalgeddon 2" attack that 8.4.5
was vulnerable to.
| author | Chris Cannam |
|---|---|
| date | Mon, 23 Apr 2018 09:33:26 +0100 |
| parents | 4c8ae668cc8c |
| children |
line wrap: on
line source
<?php namespace Drupal\user\Plugin\Action; /** * Removes a role from a user. * * @Action( * id = "user_remove_role_action", * label = @Translation("Remove a role from the selected users"), * type = "user" * ) */ class RemoveRoleUser extends ChangeUserRoleBase { /** * {@inheritdoc} */ public function execute($account = NULL) { $rid = $this->configuration['rid']; // Skip removing the role from the user if they already don't have it. if ($account !== FALSE && $account->hasRole($rid)) { // For efficiency manually save the original account before applying // any changes. $account->original = clone $account; $account->removeRole($rid); $account->save(); } } }