I've come up against a usability problem that I think is caused by a problem in Drupal's data model.
Example of problem: When setting block visibility settings, it is impossible (without writing custom php), to make a block visible to authenticated users who have no other role, if you don't want that block to show to all authenticated users. In other words, you may want to show the block to all authenticated users except those of belonging to role x. No can do without php.
That's just one simple example. But the problem exists anytime one sees "authenticated user" in a list with other roles because "authenticated user" doesn't mean the same thing as other roles in the list.
One approach toward solving this would be to require the assignment of a role for each user upon registration. Site admins would be required to define a default user role. All authenticated users would be required to have at least one role. Maybe some of the code from the Auto Assign Role module could be used for this.
Meanwhile, "anonymous user" and "authenticated user" would be pulled out of the roles table. Drupal doesn't use the roles table or the user_roles table to determine whether a user is anonymous or authenticated. It relies on the sessions table for that.
It's clearly important that "Anonymous users" should still show up on any lists determining visibility, permissions, etc, but it should be possible to provide that functionality without having "anonymous user" still in the roles table. But even if anonymous user needs to stay in the roles table, seems like "authenticated user" really needs to go.
This topic must have been discussed at length somewhere else, but my searches didn't yield anything.
Curious to hear your responses and/or references to other places where this issue has been discussed.
Shai
<a href="http://content2zero.com>content2zero
Comments
Hello, Shai, This thread
Hello, Shai,
This thread relates to what you are discussing -- the default behavior used to be closer to what you described: ie, users did not have to be authenticated users. This issue addresses that: http://drupal.org/node/44379
IIRC, there was some accompanying discussion on the devel list, but some quick googling didn't find that.
Cheers,
Bill
FunnyMonkey
Tools for Teachers
FunnyMonkey
Do Folks Think This Should be Addressed in D7?
Bill and others,
Thanks Bill for the reference. I visited that thread and it seems like something was fixed -- the problem of a registered user having no role assigned -- by causing a new problem-- "authenticated user" includes all roles and so its not a role like other roles, causing all kinds of role-based usability problems.
The workaround is fairly easy. Install Auto Assign Roll and assign a role, other than "authenticated user" to every registered user. Most newbies to Drupal who face this problem will suffer a lot before they find the easy workaround.
Personally, I think this is a pretty significant usability problem and should be addressed in core. Because of the inelegant way that roles are handled, we force site admins to climb a steep learning curve in order to understand how roles work in Drupal. I think it is important enough to try to get a change in D7. But I wouldn't start working on it, lobbying for it, unless other people think it is significant.
What do others here in usability think?
Shai
content2zero
Shai Gluskin
Content2zero
http://drupal.org/node/64861
http://drupal.org/node/64861 Is coming very close to what you're talking about I think. There's a few issues with both the hard coding of authenticated users, and also user/1 - would be nice to tidy all that up - and I agree with everything you said otherwise.
Thanks catch, I've posted to
Thanks catch,
I've posted to that thread at: http://drupal.org/node/64861#comment-848718
Shai
Shai Gluskin
Content2zero
help me
i disable some module from my drupal site, when i save it, my site just started shown "The requested page could not be found" but home page is showing while the other pages are not showing including the administer.