From fa9e2b51ba387078bd8c225d351ca339f038a931 Mon Sep 17 00:00:00 2001
From: Alex Pott <alex.a.pott@googlemail.com>
Date: Sun, 8 Jun 2014 19:07:03 -0500
Subject: [PATCH] Issue #2248969 by tstoeckler: Default the user status field
 to FALSE.

---
 .../src/Tests/EntityReferenceAutocompleteTest.php        | 4 ++--
 core/modules/user/src/Entity/User.php                    | 5 +----
 core/modules/user/src/RegisterForm.php                   | 9 +++++++++
 core/modules/user/src/Tests/UserCacheTagsTest.php        | 1 +
 core/modules/user/user.install                           | 1 +
 5 files changed, 14 insertions(+), 6 deletions(-)

diff --git a/core/modules/entity_reference/src/Tests/EntityReferenceAutocompleteTest.php b/core/modules/entity_reference/src/Tests/EntityReferenceAutocompleteTest.php
index ff59b8b04910..1a3d934c1af6 100644
--- a/core/modules/entity_reference/src/Tests/EntityReferenceAutocompleteTest.php
+++ b/core/modules/entity_reference/src/Tests/EntityReferenceAutocompleteTest.php
@@ -140,9 +140,9 @@ protected function getAutocompleteResult($type, $input) {
    */
   public function testBaseField() {
     // Add two users.
-    $user_1 = entity_create('user', array('name' => 'auto1'));
+    $user_1 = entity_create('user', array('name' => 'auto1', 'status' => TRUE));
     $user_1->save();
-    $user_2 = entity_create('user', array('name' => 'auto2'));
+    $user_2 = entity_create('user', array('name' => 'auto2', 'status' => TRUE));
     $user_2->save();
 
     $request = Request::create('entity_reference/autocomplete/single/user_id/entity_test/entity_test/NULL');
diff --git a/core/modules/user/src/Entity/User.php b/core/modules/user/src/Entity/User.php
index 06e1ad1eea88..3cc77b730fdd 100644
--- a/core/modules/user/src/Entity/User.php
+++ b/core/modules/user/src/Entity/User.php
@@ -504,10 +504,7 @@ public static function baseFieldDefinitions(EntityTypeInterface $entity_type) {
     $fields['status'] = FieldDefinition::create('boolean')
       ->setLabel(t('User status'))
       ->setDescription(t('Whether the user is active or blocked.'))
-      // @todo As the status has access implications users should be created as
-      //   blocked by default and activated explicitly if needed. See
-      //   https://drupal.org/node/2248969.
-      ->setSetting('default_value', TRUE);
+      ->setSetting('default_value', FALSE);
 
     $fields['created'] = FieldDefinition::create('created')
       ->setLabel(t('Created'))
diff --git a/core/modules/user/src/RegisterForm.php b/core/modules/user/src/RegisterForm.php
index 30f3018077d3..2acbcd36b722 100644
--- a/core/modules/user/src/RegisterForm.php
+++ b/core/modules/user/src/RegisterForm.php
@@ -29,6 +29,7 @@ public function __construct(EntityManagerInterface $entity_manager, LanguageMana
    */
   public function form(array $form, array &$form_state) {
     $user = $this->currentUser();
+    /** @var \Drupal\user\UserInterface $account */
     $account = $this->entity;
     $admin = $user->hasPermission('administer users');
     // Pass access information to the submit handler. Running an access check
@@ -47,6 +48,14 @@ public function form(array $form, array &$form_state) {
     $form['#attached']['library'][] = 'core/jquery.cookie';
     $form['#attributes']['class'][] = 'user-info-from-cookie';
 
+    // Because the user status has security implications, users are blocked by
+    // default when created programmatically and need to be actively activated
+    // if needed. When administrators create users from the user interface,
+    // however, we assume that they should be created as activated by default.
+    if ($admin) {
+      $account->activate();
+    }
+
     // Start with the default user account fields.
     $form = parent::form($form, $form_state, $account);
 
diff --git a/core/modules/user/src/Tests/UserCacheTagsTest.php b/core/modules/user/src/Tests/UserCacheTagsTest.php
index a80be506178c..1d8155328a23 100644
--- a/core/modules/user/src/Tests/UserCacheTagsTest.php
+++ b/core/modules/user/src/Tests/UserCacheTagsTest.php
@@ -46,6 +46,7 @@ protected function createEntity() {
     // Create a "Llama" user.
     $user = entity_create('user', array(
       'name' => 'Llama',
+      'status' => TRUE,
     ));
     $user->save();
 
diff --git a/core/modules/user/user.install b/core/modules/user/user.install
index e0658c5045f6..eca1692cbec6 100644
--- a/core/modules/user/user.install
+++ b/core/modules/user/user.install
@@ -84,6 +84,7 @@ function user_install() {
       'uid' => 1,
       'name' => 'placeholder-for-uid-1',
       'mail' => 'placeholder-for-uid-1',
+      'status' => TRUE,
       'langcode' => $langcode,
     ))
     ->save();
-- 
GitLab