[drupal-devel] [feature] introduce a "cron" user to fix various cron related issues

Chris Johnson drupal-devel at drupal.org
Sun Mar 13 19:18:07 UTC 2005 

Issue status update for http://drupal.org/node/5380

 Project:      Drupal
 Version:      cvs
 Component:    user system
 Category:     feature requests
 Priority:     normal
 Assigned to:  Anonymous
 Reported by:  ax
 Updated by:   Chris Johnson
 Status:       patch
 Attachment:   http://drupal.org/files/issues/cron_uid2.patch (3.19 KB)

Previous patch still applies cleanly to HEAD and code algorith looks
good on inspection.  However, there are some style problems and one
ugly bit using StdClass(), so I have re-rolled the patch.


Chris Johnson



Previous comments:
------------------------------------------------------------------------

January 23, 2004 - 17:33 : ax

we currently have some problems caused by the undefined state of $user
in the cause of cron runs. sometimes it's "Anonymous", sometimes it
picks up the currently logged in user (i think). I stumbled upon this
when reading issues closed by "Anonymous" caused by the automatic cron
closure when issues are fixed. i always think "isn't it strange that
"Anonymous" can close issues just as she feels like?" there are quite
some related issues - search this site for "cron user".
couldn't a cron user solve these problems? a la if (REQUEST_URI) ==
cron.php then $user = <cron_user>, with <cron_user> having some special
properties such as showing "Automatically" for closed issues, being
possible to excluded in statistics, putting the rss author from
imported rss nodes into nodes author field, having special access
checks etc.
i didn't think about this much, but thought it is worth filing here.
please discuss, elaborate - and don't flame me if i'm too off ;)


------------------------------------------------------------------------

February 10, 2004 - 23:04 : Chris Johnson

Sounds like a good idea to me.  It's one of many things I'd like to
change if I get time to work on it.


------------------------------------------------------------------------

September 27, 2004 - 13:25 : Philippe

Couln't we just write this in cron.php:

<?php
$cronuser = variable_get('cron_cronuser','nobody');
if ($cronuser = 'nobody'){
  $user = user_load(array()); //I believe this results in Anonymous??
}else{
  $user = user_load(array('name' => $cronuser));
}
?>


We can set the variable cron_cronuser in a page like admin/cron. If the
site administrator doesn't set a value, cron uses Anonymous for
everything (not some user that happens to be logged on). If a valid
user name is set, the site admin can give the cron user special
privileges.


------------------------------------------------------------------------

October 1, 2004 - 12:41 : Philippe

Setting the user like this in cron.php sends a cookie. (How? Where? Can
we prevent this?) So everybody can get "cron" privileges by loading
cron.php once. We could fix this by making cron.php accessible only
from localhost (in .htaccess). 
Any ideas?


------------------------------------------------------------------------

October 1, 2004 - 15:11 : Philippe

Attachment: http://drupal.org/files/issues/cron_uid.patch (3.62 KB)

This patch lets the admin select a UID for cron in the admin/settings
page. The variable name in which this is stored is 'cron_uid'. When
cron.php is loaded, it sets a variable $cron_is_running. If this
variable is set, no session will be opened (and no cookies will be
sent). The cron page will use the Anonymous user (uid==0) if cron_uid
is not set.
Note that the site admin should create a "cron" user before setting the
UID.

More information about the drupal-devel mailing list