Issue #2433281 by neclimdul, mrjmd: Move Role Constants on to a Class/Interface

core/includes/bootstrap.inc

@@ -13,6 +13,7 @@ use Drupal\Component\Utility\Unicode;
 use Drupal\Core\DrupalKernel;
 use Drupal\Core\Extension\ExtensionDiscovery;
 use Drupal\Core\Logger\RfcLogLevel;
+use Drupal\Core\Session\AccountInterface;
 use Drupal\Core\Site\Settings;
 use Drupal\Core\Utility\Error;
 use Symfony\Component\ClassLoader\ApcClassLoader;
@@ -55,13 +56,21 @@ const ERROR_REPORTING_DISPLAY_VERBOSE = 'verbose';
 
 /**
  * Role ID for anonymous users; should match what's in the "role" table.
+ *
+ * @deprecated in Drupal 8.0.0, will be removed before Drupal 9.0.0.
+ *   Use Drupal\Core\Session\AccountInterface::ANONYMOUS_ROLE or
+ *   \Drupal\user\RoleInterface::ANONYMOUS_ID instead.
  */
-const DRUPAL_ANONYMOUS_RID = 'anonymous';
+const DRUPAL_ANONYMOUS_RID = AccountInterface::ANONYMOUS_ROLE;
 
 /**
  * Role ID for authenticated users; should match what's in the "role" table.
+ *
+ * @deprecated in Drupal 8.0.0, will be removed before Drupal 9.0.0.
+ *   Use Drupal\Core\Session\AccountInterface::AUTHENTICATED_ROLE or
+ *   \Drupal\user\RoleInterface::AUTHENTICATED_ID instead.
  */
-const DRUPAL_AUTHENTICATED_RID = 'authenticated';
+const DRUPAL_AUTHENTICATED_RID = AccountInterface::AUTHENTICATED_ROLE;
 
 /**
  * The maximum number of characters in a module or theme name.

core/lib/Drupal/Core/Session/AccountInterface.php

@@ -17,6 +17,16 @@ namespace Drupal\Core\Session;
  */
 interface AccountInterface {
 
+  /**
+   * Role ID for anonymous users.
+   */
+  const ANONYMOUS_ROLE = 'anonymous';
+
+  /**
+   * Role ID for authenticated users.
+   */
+  const AUTHENTICATED_ROLE = 'authenticated';
+
   /**
    * Returns the user ID or 0 for anonymous.
    *

core/lib/Drupal/Core/Session/SessionHandler.php

@@ -86,7 +86,7 @@ class SessionHandler extends AbstractProxy implements \SessionHandlerInterface {
       $rids = $this->connection->query("SELECT ur.roles_target_id as rid FROM {user__roles} ur WHERE ur.entity_id = :uid", array(
         ':uid' => $values['uid'],
       ))->fetchCol();
-      $values['roles'] = array_merge(array(DRUPAL_AUTHENTICATED_RID), $rids);
+      $values['roles'] = array_merge(array(AccountInterface::AUTHENTICATED_ROLE), $rids);
       $_session_user = new UserSession($values);
     }
     elseif ($values) {

core/lib/Drupal/Core/Session/UserSession.php

@@ -28,7 +28,7 @@ class UserSession implements AccountInterface {
    *
    * @var array
    */
-  protected $roles = array('anonymous');
+  protected $roles = array(AccountInterface::ANONYMOUS_ROLE);
 
   /**
    * Session ID.
@@ -126,7 +126,7 @@ class UserSession implements AccountInterface {
     $roles = $this->roles;
 
     if ($exclude_locked_roles) {
-      $roles = array_values(array_diff($roles, array(DRUPAL_ANONYMOUS_RID, DRUPAL_AUTHENTICATED_RID)));
+      $roles = array_values(array_diff($roles, array(AccountInterface::ANONYMOUS_ROLE, AccountInterface::AUTHENTICATED_ROLE)));
     }
 
     return $roles;

core/modules/aggregator/src/Tests/FeedCacheTagsTest.php

@@ -10,6 +10,7 @@ namespace Drupal\aggregator\Tests;
 use Drupal\aggregator\Entity\Feed;
 use Drupal\system\Tests\Entity\EntityWithUriCacheTagsTestBase;
 use Drupal\user\Entity\Role;
+use Drupal\user\RoleInterface;
 
 /**
  * Tests the Feed entity's cache tags.
@@ -31,7 +32,7 @@ class FeedCacheTagsTest extends EntityWithUriCacheTagsTestBase {
 
     // Give anonymous users permission to access feeds, so that we can verify
     // the cache tags of cached versions of feeds.
-    $user_role = Role::load(DRUPAL_ANONYMOUS_RID);
+    $user_role = Role::load(RoleInterface::ANONYMOUS_ID);
     $user_role->grantPermission('access news feeds');
     $user_role->save();
   }

core/modules/aggregator/src/Tests/ItemCacheTagsTest.php

@@ -11,6 +11,7 @@ use Drupal\aggregator\Entity\Feed;
 use Drupal\aggregator\Entity\Item;
 use Drupal\system\Tests\Entity\EntityCacheTagsTestBase;
 use Drupal\user\Entity\Role;
+use Drupal\user\RoleInterface;
 
 /**
  * Tests the Item entity's cache tags.
@@ -32,7 +33,7 @@ class ItemCacheTagsTest extends EntityCacheTagsTestBase {
 
     // Give anonymous users permission to access feeds, so that we can verify
     // the cache tags of cached versions of feed items.
-    $user_role = Role::load(DRUPAL_ANONYMOUS_RID);
+    $user_role = Role::load(RoleInterface::ANONYMOUS_ID);
     $user_role->grantPermission('access news feeds');
     $user_role->save();
   }

core/modules/block/src/Tests/BlockTest.php

@@ -12,6 +12,7 @@ use Drupal\Core\Cache\Cache;
 use Drupal\simpletest\WebTestBase;
 use Drupal\Component\Utility\String;
 use Drupal\block\Entity\Block;
+use Drupal\user\RoleInterface;
 
 /**
  * Tests basic block functionality.
@@ -38,7 +39,7 @@ class BlockTest extends BlockTestBase {
     // authenticated users.
     $edit['visibility[request_path][pages]'] = 'user*';
     $edit['visibility[request_path][negate]'] = TRUE;
-    $edit['visibility[user_role][roles][' . DRUPAL_AUTHENTICATED_RID . ']'] = TRUE;
+    $edit['visibility[user_role][roles][' . RoleInterface::AUTHENTICATED_ID . ']'] = TRUE;
     $this->drupalPostForm('admin/structure/block/add/' . $block_name . '/' . $default_theme, $edit, t('Save block'));
     $this->assertText('The block configuration has been saved.', 'Block was saved');
 
@@ -74,13 +75,13 @@ class BlockTest extends BlockTestBase {
     );
     $block_id = $edit['id'];
     // Set the block to be shown only to authenticated users.
-    $edit['visibility[user_role][roles][' . DRUPAL_AUTHENTICATED_RID . ']'] = TRUE;
+    $edit['visibility[user_role][roles][' . RoleInterface::AUTHENTICATED_ID . ']'] = TRUE;
     $this->drupalPostForm('admin/structure/block/add/' . $block_name . '/' . $default_theme, $edit, t('Save block'));
     $this->clickLink('Configure');
     $this->assertFieldChecked('edit-visibility-user-role-roles-authenticated');
 
     $edit = [
-      'visibility[user_role][roles][' . DRUPAL_AUTHENTICATED_RID . ']' => FALSE,
+      'visibility[user_role][roles][' . RoleInterface::AUTHENTICATED_ID . ']' => FALSE,
     ];
     $this->drupalPostForm(NULL, $edit, 'Save block');
     $this->clickLink('Configure');

core/modules/book/src/Tests/BookTest.php

@@ -10,6 +10,7 @@ namespace Drupal\book\Tests;
 use Drupal\Component\Utility\String;
 use Drupal\Core\Entity\EntityInterface;
 use Drupal\simpletest\WebTestBase;
+use Drupal\user\RoleInterface;
 
 /**
  * Create a book, add pages, and test book interface.
@@ -367,7 +368,7 @@ class BookTest extends WebTestBase {
     // Now grant anonymous users permission to view the printer-friendly
     // version and verify that node access restrictions still prevent them from
     // seeing it.
-    user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array('access printer-friendly version'));
+    user_role_grant_permissions(RoleInterface::ANONYMOUS_ID, array('access printer-friendly version'));
     $this->drupalGet('book/export/html/' . $this->book->id());
     $this->assertResponse('403', 'Anonymous user properly forbidden from seeing the printer-friendly version when denied by node access.');
   }
@@ -383,8 +384,8 @@ class BookTest extends WebTestBase {
 
     // Give anonymous users the permission 'node test view'.
     $edit = array();
-    $edit[DRUPAL_ANONYMOUS_RID . '[node test view]'] = TRUE;
+    $edit[RoleInterface::ANONYMOUS_ID . '[node test view]'] = TRUE;
-    $this->drupalPostForm('admin/people/permissions/' . DRUPAL_ANONYMOUS_RID, $edit, t('Save permissions'));
+    $this->drupalPostForm('admin/people/permissions/' . RoleInterface::ANONYMOUS_ID, $edit, t('Save permissions'));
     $this->assertText(t('The changes have been saved.'), "Permission 'node test view' successfully assigned to anonymous users.");
 
     // Test correct display of the block.
@@ -404,8 +405,8 @@ class BookTest extends WebTestBase {
 
     // Give anonymous users the permission 'node test view'.
     $edit = array();
-    $edit[DRUPAL_ANONYMOUS_RID . '[node test view]'] = TRUE;
+    $edit[RoleInterface::ANONYMOUS_ID . '[node test view]'] = TRUE;
-    $this->drupalPostForm('admin/people/permissions/' . DRUPAL_ANONYMOUS_RID, $edit, t('Save permissions'));
+    $this->drupalPostForm('admin/people/permissions/' . RoleInterface::ANONYMOUS_ID, $edit, t('Save permissions'));
     $this->assertText(t('The changes have been saved.'), "Permission 'node test view' successfully assigned to anonymous users.");
 
     // Create a book.

core/modules/comment/comment.module

@@ -31,6 +31,7 @@ use Drupal\field\FieldStorageConfigInterface;
 use Drupal\file\FileInterface;
 use Drupal\user\EntityOwnerInterface;
 use Drupal\node\NodeInterface;
+use Drupal\user\RoleInterface;
 
 /**
  * Anonymous posters cannot enter their contact information.
@@ -439,10 +440,10 @@ function comment_node_update_index(EntityInterface $node, $langcode) {
     // comments.
     $index_comments = TRUE;
     $roles = \Drupal::entityManager()->getStorage('user_role')->loadMultiple();
-    $authenticated_can_access = $roles[DRUPAL_AUTHENTICATED_RID]->hasPermission('access comments');
+    $authenticated_can_access = $roles[RoleInterface::AUTHENTICATED_ID]->hasPermission('access comments');
     foreach ($roles as $rid => $role) {
       if ($role->hasPermission('search content') && !$role->hasPermission('access comments')) {
-        if ($rid == DRUPAL_AUTHENTICATED_RID || $rid == DRUPAL_ANONYMOUS_RID || !$authenticated_can_access) {
+        if ($rid == RoleInterface::AUTHENTICATED_ID || $rid == RoleInterface::ANONYMOUS_ID || !$authenticated_can_access) {
           $index_comments = FALSE;
           break;
         }

core/modules/comment/src/CommentManager.php

@@ -22,6 +22,7 @@ use Drupal\Core\StringTranslation\StringTranslationTrait;
 use Drupal\Core\StringTranslation\TranslationInterface;
 use Drupal\field\Entity\FieldStorageConfig;
 use Drupal\field\Entity\FieldConfig;
+use Drupal\user\RoleInterface;
 
 /**
  * Comment manager contains common functions to manage comment fields.
@@ -45,7 +46,7 @@ class CommentManager implements CommentManagerInterface {
   protected $queryFactory;
 
   /**
-   * Whether the DRUPAL_AUTHENTICATED_RID can post comments.
+   * Whether the \Drupal\user\RoleInterface::AUTHENTICATED_ID can post comments.
    *
    * @var bool
    */
@@ -154,7 +155,7 @@ class CommentManager implements CommentManagerInterface {
       // permission to post comments by logging in.
       $this->authenticatedCanPostComments = $this->entityManager
         ->getStorage('user_role')
-        ->load(DRUPAL_AUTHENTICATED_RID)
+        ->load(RoleInterface::AUTHENTICATED_ID)
         ->hasPermission('post comments');
     }
 

core/modules/comment/src/Tests/CommentAdminTest.php

@@ -7,6 +7,8 @@
 
 namespace Drupal\comment\Tests;
 
+use Drupal\user\RoleInterface;
+
 /**
  * Tests comment approval functionality.
  *
@@ -18,7 +20,7 @@ class CommentAdminTest extends CommentTestBase {
    */
   function testApprovalAdminInterface() {
     // Set anonymous comments to require approval.
-    user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array(
+    user_role_change_permissions(RoleInterface::ANONYMOUS_ID, array(
       'access comments' => TRUE,
       'post comments' => TRUE,
       'skip comment approval' => FALSE,
@@ -100,7 +102,7 @@ class CommentAdminTest extends CommentTestBase {
    */
   function testApprovalNodeInterface() {
     // Set anonymous comments to require approval.
-    user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array(
+    user_role_change_permissions(RoleInterface::ANONYMOUS_ID, array(
       'access comments' => TRUE,
       'post comments' => TRUE,
       'skip comment approval' => FALSE,
@@ -173,7 +175,7 @@ class CommentAdminTest extends CommentTestBase {
    */
   public function testEditComment() {
     // Enable anonymous user comments.
-    user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array(
+    user_role_grant_permissions(RoleInterface::ANONYMOUS_ID, array(
       'access comments',
       'post comments',
       'skip comment approval',

core/modules/comment/src/Tests/CommentAnonymousTest.php

@@ -7,6 +7,8 @@
 
 namespace Drupal\comment\Tests;
 
+use Drupal\user\RoleInterface;
+
 /**
  * Tests anonymous commenting.
  *
@@ -18,12 +20,12 @@ class CommentAnonymousTest extends CommentTestBase {
     parent::setUp();
 
     // Enable anonymous and authenticated user comments.
-    user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array(
+    user_role_grant_permissions(RoleInterface::ANONYMOUS_ID, array(
       'access comments',
       'post comments',
       'skip comment approval',
     ));
-    user_role_grant_permissions(DRUPAL_AUTHENTICATED_RID, array(
+    user_role_grant_permissions(RoleInterface::AUTHENTICATED_ID, array(
       'access comments',
       'post comments',
       'skip comment approval',
@@ -120,7 +122,7 @@ class CommentAnonymousTest extends CommentTestBase {
     $this->drupalLogout();
 
     // Reset.
-    user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array(
+    user_role_change_permissions(RoleInterface::ANONYMOUS_ID, array(
       'access comments' => FALSE,
       'post comments' => FALSE,
       'skip comment approval' => FALSE,
@@ -139,7 +141,7 @@ class CommentAnonymousTest extends CommentTestBase {
     $this->assertNoFieldByName('subject[0][value]', '', 'Subject field not found.');
     $this->assertNoFieldByName('comment_body[0][value]', '', 'Comment field not found.');
 
-    user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array(
+    user_role_change_permissions(RoleInterface::ANONYMOUS_ID, array(
       'access comments' => TRUE,
       'post comments' => FALSE,
       'skip comment approval' => FALSE,
@@ -149,7 +151,7 @@ class CommentAnonymousTest extends CommentTestBase {
     $this->assertLink('Log in', 1, 'Link to log in was found.');
     $this->assertLink('register', 1, 'Link to register was found.');
 
-    user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array(
+    user_role_change_permissions(RoleInterface::ANONYMOUS_ID, array(
       'access comments' => FALSE,
       'post comments' => TRUE,
       'skip comment approval' => TRUE,

core/modules/comment/src/Tests/CommentBlockTest.php

@@ -7,6 +7,7 @@
 
 namespace Drupal\comment\Tests;
 use Drupal\Component\Utility\String;
+use Drupal\user\RoleInterface;
 
 /**
  * Tests comment block functionality.
@@ -57,10 +58,10 @@ class CommentBlockTest extends CommentTestBase {
     // Test that a user without the 'access comments' permission cannot see the
     // block.
     $this->drupalLogout();
-    user_role_revoke_permissions(DRUPAL_ANONYMOUS_RID, array('access comments'));
+    user_role_revoke_permissions(RoleInterface::ANONYMOUS_ID, array('access comments'));
     $this->drupalGet('');
     $this->assertNoText(t('Recent comments'));
-    user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array('access comments'));
+    user_role_grant_permissions(RoleInterface::ANONYMOUS_ID, array('access comments'));
 
     // Test that a user with the 'access comments' permission can see the
     // block.

core/modules/comment/src/Tests/CommentCSSTest.php

@@ -9,6 +9,7 @@ namespace Drupal\comment\Tests;
 
 use Drupal\Core\Language\LanguageInterface;
 use Drupal\comment\CommentInterface;
+use Drupal\user\RoleInterface;
 
 /**
  * Tests CSS classes on comments.
@@ -21,7 +22,7 @@ class CommentCSSTest extends CommentTestBase {
     parent::setUp();
 
     // Allow anonymous users to see comments.
-    user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array(
+    user_role_grant_permissions(RoleInterface::ANONYMOUS_ID, array(
       'access comments',
       'access content'
     ));

core/modules/comment/src/Tests/CommentCacheTagsTest.php

@@ -12,6 +12,7 @@ use Drupal\Core\Entity\EntityInterface;
 use Drupal\field\Entity\FieldConfig;
 use Drupal\system\Tests\Entity\EntityWithUriCacheTagsTestBase;
 use Drupal\user\Entity\Role;
+use Drupal\user\RoleInterface;
 
 /**
  * Tests the Comment entity's cache tags.
@@ -35,7 +36,7 @@ class CommentCacheTagsTest extends EntityWithUriCacheTagsTestBase {
 
     // Give anonymous users permission to view comments, so that we can verify
     // the cache tags of cached versions of comment pages.
-    $user_role = Role::load(DRUPAL_ANONYMOUS_RID);
+    $user_role = Role::load(RoleInterface::ANONYMOUS_ID);
     $user_role->grantPermission('access comments');
     $user_role->save();
   }

core/modules/comment/src/Tests/CommentFieldAccessTest.php

@@ -15,6 +15,7 @@ use Drupal\field\Entity\FieldConfig;
 use Drupal\simpletest\TestBase;
 use Drupal\system\Tests\Entity\EntityUnitTestBase;
 use Drupal\user\Entity\Role;
+use Drupal\user\RoleInterface;
 
 /**
  * Tests comment field level access.
@@ -122,7 +123,7 @@ class CommentFieldAccessTest extends EntityUnitTestBase {
     // An unprivileged user.
     $comment_disabled_user = $this->createUser(['name' => 'disabled'], ['access content']);
 
-    $role = Role::load(DRUPAL_ANONYMOUS_RID);
+    $role = Role::load(RoleInterface::ANONYMOUS_ID);
     $role->grantPermission('post comments')
       ->save();
 

core/modules/comment/src/Tests/CommentInterfaceTest.php

@@ -10,6 +10,7 @@ namespace Drupal\comment\Tests;
 use Drupal\comment\CommentManagerInterface;
 use Drupal\comment\Plugin\Field\FieldType\CommentItemInterface;
 use Drupal\comment\Entity\Comment;
+use Drupal\user\RoleInterface;
 
 /**
  * Tests comment user interfaces.
@@ -52,7 +53,7 @@ class CommentInterfaceTest extends CommentTestBase {
 
     // Comment as anonymous with preview required.
     $this->drupalLogout();
-    user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array('access content', 'access comments', 'post comments', 'skip comment approval'));
+    user_role_grant_permissions(RoleInterface::ANONYMOUS_ID, array('access content', 'access comments', 'post comments', 'skip comment approval'));
     $anonymous_comment = $this->postComment($this->node, $this->randomMachineName(), $this->randomMachineName(), TRUE);
     $this->assertTrue($this->commentExists($anonymous_comment), 'Comment found.');
     $anonymous_comment->delete();

core/modules/comment/src/Tests/CommentLinksTest.php

@@ -10,6 +10,7 @@ namespace Drupal\comment\Tests;
 use Drupal\comment\Plugin\Field\FieldType\CommentItemInterface;
 use Drupal\Core\Language\LanguageInterface;
 use Drupal\comment\CommentInterface;
+use Drupal\user\RoleInterface;
 
 /**
  * Basic comment links tests to ensure markup present.
@@ -87,7 +88,7 @@ class CommentLinksTest extends CommentTestBase {
       'skip comment approval' => 1,
       'edit own comments' => 1,
     );
-    user_role_change_permissions(DRUPAL_ANONYMOUS_RID, $perms);
+    user_role_change_permissions(RoleInterface::ANONYMOUS_ID, $perms);
 
     $nid = $this->node->id();
 

core/modules/comment/src/Tests/CommentNonNodeTest.php

@@ -15,6 +15,7 @@ use Drupal\field\Entity\FieldStorageConfig;
 use Drupal\field_ui\Tests\FieldUiTestTrait;
 use Drupal\simpletest\WebTestBase;
 use Drupal\Core\Entity\EntityInterface;
+use Drupal\user\RoleInterface;
 
 /**
  * Tests commenting on a test entity.
@@ -75,12 +76,12 @@ class CommentNonNodeTest extends WebTestBase {
     ));
 
     // Enable anonymous and authenticated user comments.
-    user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array(
+    user_role_grant_permissions(RoleInterface::ANONYMOUS_ID, array(
       'access comments',
       'post comments',
       'skip comment approval',
     ));
-    user_role_grant_permissions(DRUPAL_AUTHENTICATED_RID, array(
+    user_role_grant_permissions(RoleInterface::AUTHENTICATED_ID, array(
       'access comments',
       'post comments',
       'skip comment approval',
@@ -328,7 +329,7 @@ class CommentNonNodeTest extends WebTestBase {
     $this->drupalLogout();
 
     // Deny anonymous users access to comments.
-    user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array(
+    user_role_change_permissions(RoleInterface::ANONYMOUS_ID, array(
       'access comments' => FALSE,
       'post comments' => FALSE,
       'skip comment approval' => FALSE,
@@ -346,7 +347,7 @@ class CommentNonNodeTest extends WebTestBase {
     $this->assertNoFieldByName('subject[0][value]', '', 'Subject field not found.');
     $this->assertNoFieldByName('comment_body[0][value]', '', 'Comment field not found.');
 
-    user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array(
+    user_role_change_permissions(RoleInterface::ANONYMOUS_ID, array(
       'access comments' => TRUE,
       'post comments' => FALSE,
       'view test entity' => TRUE,
@@ -362,7 +363,7 @@ class CommentNonNodeTest extends WebTestBase {
     // Test the combination of anonymous users being able to post, but not view
     // comments, to ensure that access to post comments doesn't grant access to
     // view them.
-    user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array(
+    user_role_change_permissions(RoleInterface::ANONYMOUS_ID, array(
       'access comments' => FALSE,
       'post comments' => TRUE,
       'skip comment approval' => TRUE,

core/modules/comment/src/Tests/CommentStatisticsTest.php

@@ -9,6 +9,7 @@ namespace Drupal\comment\Tests;
 
 use Drupal\comment\CommentManagerInterface;
 use Drupal\comment\Entity\Comment;
+use Drupal\user\RoleInterface;
 
 /**
  * Tests comment statistics on nodes.
@@ -74,7 +75,7 @@ class CommentStatisticsTest extends CommentTestBase {
 
     // Prepare for anonymous comment submission (comment approval enabled).
     $this->drupalLogin($this->adminUser);
-    user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array(
+    user_role_change_permissions(RoleInterface::ANONYMOUS_ID, array(
       'access comments' => TRUE,
       'post comments' => TRUE,
       'skip comment approval' => FALSE,
@@ -98,7 +99,7 @@ class CommentStatisticsTest extends CommentTestBase {
 
     // Prepare for anonymous comment submission (no approval required).
     $this->drupalLogin($this->adminUser);
-    user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array(
+    user_role_change_permissions(RoleInterface::ANONYMOUS_ID, array(
       'access comments' => TRUE,
       'post comments' => TRUE,
       'skip comment approval' => TRUE,

core/modules/contact/src/Tests/ContactPersonalTest.php

@@ -10,6 +10,7 @@ namespace Drupal\contact\Tests;
 use Drupal\Component\Utility\String;
 use Drupal\Core\Session\AccountInterface;
 use Drupal\simpletest\WebTestBase;
+use Drupal\user\RoleInterface;
 
 /**
  * Tests personal contact form functionality.
@@ -144,7 +145,7 @@ class ContactPersonalTest extends WebTestBase {
 
     // Test that anonymous users can access the contact form.
     $this->drupalLogout();
-    user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array('access user contact forms'));
+    user_role_grant_permissions(RoleInterface::ANONYMOUS_ID, array('access user contact forms'));
     $this->drupalGet('user/' . $this->contactUser->id() . '/contact');
     $this->assertResponse(200);
 
@@ -153,7 +154,7 @@ class ContactPersonalTest extends WebTestBase {
     $this->assertResponse(200);
 
     // Revoke the personal contact permission for the anonymous user.
-    user_role_revoke_permissions(DRUPAL_ANONYMOUS_RID, array('access user contact forms'));
+    user_role_revoke_permissions(RoleInterface::ANONYMOUS_ID, array('access user contact forms'));
     $this->drupalGet('user/' . $this->contactUser->id() . '/contact');
     $this->assertResponse(403);
     $this->drupalGet('user/' . $this->adminUser->id() . '/contact');
@@ -247,7 +248,7 @@ class ContactPersonalTest extends WebTestBase {
    * Tests the personal contact form based access when an admin adds users.
    */
   function testAdminContact() {
-    user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array('access user contact forms'));
+    user_role_grant_permissions(RoleInterface::ANONYMOUS_ID, array('access user contact forms'));
     $this->checkContactAccess(200);
     $this->checkContactAccess(403, FALSE);
     $config = $this->config('contact.settings');

core/modules/contact/src/Tests/ContactSitewideTest.php

@@ -13,6 +13,7 @@ use Drupal\Core\Mail\MailFormatHelper;
 use Drupal\field_ui\Tests\FieldUiTestTrait;
 use Drupal\simpletest\WebTestBase;
 use Drupal\Core\Entity\EntityTypeInterface;
+use Drupal\user\RoleInterface;
 
 /**
  * Tests site-wide contact form functionality.
@@ -95,7 +96,7 @@ class ContactSitewideTest extends WebTestBase {
     $this->assertNoLinkByHref('admin/structure/contact/manage/feedback');
 
     // Ensure that the contact form won't be shown without forms.
-    user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array('access site-wide contact form'));
+    user_role_grant_permissions(RoleInterface::ANONYMOUS_ID, array('access site-wide contact form'));
     $this->drupalLogout();
     $this->drupalGet('contact');
     $this->assertResponse(404);
@@ -159,7 +160,7 @@ class ContactSitewideTest extends WebTestBase {
     $this->config('contact.settings')->set('default_form', $id)->save();
 
     // Ensure that the contact form is shown without a form selection input.
-    user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array('access site-wide contact form'));
+    user_role_grant_permissions(RoleInterface::ANONYMOUS_ID, array('access site-wide contact form'));
     $this->drupalLogout();
     $this->drupalGet('contact');
     $this->assertText(t('Your email address'));
@@ -185,12 +186,12 @@ class ContactSitewideTest extends WebTestBase {
     $this->drupalLogout();
 
     // Check to see that anonymous user cannot see contact page without permission.
-    user_role_revoke_permissions(DRUPAL_ANONYMOUS_RID, array('access site-wide contact form'));
+    user_role_revoke_permissions(RoleInterface::ANONYMOUS_ID, array('access site-wide contact form'));
     $this->drupalGet('contact');
     $this->assertResponse(403);
 
     // Give anonymous user permission and see that page is viewable.
-    user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array('access site-wide contact form'));
+    user_role_grant_permissions(RoleInterface::ANONYMOUS_ID, array('access site-wide contact form'));
     $this->drupalGet('contact');
     $this->assertResponse(200);
 
@@ -305,7 +306,7 @@ class ContactSitewideTest extends WebTestBase {
 
     // Log the current user out in order to test the name and email fields.
     $this->drupalLogout();
-    user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array('access site-wide contact form'));
+    user_role_grant_permissions(RoleInterface::ANONYMOUS_ID, array('access site-wide contact form'));
 
     // Test the auto-reply for form 'foo'.
     $email = $this->randomMachineName(32) . '@example.com';

core/modules/contact/src/Tests/ContactStorageTest.php

@@ -9,6 +9,7 @@ namespace Drupal\contact\Tests;
 
 use Drupal\Component\Utility\Unicode;
 use Drupal\contact\Entity\Message;
+use Drupal\user\RoleInterface;
 
 /**
  * Tests storing contact messages.
@@ -56,7 +57,7 @@ class ContactStorageTest extends ContactSitewideTest {
     $this->assertRaw(t('Contact form %label has been added.', array('%label' => $label)));
 
     // Ensure that anonymous can submit site-wide contact form.
-    user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array('access site-wide contact form'));
+    user_role_grant_permissions(RoleInterface::ANONYMOUS_ID, array('access site-wide contact form'));
     $this->drupalLogout();
     $this->drupalGet('contact');
     $this->assertText(t('Your email address'));

core/modules/field/src/Tests/EntityReference/EntityReferenceFormatterTest.php

@@ -13,6 +13,7 @@ use Drupal\field\Entity\FieldStorageConfig;
 use Drupal\filter\Entity\FilterFormat;
 use Drupal\system\Tests\Entity\EntityUnitTestBase;
 use Drupal\user\Entity\Role;
+use Drupal\user\RoleInterface;
 
 /**
  * Tests the formatters functionality.
@@ -69,7 +70,7 @@ class EntityReferenceFormatterTest extends EntityUnitTestBase {
 
     // Grant the 'view test entity' permission.
     $this->installConfig(array('user'));
-    Role::load(DRUPAL_ANONYMOUS_RID)
+    Role::load(RoleInterface::ANONYMOUS_ID)
       ->grantPermission('view test entity')
       ->save();
 
@@ -126,7 +127,7 @@ class EntityReferenceFormatterTest extends EntityUnitTestBase {
    */
   public function testAccess() {
     // Revoke the 'view test entity' permission for this test.
-    Role::load(DRUPAL_ANONYMOUS_RID)
+    Role::load(RoleInterface::ANONYMOUS_ID)
       ->revokePermission('view test entity')
       ->save();
 

core/modules/file/src/Tests/FileFieldWidgetTest.php

@@ -12,6 +12,7 @@ use Drupal\comment\Tests\CommentTestTrait;
 use Drupal\Component\Utility\Html;
 use Drupal\field\Entity\FieldConfig;
 use Drupal\field_ui\Tests\FieldUiTestTrait;
+use Drupal\user\RoleInterface;
 
 /**
  * Tests the file field widget, single and multi-valued, with and without AJAX,
@@ -266,8 +267,8 @@ class FileFieldWidgetTest extends FileFieldTestBase {
 
     // Revoke access comments permission from anon user, grant post to
     // authenticated.
-    user_role_revoke_permissions(DRUPAL_ANONYMOUS_RID, array('access comments'));
+    user_role_revoke_permissions(RoleInterface::ANONYMOUS_ID, array('access comments'));
-    user_role_grant_permissions(DRUPAL_AUTHENTICATED_RID, array('post comments', 'skip comment approval'));
+    user_role_grant_permissions(RoleInterface::AUTHENTICATED_ID, array('post comments', 'skip comment approval'));
 
     // Create a new field.
     $this->addDefaultCommentField('node', 'article');

core/modules/filter/src/Tests/FilterAdminTest.php

@@ -10,6 +10,7 @@ namespace Drupal\filter\Tests;
 use Drupal\Component\Utility\String;
 use Drupal\Component\Utility\Unicode;
 use Drupal\simpletest\WebTestBase;
+use Drupal\user\RoleInterface;
 
 /**
  * Thoroughly test the administrative interface of the filter module.
@@ -248,7 +249,7 @@ class FilterAdminTest extends WebTestBase {
     $edit = array();
     $edit['format'] = Unicode::strtolower($this->randomMachineName());
     $edit['name'] = $this->randomMachineName();
-    $edit['roles[' . DRUPAL_AUTHENTICATED_RID . ']'] = 1;
+    $edit['roles[' . RoleInterface::AUTHENTICATED_ID . ']'] = 1;
     $edit['filters[' . $second_filter . '][status]'] = TRUE;
     $edit['filters[' . $first_filter . '][status]'] = TRUE;
     $this->drupalPostForm('admin/config/content/formats/add', $edit, t('Save configuration'));
@@ -259,7 +260,7 @@ class FilterAdminTest extends WebTestBase {
     $format = entity_load('filter_format', $edit['format']);
     $this->assertNotNull($format, 'Format found in database.');
     $this->drupalGet('admin/config/content/formats/manage/' . $format->id());
-    $this->assertFieldByName('roles[' . DRUPAL_AUTHENTICATED_RID . ']', '', 'Role found.');
+    $this->assertFieldByName('roles[' . RoleInterface::AUTHENTICATED_ID . ']', '', 'Role found.');
     $this->assertFieldByName('filters[' . $second_filter . '][status]', '', 'Line break filter found.');
     $this->assertFieldByName('filters[' . $first_filter . '][status]', '', 'Url filter found.');
 
@@ -271,8 +272,8 @@ class FilterAdminTest extends WebTestBase {
     // Allow authenticated users on full HTML.
     $format = entity_load('filter_format', $full);
     $edit = array();
-    $edit['roles[' . DRUPAL_ANONYMOUS_RID . ']'] = 0;
+    $edit['roles[' . RoleInterface::ANONYMOUS_ID . ']'] = 0;
-    $edit['roles[' . DRUPAL_AUTHENTICATED_RID . ']'] = 1;
+    $edit['roles[' . RoleInterface::AUTHENTICATED_ID . ']'] = 1;
     $this->drupalPostForm('admin/config/content/formats/manage/' . $full, $edit, t('Save configuration'));
     $this->assertUrl('admin/config/content/formats');
     $this->assertRaw(t('The text format %format has been updated.', array('%format' => $format->label())), 'Full HTML format successfully updated.');
@@ -330,12 +331,12 @@ class FilterAdminTest extends WebTestBase {
 
     // Full HTML.
     $edit = array();
-    $edit['roles[' . DRUPAL_AUTHENTICATED_RID . ']'] = FALSE;
+    $edit['roles[' . RoleInterface::AUTHENTICATED_ID . ']'] = FALSE;
     $this->drupalPostForm('admin/config/content/formats/manage/' . $full, $edit, t('Save configuration'));
     $this->assertUrl('admin/config/content/formats');
     $this->assertRaw(t('The text format %format has been updated.', array('%format' => $format->label())), 'Full HTML format successfully reverted.');
     $this->drupalGet('admin/config/content/formats/manage/' . $full);
-    $this->assertFieldByName('roles[' . DRUPAL_AUTHENTICATED_RID . ']', $edit['roles[' . DRUPAL_AUTHENTICATED_RID . ']'], 'Changes reverted.');
+    $this->assertFieldByName('roles[' . RoleInterface::AUTHENTICATED_ID . ']', $edit['roles[' . RoleInterface::AUTHENTICATED_ID . ']'], 'Changes reverted.');
 
     // Filter order.
     $edit = array();

core/modules/filter/src/Tests/FilterDefaultConfigTest.php

@@ -8,6 +8,7 @@
 namespace Drupal\filter\Tests;
 
 use Drupal\simpletest\KernelTestBase;
+use Drupal\user\RoleInterface;
 
 /**
  * Tests text format default configuration.
@@ -49,8 +50,8 @@ class FilterDefaultConfigTest extends KernelTestBase {
     $this->assertEqual($format->get('roles'), NULL);
     // Verify that the defined roles in the default config have been processed.
     $this->assertEqual(array_keys(filter_get_roles_by_format($format)), array(
-      DRUPAL_ANONYMOUS_RID,
+      RoleInterface::ANONYMOUS_ID,
-      DRUPAL_AUTHENTICATED_RID,
+      RoleInterface::AUTHENTICATED_ID,
     ));
 
     // Verify enabled filters.
@@ -78,21 +79,21 @@ class FilterDefaultConfigTest extends KernelTestBase {
     // Verify role permissions declared in default config.
     $format = entity_load('filter_format', 'filter_test');
     $this->assertEqual(array_keys(filter_get_roles_by_format($format)), array(
-      DRUPAL_ANONYMOUS_RID,
+      RoleInterface::ANONYMOUS_ID,
-      DRUPAL_AUTHENTICATED_RID,
+      RoleInterface::AUTHENTICATED_ID,
     ));
 
     // Attempt to change roles.
     $format->set('roles', array(
-      DRUPAL_AUTHENTICATED_RID,
+      RoleInterface::AUTHENTICATED_ID,
     ));
     $format->save();
 
     // Verify that roles have not been updated.
     $format = entity_load('filter_format', 'filter_test');
     $this->assertEqual(array_keys(filter_get_roles_by_format($format)), array(
-      DRUPAL_ANONYMOUS_RID,
+      RoleInterface::ANONYMOUS_ID,
-      DRUPAL_AUTHENTICATED_RID,
+      RoleInterface::AUTHENTICATED_ID,
     ));
   }
 

core/modules/filter/src/Tests/FilterHooksTest.php

@@ -9,6 +9,7 @@ namespace Drupal\filter\Tests;
 
 use Drupal\Component\Utility\Unicode;
 use Drupal\simpletest\WebTestBase;
+use Drupal\user\RoleInterface;
 
 /**
  * Tests hooks for text formats insert/update/disable.
@@ -44,7 +45,7 @@ class FilterHooksTest extends WebTestBase {
     $edit = array();
     $edit['format'] = Unicode::strtolower($this->randomMachineName());
     $edit['name'] = $name;
-    $edit['roles[' . DRUPAL_ANONYMOUS_RID . ']'] = 1;
+    $edit['roles[' . RoleInterface::ANONYMOUS_ID . ']'] = 1;
     $this->drupalPostForm('admin/config/content/formats/add', $edit, t('Save configuration'));
     $this->assertRaw(t('Added text format %format.', array('%format' => $name)));
     $this->assertText('hook_filter_format_insert invoked.');
@@ -53,7 +54,7 @@ class FilterHooksTest extends WebTestBase {
 
     // Update text format.
     $edit = array();
-    $edit['roles[' . DRUPAL_AUTHENTICATED_RID . ']'] = 1;
+    $edit['roles[' . RoleInterface::AUTHENTICATED_ID . ']'] = 1;
     $this->drupalPostForm('admin/config/content/formats/manage/' . $format_id, $edit, t('Save configuration'));
     $this->assertRaw(t('The text format %format has been updated.', array('%format' => $name)));
     $this->assertText('hook_filter_format_update invoked.');

core/modules/filter/src/Tests/FilterSecurityTest.php

@@ -9,6 +9,7 @@ namespace Drupal\filter\Tests;
 
 use Drupal\simpletest\WebTestBase;
 use Drupal\filter\Plugin\FilterInterface;
+use Drupal\user\RoleInterface;
 
 /**
  * Tests the behavior of check_markup() when a filter or text format vanishes,
@@ -42,7 +43,7 @@ class FilterSecurityTest extends WebTestBase {
     /** @var \Drupal\filter\Entity\FilterFormat $filtered_html_format */
     $filtered_html_format = entity_load('filter_format', 'filtered_html');
     $filtered_html_permission = $filtered_html_format->getPermissionName();
-    user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array($filtered_html_permission));
+    user_role_grant_permissions(RoleInterface::ANONYMOUS_ID, array($filtered_html_permission));
 
     $this->adminUser = $this->drupalCreateUser(array('administer modules', 'administer filters', 'administer site configuration'));
     $this->drupalLogin($this->adminUser);

core/modules/image/src/Tests/ImageFieldDisplayTest.php

@@ -9,6 +9,7 @@ namespace Drupal\image\Tests;
 
 use Drupal\Core\Field\FieldStorageDefinitionInterface;
 use Drupal\field\Entity\FieldStorageConfig;
+use Drupal\user\RoleInterface;
 
 /**
  * Tests the display of image fields.
@@ -38,7 +39,7 @@ class ImageFieldDisplayTest extends ImageFieldTestBase {
    */
   function testImageFieldFormattersPrivate() {
     // Remove access content permission from anonymous users.
-    user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array('access content' => FALSE));
+    user_role_change_permissions(RoleInterface::ANONYMOUS_ID, array('access content' => FALSE));
     $this->_testImageFieldFormatters('private');
   }
 

core/modules/migrate_drupal/src/Tests/d6/MigrateUserTest.php

@@ -12,6 +12,7 @@ use Drupal\file\Entity\File;
 use Drupal\Core\Database\Database;
 use Drupal\migrate\MigrateExecutable;
 use Drupal\migrate_drupal\Tests\d6\MigrateDrupal6TestBase;
+use Drupal\user\RoleInterface;
 
 /**
  * Users migration.
@@ -149,7 +150,7 @@ class MigrateUserTest extends MigrateDrupal6TestBase {
         ->condition('ur.uid', $source->uid)
         ->execute()
         ->fetchCol();
-      $roles = array(DRUPAL_AUTHENTICATED_RID);
+      $roles = array(RoleInterface::AUTHENTICATED_ID);
       $migration_role = entity_load('migration', 'd6_user_role');
       foreach ($rids as $rid) {
         $role = $migration_role->getIdMap()->lookupDestinationId(array($rid));

core/modules/node/node.install

@@ -8,6 +8,7 @@
 use Drupal\Component\Utility\SafeMarkup;
 use Drupal\Component\Uuid\Uuid;
 use Drupal\Core\Url;
+use Drupal\user\RoleInterface;
 
 /**
  * Implements hook_requirements().
@@ -129,8 +130,8 @@ function node_install() {
   // these permissions. Doing so also allows tests to continue to operate as
   // expected without first having to manually grant these default permissions.
   if (\Drupal::moduleHandler()->moduleExists('user')) {
-    user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array('access content'));
+    user_role_grant_permissions(RoleInterface::ANONYMOUS_ID, array('access content'));
-    user_role_grant_permissions(DRUPAL_AUTHENTICATED_RID, array('access content'));
+    user_role_grant_permissions(RoleInterface::AUTHENTICATED_ID, array('access content'));
   }
 
   // Populate the node access table.

core/modules/node/node.views_execution.inc

@@ -5,6 +5,7 @@
  * Provide views runtime hooks for node.module.
  */
 
+use Drupal\user\RoleInterface;
 use Drupal\views\ViewExecutable;
 use Drupal\user\Entity\Role;
 
@@ -32,9 +33,9 @@ function node_views_analyze(ViewExecutable $view) {
         // check for no access control
         $access = $display->getOption('access');
         if (empty($access['type']) || $access['type'] == 'none') {
-          $anonymous_role = Role::load(DRUPAL_ANONYMOUS_RID);
+          $anonymous_role = Role::load(RoleInterface::ANONYMOUS_ID);
           $anonymous_has_access = $anonymous_role && $anonymous_role->hasPermission('access content');
-          $authenticated_role = Role::load(DRUPAL_AUTHENTICATED_RID);
+          $authenticated_role = Role::load(RoleInterface::AUTHENTICATED_ID);
           $authenticated_has_access = $authenticated_role && $authenticated_role->hasPermission('access content');
           if (!$anonymous_has_access || !$authenticated_has_access) {
             $ret[] = Analyzer::formatMessage(t('Some roles lack permission to access content, but display %display has no access control.', array('%display' => $display->display['display_title'])), 'warning');

core/modules/node/src/Tests/NodeAccessTest.php

@@ -7,6 +7,8 @@
 
 namespace Drupal\node\Tests;
 
+use Drupal\user\RoleInterface;
+
 /**
  * Tests basic node_access functionality.
  *
@@ -19,7 +21,7 @@ class NodeAccessTest extends NodeTestBase {
   protected function setUp() {
     parent::setUp();
     // Clear permissions for authenticated users.
-    $this->config('user.role.' . DRUPAL_AUTHENTICATED_RID)->set('permissions', array())->save();
+    $this->config('user.role.' . RoleInterface::AUTHENTICATED_ID)->set('permissions', array())->save();
   }
 
   /**

core/modules/node/src/Tests/NodeAdminTest.php

@@ -7,6 +7,8 @@
 
 namespace Drupal\node\Tests;
 
+use Drupal\user\RoleInterface;
+
 /**
  * Tests node administration page functionality.
  *
@@ -33,7 +35,7 @@ class NodeAdminTest extends NodeTestBase {
     // Remove the "view own unpublished content" permission which is set
     // by default for authenticated users so we can test this permission
     // correctly.
-    user_role_revoke_permissions(DRUPAL_AUTHENTICATED_RID, array('view own unpublished content'));
+    user_role_revoke_permissions(RoleInterface::AUTHENTICATED_ID, array('view own unpublished content'));
 
     $this->adminUser = $this->drupalCreateUser(array('access administration pages', 'access content overview', 'administer nodes', 'bypass node access'));
     $this->base_user_1 = $this->drupalCreateUser(array('access content overview'));

core/modules/node/src/Tests/NodeBlockFunctionalTest.php

@@ -8,6 +8,7 @@
 namespace Drupal\node\Tests;
 
 use Drupal\block\Entity\Block;
+use Drupal\user\RoleInterface;
 
 /**
  * Tests node block functionality.
@@ -52,7 +53,7 @@ class NodeBlockFunctionalTest extends NodeTestBase {
     $this->drupalLogin($this->adminUser);
 
     // Disallow anonymous users to view content.
-    user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array(
+    user_role_change_permissions(RoleInterface::ANONYMOUS_ID, array(
       'access content' => FALSE,
     ));
 

core/modules/rdf/src/Tests/CommentAttributesTest.php

@@ -10,6 +10,7 @@ namespace Drupal\rdf\Tests;
 use Drupal\comment\CommentInterface;
 use Drupal\comment\CommentManagerInterface;
 use Drupal\comment\Tests\CommentTestBase;
+use Drupal\user\RoleInterface;
 
 /**
  * Tests the RDFa markup of comments.
@@ -43,7 +44,7 @@ class CommentAttributesTest extends CommentTestBase {
     parent::setUp();
 
     // Enables anonymous user comments.
-    user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array(
+    user_role_change_permissions(RoleInterface::ANONYMOUS_ID, array(
       'access comments' => TRUE,
       'post comments' => TRUE,
       'skip comment approval' => TRUE,

core/modules/rdf/src/Tests/Field/EntityReferenceRdfaTest.php

@@ -7,6 +7,7 @@
 namespace Drupal\rdf\Tests\Field;
 
 use Drupal\user\Entity\Role;
+use Drupal\user\RoleInterface;
 
 /**
  * Tests the RDFa output of the entity reference field formatter.
@@ -53,7 +54,7 @@ class EntityReferenceRdfaTest extends FieldRdfaTestBase {
 
     // Give anonymous users permission to view test entities.
     $this->installConfig(array('user'));
-    Role::load(DRUPAL_ANONYMOUS_RID)
+    Role::load(RoleInterface::ANONYMOUS_ID)
       ->grantPermission('view test entity')
       ->save();
 

core/modules/rdf/src/Tests/Field/TaxonomyTermReferenceRdfaTest.php

@@ -10,6 +10,7 @@ use Drupal\Component\Utility\Unicode;
 use Drupal\Core\Field\FieldStorageDefinitionInterface;
 use Drupal\Core\Language\LanguageInterface;
 use Drupal\user\Entity\Role;
+use Drupal\user\RoleInterface;
 
 /**
  * Tests the RDFa output of the taxonomy term reference field formatter.
@@ -101,7 +102,7 @@ class TaxonomyTermReferenceRdfaTest extends FieldRdfaTestBase {
     // Tests the plain formatter.
     $this->assertFormatterRdfa(array('type' => 'taxonomy_term_reference_plain'), 'http://schema.org/about', array('value' => $this->term->getName(), 'type' => 'literal'));
     // Grant the access content permission to the anonymous user.
-    Role::create(array('id' => DRUPAL_ANONYMOUS_RID))
+    Role::create(array('id' => RoleInterface::ANONYMOUS_ID))
       ->grantPermission('access content')
       ->save();
     // Tests the link formatter.

core/modules/responsive_image/src/Tests/ResponsiveImageFieldDisplayTest.php

@@ -12,6 +12,7 @@ use Drupal\image\Tests\ImageFieldTestBase;
 use Drupal\image\Entity\ImageStyle;
 use Drupal\node\Entity\Node;
 use Drupal\file\Entity\File;
+use Drupal\user\RoleInterface;
 
 /**
  * Tests responsive image display formatter.
@@ -79,7 +80,7 @@ class ResponsiveImageFieldDisplayTest extends ImageFieldTestBase {
   public function testResponsiveImageFieldFormattersPrivate() {
     $this->addTestImageStyleMappings();
     // Remove access content permission from anonymous users.
-    user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array('access content' => FALSE));
+    user_role_change_permissions(RoleInterface::ANONYMOUS_ID, array('access content' => FALSE));
     $this->doTestResponsiveImageFieldFormatters('private');
   }
 

core/modules/search/src/Tests/SearchCommentTest.php

@@ -11,6 +11,7 @@ use Drupal\comment\Plugin\Field\FieldType\CommentItemInterface;
 use Drupal\comment\Tests\CommentTestTrait;
 use Drupal\Component\Utility\String;
 use Drupal\field\Entity\FieldConfig;
+use Drupal\user\RoleInterface;
 
 /**
  * Tests integration searching comments.
@@ -97,7 +98,7 @@ class SearchCommentTest extends SearchTestBase {
       'filters' => array(
         'filter_html_escape' => array('status' => 1),
       ),
-      'roles' => array(DRUPAL_AUTHENTICATED_RID),
+      'roles' => array(RoleInterface::AUTHENTICATED_ID),
     ));
     $basic_html_format->save();
 
@@ -110,9 +111,9 @@ class SearchCommentTest extends SearchTestBase {
 
     // Allow anonymous users to search content.
     $edit = array(
-      DRUPAL_ANONYMOUS_RID . '[search content]' => 1,
+      RoleInterface::ANONYMOUS_ID . '[search content]' => 1,
-      DRUPAL_ANONYMOUS_RID . '[access comments]' => 1,
+      RoleInterface::ANONYMOUS_ID . '[access comments]' => 1,
-      DRUPAL_ANONYMOUS_RID . '[post comments]' => 1,
+      RoleInterface::ANONYMOUS_ID . '[post comments]' => 1,
     );
     $this->drupalPostForm('admin/people/permissions', $edit, t('Save permissions'));
 
@@ -189,17 +190,17 @@ class SearchCommentTest extends SearchTestBase {
     $this->drupalPostForm('comment/reply/node/' . $this->node->id() . '/comment', $edit_comment, t('Save'));
 
     $this->drupalLogout();
-    $this->setRolePermissions(DRUPAL_ANONYMOUS_RID);
+    $this->setRolePermissions(RoleInterface::ANONYMOUS_ID);
     $this->assertCommentAccess(FALSE, 'Anon user has search permission but no access comments permission, comments should not be indexed');
 
-    $this->setRolePermissions(DRUPAL_ANONYMOUS_RID, TRUE);
+    $this->setRolePermissions(RoleInterface::ANONYMOUS_ID, TRUE);
     $this->assertCommentAccess(TRUE, 'Anon user has search permission and access comments permission, comments should be indexed');
 
     $this->drupalLogin($this->adminUser);
     $this->drupalGet('admin/people/permissions');
 
     // Disable search access for authenticated user to test admin user.
-    $this->setRolePermissions(DRUPAL_AUTHENTICATED_RID, FALSE, FALSE);
+    $this->setRolePermissions(RoleInterface::AUTHENTICATED_ID, FALSE, FALSE);
 
     $this->setRolePermissions($this->adminRole);
     $this->assertCommentAccess(FALSE, 'Admin user has search permission but no access comments permission, comments should not be indexed');
@@ -208,21 +209,21 @@ class SearchCommentTest extends SearchTestBase {
     $this->setRolePermissions($this->adminRole, TRUE);
     $this->assertCommentAccess(TRUE, 'Admin user has search permission and access comments permission, comments should be indexed');
 
-    $this->setRolePermissions(DRUPAL_AUTHENTICATED_RID);
+    $this->setRolePermissions(RoleInterface::AUTHENTICATED_ID);
     $this->assertCommentAccess(FALSE, 'Authenticated user has search permission but no access comments permission, comments should not be indexed');
 
-    $this->setRolePermissions(DRUPAL_AUTHENTICATED_RID, TRUE);
+    $this->setRolePermissions(RoleInterface::AUTHENTICATED_ID, TRUE);
     $this->assertCommentAccess(TRUE, 'Authenticated user has search permission and access comments permission, comments should be indexed');
 
     // Verify that access comments permission is inherited from the
     // authenticated role.
-    $this->setRolePermissions(DRUPAL_AUTHENTICATED_RID, TRUE, FALSE);
+    $this->setRolePermissions(RoleInterface::AUTHENTICATED_ID, TRUE, FALSE);
     $this->setRolePermissions($this->adminRole);
     $this->assertCommentAccess(TRUE, 'Admin user has search permission and no access comments permission, but comments should be indexed because admin user inherits authenticated user\'s permission to access comments');
 
     // Verify that search content permission is inherited from the authenticated
     // role.
-    $this->setRolePermissions(DRUPAL_AUTHENTICATED_RID, TRUE, TRUE);
+    $this->setRolePermissions(RoleInterface::AUTHENTICATED_ID, TRUE, TRUE);
     $this->setRolePermissions($this->adminRole, TRUE, FALSE);
     $this->assertCommentAccess(TRUE, 'Admin user has access comments permission and no search permission, but comments should be indexed because admin user inherits authenticated user\'s permission to search');
   }

core/modules/shortcut/src/Tests/ShortcutCacheTagsTest.php

@@ -10,6 +10,7 @@ namespace Drupal\shortcut\Tests;
 use Drupal\shortcut\Entity\Shortcut;
 use Drupal\system\Tests\Entity\EntityCacheTagsTestBase;
 use Drupal\user\Entity\Role;
+use Drupal\user\RoleInterface;
 
 /**
  * Tests the Shortcut entity's cache tags.
@@ -31,7 +32,7 @@ class ShortcutCacheTagsTest extends EntityCacheTagsTestBase {
 
     // Give anonymous users permission to customize shortcut links, so that we
     // can verify the cache tags of cached versions of shortcuts.
-    $user_role = Role::load(DRUPAL_ANONYMOUS_RID);
+    $user_role = Role::load(RoleInterface::ANONYMOUS_ID);
     $user_role->grantPermission('customize shortcut links');
     $user_role->grantPermission('access shortcuts');
     $user_role->save();

core/modules/system/src/Tests/Action/ActionUnitTest.php

@@ -9,6 +9,7 @@ namespace Drupal\system\Tests\Action;
 
 use Drupal\simpletest\KernelTestBase;
 use Drupal\Core\Action\ActionInterface;
+use Drupal\user\RoleInterface;
 
 /**
  * Tests action plugins.
@@ -80,11 +81,11 @@ class ActionUnitTest extends KernelTestBase {
   public function testDependencies() {
     // Create a new action that depends on a user role.
     $action = entity_create('action', array(
-      'id' => 'user_add_role_action.' . DRUPAL_ANONYMOUS_RID,
+      'id' => 'user_add_role_action.' . RoleInterface::ANONYMOUS_ID,
       'type' => 'user',
       'label' => t('Add the anonymous role to the selected users'),
       'configuration' => array(
-        'rid' => DRUPAL_ANONYMOUS_RID,
+        'rid' => RoleInterface::ANONYMOUS_ID,
       ),
       'plugin' => 'user_add_role_action',
     ));
@@ -92,7 +93,7 @@ class ActionUnitTest extends KernelTestBase {
 
     $expected = array(
       'config' => array(
-        'user.role.' . DRUPAL_ANONYMOUS_RID,
+        'user.role.' . RoleInterface::ANONYMOUS_ID,
       ),
       'module' => array(
         'user',

core/modules/system/src/Tests/Entity/EntityCacheTagsTestBase.php

@@ -15,6 +15,7 @@ use Drupal\field\Entity\FieldStorageConfig;
 use Drupal\field\Entity\FieldConfig;
 use Drupal\system\Tests\Cache\PageCacheTagsTestBase;
 use Drupal\user\Entity\Role;
+use Drupal\user\RoleInterface;
 
 /**
  * Provides helper methods for Entity cache tags tests.
@@ -57,7 +58,7 @@ abstract class EntityCacheTagsTestBase extends PageCacheTagsTestBase {
 
     // Give anonymous users permission to view test entities, so that we can
     // verify the cache tags of cached versions of test entity pages.
-    $user_role = Role::load(DRUPAL_ANONYMOUS_RID);
+    $user_role = Role::load(RoleInterface::ANONYMOUS_ID);
     $user_role->grantPermission('view test entity');
     $user_role->save();
 

core/modules/system/src/Tests/Entity/EntityViewBuilderTest.php

@@ -8,6 +8,7 @@
 namespace Drupal\system\Tests\Entity;
 
 use Drupal\user\Entity\Role;
+use Drupal\user\RoleInterface;
 
 /**
  * Tests the entity view builder.
@@ -31,7 +32,7 @@ class EntityViewBuilderTest extends EntityUnitTestBase {
     $this->installConfig(array('user', 'entity_test'));
 
     // Give anonymous users permission to view test entities.
-    Role::load(DRUPAL_ANONYMOUS_RID)
+    Role::load(RoleInterface::ANONYMOUS_ID)
       ->grantPermission('view test entity')
       ->save();
   }

core/modules/system/src/Tests/Form/FormTest.php

@@ -13,6 +13,7 @@ use Drupal\Core\Form\FormState;
 use Drupal\Core\Render\Element;
 use Drupal\form_test\Form\FormTestDisabledElementsForm;
 use Drupal\simpletest\WebTestBase;
+use Drupal\user\RoleInterface;
 
 /**
  * Tests various form element validation mechanisms.
@@ -38,7 +39,7 @@ class FormTest extends WebTestBase {
     $filtered_html_format->save();
 
     $filtered_html_permission = $filtered_html_format->getPermissionName();
-    user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array($filtered_html_permission));
+    user_role_grant_permissions(RoleInterface::ANONYMOUS_ID, array($filtered_html_permission));
   }
 
   /**

core/modules/system/src/Tests/Menu/BreadcrumbTest.php

@@ -9,6 +9,7 @@ namespace Drupal\system\Tests\Menu;
 
 use Drupal\Core\Url;
 use Drupal\node\Entity\NodeType;
+use Drupal\user\RoleInterface;
 
 /**
  * Tests breadcrumbs functionality.
@@ -291,7 +292,7 @@ class BreadcrumbTest extends MenuTestBase {
     // Verify breadcrumbs on user and user/%.
     // We need to log back in and out below, and cannot simply grant the
     // 'administer users' permission, since user_page() makes your head explode.
-    user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array(
+    user_role_grant_permissions(RoleInterface::ANONYMOUS_ID, array(
       'access user profiles',
     ));
 

core/modules/system/src/Tests/System/AccessDeniedTest.php

@@ -8,6 +8,7 @@
 namespace Drupal\system\Tests\System;
 
 use Drupal\simpletest\WebTestBase;
+use Drupal\user\RoleInterface;
 
 /**
  * Tests page access denied functionality, including custom 403 pages.
@@ -31,8 +32,8 @@ class AccessDeniedTest extends WebTestBase {
     // Create an administrative user.
     $this->admin_user = $this->drupalCreateUser(array('access administration pages', 'administer site configuration', 'link to any page', 'administer blocks'));
 
-    user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array('access user profiles'));
+    user_role_grant_permissions(RoleInterface::ANONYMOUS_ID, array('access user profiles'));
-    user_role_grant_permissions(DRUPAL_AUTHENTICATED_RID, array('access user profiles'));
+    user_role_grant_permissions(RoleInterface::AUTHENTICATED_ID, array('access user profiles'));
   }
 
   function testAccessDenied() {

core/modules/system/src/Tests/System/PageNotFoundTest.php

@@ -8,6 +8,7 @@
 namespace Drupal\system\Tests\System;
 
 use Drupal\simpletest\WebTestBase;
+use Drupal\user\RoleInterface;
 
 /**
  * Tests page not found functionality, including custom 404 pages.
@@ -23,8 +24,8 @@ class PageNotFoundTest extends WebTestBase {
     // Create an administrative user.
     $this->admin_user = $this->drupalCreateUser(array('administer site configuration', 'link to any page'));
 
-    user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array('access user profiles'));
+    user_role_grant_permissions(RoleInterface::ANONYMOUS_ID, array('access user profiles'));
-    user_role_grant_permissions(DRUPAL_AUTHENTICATED_RID, array('access user profiles'));
+    user_role_grant_permissions(RoleInterface::AUTHENTICATED_ID, array('access user profiles'));
   }
 
   function testPageNotFound() {

core/modules/taxonomy/src/Tests/TaxonomyImageTest.php

@@ -7,6 +7,8 @@
 
 namespace Drupal\taxonomy\Tests;
 
+use Drupal\user\RoleInterface;
+
 /**
  * Tests access checks of private image fields.
  *
@@ -32,7 +34,7 @@ class TaxonomyImageTest extends TaxonomyTestBase {
     parent::setUp();
 
     // Remove access content permission from registered users.
-    user_role_revoke_permissions(DRUPAL_AUTHENTICATED_RID, array('access content'));
+    user_role_revoke_permissions(RoleInterface::AUTHENTICATED_ID, array('access content'));
 
     $this->vocabulary = $this->createVocabulary();
     // Add a field to the vocabulary.

core/modules/taxonomy/src/Tests/Views/TaxonomyTermViewTest.php

@@ -11,6 +11,7 @@ use Drupal\Component\Utility\Unicode;
 use Drupal\Core\Field\FieldStorageDefinitionInterface;
 use Drupal\language\Entity\ConfigurableLanguage;
 use Drupal\user\Entity\Role;
+use Drupal\user\RoleInterface;
 use Drupal\views\Views;
 
 /**
@@ -157,7 +158,7 @@ class TaxonomyTermViewTest extends TaxonomyTestBase {
     $this->assertEqual(1, count($condition));
 
     // Clear permissions for anonymous users to check access for default views.
-    Role::load(DRUPAL_ANONYMOUS_RID)->revokePermission('access content')->save();
+    Role::load(RoleInterface::ANONYMOUS_ID)->revokePermission('access content')->save();
 
     // Test the default views disclose no data by default.
     $this->drupalLogout();

core/modules/toolbar/src/Tests/ToolbarAdminMenuTest.php

@@ -11,6 +11,7 @@ use Drupal\Core\Cache\Cache;
 use Drupal\Core\Language\LanguageInterface;
 use Drupal\language\Entity\ConfigurableLanguage;
 use Drupal\simpletest\WebTestBase;
+use Drupal\user\RoleInterface;
 
 /**
  * Tests the caching of the admin menu subtree items.
@@ -151,7 +152,7 @@ class ToolbarAdminMenuTest extends WebTestBase {
   function testUserRoleUpdateSubtreesHashCacheClear() {
     // Find the new role ID.
     $all_rids = $this->adminUser->getRoles();
-    unset($all_rids[array_search(DRUPAL_AUTHENTICATED_RID, $all_rids)]);
+    unset($all_rids[array_search(RoleInterface::AUTHENTICATED_ID, $all_rids)]);
     $rid = reset($all_rids);
 
     $edit = array();

core/modules/tour/src/Tests/TourCacheTagsTest.php

@@ -11,6 +11,7 @@ use Drupal\Core\Url;
 use Drupal\system\Tests\Cache\PageCacheTagsTestBase;
 use Drupal\tour\Entity\Tour;
 use Drupal\user\Entity\Role;
+use Drupal\user\RoleInterface;
 
 /**
  * Tests the Tour entity's cache tags.
@@ -32,7 +33,7 @@ class TourCacheTagsTest extends PageCacheTagsTestBase {
 
     // Give anonymous users permission to view nodes, so that we can verify the
     // cache tags of cached versions of node pages.
-    Role::load(DRUPAL_ANONYMOUS_RID)->grantPermission('access tour')
+    Role::load(RoleInterface::ANONYMOUS_ID)->grantPermission('access tour')
      ->save();
   }
 

core/modules/user/src/AccountForm.php

@@ -221,7 +221,7 @@ abstract class AccountForm extends ContentEntityForm {
     );
 
     // Special handling for the inevitable "Authenticated user" role.
-    $form['account']['roles'][DRUPAL_AUTHENTICATED_RID] = array(
+    $form['account']['roles'][RoleInterface::AUTHENTICATED_ID] = array(
       '#default_value' => TRUE,
       '#disabled' => TRUE,
     );

core/modules/user/src/AccountSettingsForm.php

@@ -112,7 +112,7 @@ class AccountSettingsForm extends ConfigFormBase {
     // Do not allow users to set the anonymous or authenticated user roles as the
     // administrator role.
     $roles = user_role_names(TRUE);
-    unset($roles[DRUPAL_AUTHENTICATED_RID]);
+    unset($roles[RoleInterface::AUTHENTICATED_ID]);
 
     $admin_roles = $this->roleStorage->getQuery()
       ->condition('is_admin', TRUE)

core/modules/user/src/Entity/User.php

@@ -13,6 +13,7 @@ use Drupal\Core\Entity\EntityStorageInterface;
 use Drupal\Core\Entity\EntityTypeInterface;
 use Drupal\Core\Field\BaseFieldDefinition;
 use Drupal\Core\Language\LanguageInterface;
+use Drupal\user\RoleInterface;
 use Drupal\user\UserInterface;
 
 /**
@@ -83,7 +84,7 @@ class User extends ContentEntityBase implements UserInterface {
 
     // Make sure that the authenticated/anonymous roles are not persisted.
     foreach ($this->get('roles') as $index => $item) {
-      if (in_array($item->target_id, array(DRUPAL_ANONYMOUS_RID, DRUPAL_AUTHENTICATED_RID))) {
+      if (in_array($item->target_id, array(RoleInterface::ANONYMOUS_ID, RoleInterface::AUTHENTICATED_ID))) {
         $this->get('roles')->offsetUnset($index);
       }
     }
@@ -164,10 +165,10 @@ class User extends ContentEntityBase implements UserInterface {
     // Users with an ID always have the authenticated user role.
     if (!$exclude_locked_roles) {
       if ($this->isAuthenticated()) {
-        $roles[] = DRUPAL_AUTHENTICATED_RID;
+        $roles[] = RoleInterface::AUTHENTICATED_ID;
       }
       else {
-        $roles[] = DRUPAL_ANONYMOUS_RID;
+        $roles[] = RoleInterface::ANONYMOUS_ID;
       }
     }
 
@@ -223,7 +224,7 @@ class User extends ContentEntityBase implements UserInterface {
    */
   public function addRole($rid) {
 
-    if (in_array($rid, [DRUPAL_AUTHENTICATED_RID, DRUPAL_ANONYMOUS_RID])) {
+    if (in_array($rid, [RoleInterface::AUTHENTICATED_ID, RoleInterface::ANONYMOUS_ID])) {
       throw new \InvalidArgumentException('Anonymous or authenticated role ID must not be assigned manually.');
     }
 

core/modules/user/src/Plugin/Action/ChangeUserRoleBase.php

@@ -13,6 +13,7 @@ use Drupal\Core\Entity\EntityTypeInterface;
 use Drupal\Core\Form\FormStateInterface;
 use Drupal\Core\Plugin\ContainerFactoryPluginInterface;
 use Drupal\Core\Session\AccountInterface;
+use Drupal\user\RoleInterface;
 use Symfony\Component\DependencyInjection\ContainerInterface;
 
 /**
@@ -63,7 +64,7 @@ abstract class ChangeUserRoleBase extends ConfigurableActionBase implements Cont
    */
   public function buildConfigurationForm(array $form, FormStateInterface $form_state) {
     $roles = user_role_names(TRUE);
-    unset($roles[DRUPAL_AUTHENTICATED_RID]);
+    unset($roles[RoleInterface::AUTHENTICATED_ID]);
     $form['rid'] = array(
       '#type' => 'radios',
       '#title' => t('Role'),

core/modules/user/src/Plugin/EntityReferenceSelection/UserSelection.php

@@ -14,6 +14,7 @@ use Drupal\Core\Entity\Plugin\EntityReferenceSelection\SelectionBase;
 use Drupal\Core\Extension\ModuleHandlerInterface;
 use Drupal\Core\Form\FormStateInterface;
 use Drupal\Core\Session\AccountInterface;
+use Drupal\user\RoleInterface;
 use Symfony\Component\DependencyInjection\ContainerInterface;
 
 /**
@@ -124,7 +125,7 @@ class UserSelection extends SelectionBase {
         '#type' => 'checkboxes',
         '#title' => $this->t('Restrict to the selected roles'),
         '#required' => TRUE,
-        '#options' => array_diff_key(user_role_names(TRUE), array(DRUPAL_AUTHENTICATED_RID => DRUPAL_AUTHENTICATED_RID)),
+        '#options' => array_diff_key(user_role_names(TRUE), array(RoleInterface::AUTHENTICATED_ID => RoleInterface::AUTHENTICATED_ID)),
         '#default_value' => $selection_handler_settings['filter']['role'],
       );
     }

core/modules/user/src/Plugin/views/filter/Roles.php

@@ -7,6 +7,7 @@
 
 namespace Drupal\user\Plugin\views\filter;
 
+use Drupal\user\RoleInterface;
 use Drupal\user\RoleStorageInterface;
 use Drupal\views\Plugin\views\filter\ManyToOne;
 use Symfony\Component\DependencyInjection\ContainerInterface;
@@ -58,7 +59,7 @@ class Roles extends ManyToOne {
 
   public function getValueOptions() {
     $this->valueOptions = user_role_names(TRUE);
-    unset($this->valueOptions[DRUPAL_AUTHENTICATED_RID]);
+    unset($this->valueOptions[RoleInterface::AUTHENTICATED_ID]);
   }
 
   /**

core/modules/user/src/RoleAccessControlHandler.php

@@ -25,7 +25,7 @@ class RoleAccessControlHandler extends EntityAccessControlHandler {
   protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) {
     switch ($operation) {
       case 'delete':
-        if ($entity->id() == DRUPAL_ANONYMOUS_RID || $entity->id() == DRUPAL_AUTHENTICATED_RID) {
+        if ($entity->id() == RoleInterface::ANONYMOUS_ID || $entity->id() == RoleInterface::AUTHENTICATED_ID) {
           return AccessResult::forbidden();
         }
 

core/modules/user/src/RoleInterface.php

@@ -8,6 +8,7 @@
 namespace Drupal\user;
 
 use Drupal\Core\Config\Entity\ConfigEntityInterface;
+use Drupal\Core\Session\AccountInterface;
 
 /**
  * Provides an interface defining a user role entity.
@@ -16,6 +17,16 @@ use Drupal\Core\Config\Entity\ConfigEntityInterface;
  */
 interface RoleInterface extends ConfigEntityInterface {
 
+  /**
+   * Role ID for anonymous users; should match what's in the "role" table.
+   */
+  const ANONYMOUS_ID = AccountInterface::ANONYMOUS_ROLE;
+
+  /**
+   * Role ID for authenticated users; should match what's in the "role" table.
+   */
+  const AUTHENTICATED_ID = AccountInterface::AUTHENTICATED_ROLE;
+
   /**
    * Returns a list of permissions assigned to the role.
    *

core/modules/user/src/Tests/Condition/UserRoleConditionTest.php

@@ -11,6 +11,7 @@ use Drupal\Component\Utility\String;
 use Drupal\simpletest\KernelTestBase;
 use Drupal\user\Entity\Role;
 use Drupal\user\Entity\User;
+use Drupal\user\RoleInterface;
 
 /**
  * Tests the user role condition.
@@ -67,11 +68,11 @@ class UserRoleConditionTest extends KernelTestBase {
 
     // Set up the authenticated and anonymous roles.
     Role::create(array(
-      'id' => DRUPAL_ANONYMOUS_RID,
+      'id' => RoleInterface::ANONYMOUS_ID,
       'label' => 'Anonymous user',
     ))->save();
     Role::create(array(
-      'id' => DRUPAL_AUTHENTICATED_RID,
+      'id' => RoleInterface::AUTHENTICATED_ID,
       'label' => 'Authenticated user',
     ))->save();
 
@@ -110,7 +111,7 @@ class UserRoleConditionTest extends KernelTestBase {
     // authenticated user roles.
     /** @var $condition \Drupal\Core\Condition\ConditionInterface */
     $condition = $this->manager->createInstance('user_role')
-      ->setConfig('roles', array(DRUPAL_AUTHENTICATED_RID => DRUPAL_AUTHENTICATED_RID))
+      ->setConfig('roles', array(RoleInterface::AUTHENTICATED_ID => RoleInterface::AUTHENTICATED_ID))
       ->setContextValue('user', $this->anonymous);
     $this->assertFalse($condition->execute(), 'Anonymous users fail role checks for authenticated.');
     // Check for the proper summary.
@@ -118,13 +119,13 @@ class UserRoleConditionTest extends KernelTestBase {
     $this->assertEqual($condition->summary(), 'The user is a member of Authenticated user');
 
     // Set the user role to anonymous.
-    $condition->setConfig('roles', array(DRUPAL_ANONYMOUS_RID => DRUPAL_ANONYMOUS_RID));
+    $condition->setConfig('roles', array(RoleInterface::ANONYMOUS_ID => RoleInterface::ANONYMOUS_ID));
     $this->assertTrue($condition->execute(), 'Anonymous users pass role checks for anonymous.');
     // Check for the proper summary.
     $this->assertEqual($condition->summary(), 'The user is a member of Anonymous user');
 
     // Set the user role to check anonymous or authenticated.
-    $condition->setConfig('roles', array(DRUPAL_ANONYMOUS_RID => DRUPAL_ANONYMOUS_RID, DRUPAL_AUTHENTICATED_RID => DRUPAL_AUTHENTICATED_RID));
+    $condition->setConfig('roles', array(RoleInterface::ANONYMOUS_ID => RoleInterface::ANONYMOUS_ID, RoleInterface::AUTHENTICATED_ID => RoleInterface::AUTHENTICATED_ID));
     $this->assertTrue($condition->execute(), 'Anonymous users pass role checks for anonymous or authenticated.');
     // Check for the proper summary.
     $this->assertEqual($condition->summary(), 'The user is a member of Anonymous user, Authenticated user');
@@ -135,11 +136,11 @@ class UserRoleConditionTest extends KernelTestBase {
     $this->assertTrue($condition->execute(), 'Authenticated users pass role checks for anonymous or authenticated.');
 
     // Set the role to just authenticated and recheck.
-    $condition->setConfig('roles', array(DRUPAL_AUTHENTICATED_RID => DRUPAL_AUTHENTICATED_RID));
+    $condition->setConfig('roles', array(RoleInterface::AUTHENTICATED_ID => RoleInterface::AUTHENTICATED_ID));
     $this->assertTrue($condition->execute(), 'Authenticated users pass role checks for authenticated.');
 
     // Test Constructor injection.
-    $condition = $this->manager->createInstance('user_role', array('roles' => array(DRUPAL_AUTHENTICATED_RID => DRUPAL_AUTHENTICATED_RID), 'context' => array('user' => $this->authenticated)));
+    $condition = $this->manager->createInstance('user_role', array('roles' => array(RoleInterface::AUTHENTICATED_ID => RoleInterface::AUTHENTICATED_ID), 'context' => array('user' => $this->authenticated)));
     $this->assertTrue($condition->execute(), 'Constructor injection of context and configuration working as anticipated.');
 
     // Check the negated summary.
@@ -147,7 +148,7 @@ class UserRoleConditionTest extends KernelTestBase {
     $this->assertEqual($condition->summary(), 'The user is not a member of Authenticated user');
 
     // Check the complex negated summary.
-    $condition->setConfig('roles', array(DRUPAL_ANONYMOUS_RID => DRUPAL_ANONYMOUS_RID, DRUPAL_AUTHENTICATED_RID => DRUPAL_AUTHENTICATED_RID));
+    $condition->setConfig('roles', array(RoleInterface::ANONYMOUS_ID => RoleInterface::ANONYMOUS_ID, RoleInterface::AUTHENTICATED_ID => RoleInterface::AUTHENTICATED_ID));
     $this->assertEqual($condition->summary(), 'The user is not a member of Anonymous user, Authenticated user');
 
     // Check a custom role.

core/modules/user/src/Tests/UserAdminTest.php

@@ -8,6 +8,7 @@
 namespace Drupal\user\Tests;
 
 use Drupal\simpletest\WebTestBase;
+use Drupal\user\RoleInterface;
 
 /**
  * Tests user administration page functionality.
@@ -84,7 +85,7 @@ class UserAdminTest extends WebTestBase {
 
     // Filter the users by role. Grab the system-generated role name for User C.
     $roles = $user_c->getRoles();
-    unset($roles[array_search(DRUPAL_AUTHENTICATED_RID, $roles)]);
+    unset($roles[array_search(RoleInterface::AUTHENTICATED_ID, $roles)]);
     $this->drupalGet('admin/people', array('query' => array('role' => reset($roles))));
 
     // Check if the correct users show up when filtered by role.

core/modules/user/src/Tests/UserCacheTagsTest.php

@@ -9,6 +9,7 @@ namespace Drupal\user\Tests;
 
 use Drupal\system\Tests\Entity\EntityWithUriCacheTagsTestBase;
 use Drupal\user\Entity\Role;
+use Drupal\user\RoleInterface;
 
 /**
  * Tests the User entity's cache tags.
@@ -30,7 +31,7 @@ class UserCacheTagsTest extends EntityWithUriCacheTagsTestBase {
 
     // Give anonymous users permission to view user profiles, so that we can
     // verify the cache tags of cached versions of user profile pages.
-    $user_role = Role::load(DRUPAL_ANONYMOUS_RID);
+    $user_role = Role::load(RoleInterface::ANONYMOUS_ID);
     $user_role->grantPermission('access user profiles');
     $user_role->save();
   }

core/modules/user/src/Tests/UserEntityTest.php

@@ -10,6 +10,7 @@ namespace Drupal\user\Tests;
 use Drupal\Core\Language\LanguageInterface;
 use Drupal\simpletest\KernelTestBase;
 use Drupal\user\Entity\User;
+use Drupal\user\RoleInterface;
 
 /**
  * Tests the user entity class.
@@ -47,27 +48,27 @@ class UserEntityTest extends KernelTestBase {
 
     $this->assertTrue($user->hasRole('test_role_one'));
     $this->assertFalse($user->hasRole('test_role_two'));
-    $this->assertEqual(array(DRUPAL_AUTHENTICATED_RID, 'test_role_one'), $user->getRoles());
+    $this->assertEqual(array(RoleInterface::AUTHENTICATED_ID, 'test_role_one'), $user->getRoles());
 
     $user->addRole('test_role_one');
     $this->assertTrue($user->hasRole('test_role_one'));
     $this->assertFalse($user->hasRole('test_role_two'));
-    $this->assertEqual(array(DRUPAL_AUTHENTICATED_RID, 'test_role_one'), $user->getRoles());
+    $this->assertEqual(array(RoleInterface::AUTHENTICATED_ID, 'test_role_one'), $user->getRoles());
 
     $user->addRole('test_role_two');
     $this->assertTrue($user->hasRole('test_role_one'));
     $this->assertTrue($user->hasRole('test_role_two'));
-    $this->assertEqual(array(DRUPAL_AUTHENTICATED_RID, 'test_role_one', 'test_role_two'), $user->getRoles());
+    $this->assertEqual(array(RoleInterface::AUTHENTICATED_ID, 'test_role_one', 'test_role_two'), $user->getRoles());
 
     $user->removeRole('test_role_three');
     $this->assertTrue($user->hasRole('test_role_one'));
     $this->assertTrue($user->hasRole('test_role_two'));
-    $this->assertEqual(array(DRUPAL_AUTHENTICATED_RID, 'test_role_one', 'test_role_two'), $user->getRoles());
+    $this->assertEqual(array(RoleInterface::AUTHENTICATED_ID, 'test_role_one', 'test_role_two'), $user->getRoles());
 
     $user->removeRole('test_role_one');
     $this->assertFalse($user->hasRole('test_role_one'));
     $this->assertTrue($user->hasRole('test_role_two'));
-    $this->assertEqual(array(DRUPAL_AUTHENTICATED_RID, 'test_role_two'), $user->getRoles());
+    $this->assertEqual(array(RoleInterface::AUTHENTICATED_ID, 'test_role_two'), $user->getRoles());
   }
 
 }

core/modules/user/src/Tests/UserPermissionsTest.php

@@ -8,6 +8,7 @@
 namespace Drupal\user\Tests;
 
 use Drupal\simpletest\WebTestBase;
+use Drupal\user\RoleInterface;
 use Drupal\user\Entity\Role;
 use Drupal\user\RoleStorage;
 
@@ -40,7 +41,7 @@ class UserPermissionsTest extends WebTestBase {
 
     // Find the new role ID.
     $all_rids = $this->adminUser->getRoles();
-    unset($all_rids[array_search(DRUPAL_AUTHENTICATED_RID, $all_rids)]);
+    unset($all_rids[array_search(RoleInterface::AUTHENTICATED_ID, $all_rids)]);
     $this->rid = reset($all_rids);
   }
 

core/modules/user/src/Tests/UserRoleAdminTest.php

@@ -9,6 +9,7 @@ namespace Drupal\user\Tests;
 
 use Drupal\simpletest\WebTestBase;
 use Drupal\user\Entity\Role;
+use Drupal\user\RoleInterface;
 
 /**
  * Tests adding, editing and deleting user roles and changing role weights.
@@ -80,10 +81,10 @@ class UserRoleAdminTest extends WebTestBase {
 
     // Make sure that the system-defined roles can be edited via the user
     // interface.
-    $this->drupalGet('admin/people/roles/manage/' . DRUPAL_ANONYMOUS_RID);
+    $this->drupalGet('admin/people/roles/manage/' . RoleInterface::ANONYMOUS_ID);
     $this->assertResponse(200, 'Access granted when trying to edit the built-in anonymous role.');
     $this->assertNoText(t('Delete role'), 'Delete button for the anonymous role is not present.');
-    $this->drupalGet('admin/people/roles/manage/' . DRUPAL_AUTHENTICATED_RID);
+    $this->drupalGet('admin/people/roles/manage/' . RoleInterface::AUTHENTICATED_ID);
     $this->assertResponse(200, 'Access granted when trying to edit the built-in authenticated role.');
     $this->assertNoText(t('Delete role'), 'Delete button for the authenticated role is not present.');
   }

core/modules/user/src/Tests/UserSignatureTest.php

@@ -9,6 +9,7 @@ namespace Drupal\user\Tests;
 
 use Drupal\comment\Tests\CommentTestTrait;
 use Drupal\simpletest\WebTestBase;
+use Drupal\user\RoleInterface;
 
 /**
  * Tests case for user signatures.
@@ -88,7 +89,7 @@ class UserSignatureTest extends WebTestBase {
     ));
     $this->fullHtmlFormat->save();
 
-    user_role_grant_permissions(DRUPAL_AUTHENTICATED_RID, array($this->filteredHtmlFormat->getPermissionName()));
+    user_role_grant_permissions(RoleInterface::AUTHENTICATED_ID, array($this->filteredHtmlFormat->getPermissionName()));
 
     // Create regular and administrative users.
     $this->webUser = $this->drupalCreateUser(array('post comments'));

core/modules/user/src/Tests/Views/BulkFormTest.php

@@ -7,6 +7,7 @@
 
 namespace Drupal\user\Tests\Views;
 
+use Drupal\user\RoleInterface;
 use Drupal\views\Views;
 
 /**
@@ -54,7 +55,7 @@ class BulkFormTest extends UserTestBase {
     // Assign a role to a user.
     $account = entity_load('user', $this->users[0]->id());
     $roles = user_role_names(TRUE);
-    unset($roles[DRUPAL_AUTHENTICATED_RID]);
+    unset($roles[RoleInterface::AUTHENTICATED_ID]);
     $role = key($roles);
 
     $this->assertFalse($account->hasRole($role), 'The user currently does not have a custom role.');

core/modules/user/src/UserListBuilder.php

@@ -127,7 +127,7 @@ class UserListBuilder extends EntityListBuilder {
     $row['status'] = $entity->isActive() ? $this->t('active') : $this->t('blocked');
 
     $roles = array_map('\Drupal\Component\Utility\String::checkPlain', user_role_names(TRUE));
-    unset($roles[DRUPAL_AUTHENTICATED_RID]);
+    unset($roles[RoleInterface::AUTHENTICATED_ID]);
     $users_roles = array();
     foreach ($entity->getRoles() as $role) {
       if (isset($roles[$role])) {

core/modules/user/tests/src/Unit/Plugin/Core/Entity/UserTest.php

@@ -5,12 +5,13 @@
  * Contains \Drupal\Tests\user\Unit\Plugin\Core\Entity\UserTest.
  */
 
-namespace Drupal\Tests\user\Unit\Plugin\Core\Entity {
+namespace Drupal\Tests\user\Unit\Plugin\Core\Entity;
 
 use Drupal\Tests\Core\Session\UserSessionTest;
 use Drupal\user\Entity\User;
+  use Drupal\user\RoleInterface;
 
-/**
+  /**
  * @coversDefaultClass \Drupal\user\Entity\User
  * @group user
  */
@@ -46,37 +47,17 @@ class UserTest extends UserSessionTest {
    *
    * @see \Drupal\user\Entity\User::getRoles()
    * @covers ::getRoles
-   * @todo Move roles constants to a class/interface
    */
   public function testUserGetRoles() {
     // Anonymous user.
     $user = $this->createUserSession(array());
-    $this->assertEquals(array(DRUPAL_ANONYMOUS_RID), $user->getRoles());
+    $this->assertEquals(array(RoleInterface::ANONYMOUS_ID), $user->getRoles());
     $this->assertEquals(array(), $user->getRoles(TRUE));
 
     // Authenticated user.
     $user = $this->createUserSession(array(), TRUE);
-    $this->assertEquals(array(DRUPAL_AUTHENTICATED_RID), $user->getRoles());
+    $this->assertEquals(array(RoleInterface::AUTHENTICATED_ID), $user->getRoles());
     $this->assertEquals(array(), $user->getRoles(TRUE));
   }
 
 }
-
-}
-
-namespace {
-
-  if (!defined('DRUPAL_ANONYMOUS_RID')) {
-    /**
-     * Stub Role ID for anonymous users since bootstrap.inc isn't available.
-     */
-    define('DRUPAL_ANONYMOUS_RID', 'anonymous');
-  }
-  if (!defined('DRUPAL_AUTHENTICATED_RID')) {
-    /**
-     * Stub Role ID for authenticated users since bootstrap.inc isn't available.
-     */
-    define('DRUPAL_AUTHENTICATED_RID', 'authenticated');
-  }
-
-}

core/modules/user/user.module

@@ -1026,7 +1026,7 @@ function user_role_names($membersonly = FALSE, $permission = NULL) {
  */
 function user_user_role_insert(RoleInterface $role) {
   // Ignore the authenticated and anonymous roles or the role is being synced.
-  if (in_array($role->id(), array(DRUPAL_AUTHENTICATED_RID, DRUPAL_ANONYMOUS_RID)) || $role->isSyncing()) {
+  if (in_array($role->id(), array(RoleInterface::AUTHENTICATED_ID, RoleInterface::ANONYMOUS_ID)) || $role->isSyncing()) {
     return;
   }
 
@@ -1067,7 +1067,7 @@ function user_user_role_delete(RoleInterface $role) {
   $user_storage->deleteRoleReferences(array($role->id()));
 
   // Ignore the authenticated and anonymous roles or the role is being synced.
-  if (in_array($role->id(), array(DRUPAL_AUTHENTICATED_RID, DRUPAL_ANONYMOUS_RID)) || $role->isSyncing()) {
+  if (in_array($role->id(), array(RoleInterface::AUTHENTICATED_ID, RoleInterface::ANONYMOUS_ID)) || $role->isSyncing()) {
     return;
   }
 
@@ -1099,7 +1099,7 @@ function user_roles($membersonly = FALSE, $permission = NULL) {
   // Do not cache roles for specific permissions. This data is not requested
   // frequently enough to justify the additional memory use.
   if (empty($permission)) {
-    $cid = $membersonly ? DRUPAL_AUTHENTICATED_RID : DRUPAL_ANONYMOUS_RID;
+    $cid = $membersonly ? RoleInterface::AUTHENTICATED_ID : RoleInterface::ANONYMOUS_ID;
     if (isset($user_roles[$cid])) {
       return $user_roles[$cid];
     }
@@ -1107,7 +1107,7 @@ function user_roles($membersonly = FALSE, $permission = NULL) {
 
   $roles = Role::loadMultiple();
   if ($membersonly) {
-    unset($roles[DRUPAL_ANONYMOUS_RID]);
+    unset($roles[RoleInterface::ANONYMOUS_ID]);
   }
 
   if (!empty($permission)) {

core/modules/views/src/Plugin/views/filter/FilterPluginBase.php

@@ -10,6 +10,7 @@ namespace Drupal\views\Plugin\views\filter;
 use Drupal\Core\Form\FormHelper;
 use Drupal\Core\Form\FormStateInterface;
 use Drupal\Core\Render\Element;
+use Drupal\user\RoleInterface;
 use Drupal\views\Plugin\CacheablePluginInterface;
 use Drupal\views\Plugin\views\HandlerBase;
 use Drupal\Component\Utility\String as UtilityString;
@@ -134,7 +135,7 @@ abstract class FilterPluginBase extends HandlerBase implements CacheablePluginIn
         'remember' => array('default' => FALSE),
         'multiple' => array('default' => FALSE),
         'remember_roles' => array('default' => array(
-          DRUPAL_AUTHENTICATED_RID => DRUPAL_AUTHENTICATED_RID,
+          RoleInterface::AUTHENTICATED_ID => RoleInterface::AUTHENTICATED_ID,
         )),
       ),
     );

core/modules/views_ui/src/Tests/DefaultViewsTest.php

@@ -9,6 +9,7 @@ namespace Drupal\views_ui\Tests;
 
 use Drupal\Core\Url;
 use Drupal\user\Entity\Role;
+use Drupal\user\RoleInterface;
 
 /**
  * Tests enabling, disabling, and reverting default views via the listing page.
@@ -112,7 +113,7 @@ class DefaultViewsTest extends UITestBase {
     $this->assertLinkByHref($edit_href);
 
     // Clear permissions for anonymous users to check access for default views.
-    Role::load(DRUPAL_ANONYMOUS_RID)->revokePermission('access content')->save();
+    Role::load(RoleInterface::ANONYMOUS_ID)->revokePermission('access content')->save();
 
     // Test the default views disclose no data by default.
     $this->drupalLogout();

core/profiles/standard/standard.install

@@ -6,6 +6,7 @@
 
 use Drupal\comment\Plugin\Field\FieldType\CommentItemInterface;
 use Drupal\user\Entity\User;
+use Drupal\user\RoleInterface;
 
 /**
  * Implements hook_install().
@@ -29,8 +30,8 @@ function standard_install() {
   $user_settings->set('register', USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL)->save();
 
   // Enable default permissions for system roles.
-  user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array('access comments'));
+  user_role_grant_permissions(RoleInterface::ANONYMOUS_ID, array('access comments'));
-  user_role_grant_permissions(DRUPAL_AUTHENTICATED_RID, array('access comments', 'post comments', 'skip comment approval'));
+  user_role_grant_permissions(RoleInterface::AUTHENTICATED_ID, array('access comments', 'post comments', 'skip comment approval'));
 
   // Assign user 1 the "administrator" role.
   $user = User::load(1);
@@ -42,11 +43,11 @@ function standard_install() {
   $menu_link_manager = \Drupal::service('plugin.manager.menu.link');
   $menu_link_manager->updateDefinition('contact.site_page', array('enabled' => 1));
 
-  user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array('access site-wide contact form'));
+  user_role_grant_permissions(RoleInterface::ANONYMOUS_ID, array('access site-wide contact form'));
-  user_role_grant_permissions(DRUPAL_AUTHENTICATED_RID, array('access site-wide contact form'));
+  user_role_grant_permissions(RoleInterface::AUTHENTICATED_ID, array('access site-wide contact form'));
 
   // Allow authenticated users to use shortcuts.
-  user_role_grant_permissions(DRUPAL_AUTHENTICATED_RID, array('access shortcuts'));
+  user_role_grant_permissions(RoleInterface::AUTHENTICATED_ID, array('access shortcuts'));
 
   // Populate the default shortcut set.
   $shortcut = entity_create('shortcut', array(

core/tests/Drupal/Tests/Core/Session/AnonymousUserSessionTest.php

@@ -5,11 +5,12 @@
  * Contains \Drupal\Tests\Core\Session\AnonymousUserSessionTest.
  */
 
-namespace Drupal\Tests\Core\Session {
+namespace Drupal\Tests\Core\Session;
 
 use Drupal\Tests\UnitTestCase;
 use Drupal\Core\Session\AnonymousUserSession;
-use Symfony\Component\DependencyInjection\ContainerBuilder;
+  use Drupal\user\RoleInterface;
+  use Symfony\Component\DependencyInjection\ContainerBuilder;
 use Symfony\Component\DependencyInjection\Definition;
 use Symfony\Component\DependencyInjection\Scope;
 use Symfony\Component\HttpFoundation\RequestStack;
@@ -64,27 +65,8 @@ class AnonymousUserSessionTest extends UnitTestCase {
    */
   public function testUserGetRoles() {
     $anonymous_user = new AnonymousUserSession();
-    $this->assertEquals(array(DRUPAL_ANONYMOUS_RID), $anonymous_user->getRoles());
+    $this->assertEquals(array(RoleInterface::ANONYMOUS_ID), $anonymous_user->getRoles());
     $this->assertEquals(array(), $anonymous_user->getRoles(TRUE));
   }
 
 }
-
-}
-
-namespace {
-
-  if (!defined('DRUPAL_ANONYMOUS_RID')) {
-    /**
-     * Stub Role ID for anonymous users since bootstrap.inc isn't available.
-     */
-    define('DRUPAL_ANONYMOUS_RID', 'anonymous');
-  }
-  if (!defined('DRUPAL_AUTHENTICATED_RID')) {
-    /**
-     * Stub Role ID for authenticated users since bootstrap.inc isn't available.
-     */
-    define('DRUPAL_AUTHENTICATED_RID', 'authenticated');
-  }
-
-}

core/tests/Drupal/Tests/Core/Session/UserSessionTest.php

@@ -5,13 +5,14 @@
  * Contains \Drupal\Tests\Core\Session\UserSessionTest.
  */
 
-namespace Drupal\Tests\Core\Session {
+namespace Drupal\Tests\Core\Session;
 
 use Drupal\Core\DependencyInjection\ContainerBuilder;
 use Drupal\Core\Session\UserSession;
 use Drupal\Tests\UnitTestCase;
+  use Drupal\user\RoleInterface;
 
-/**
+  /**
  * @coversDefaultClass \Drupal\Core\Session\UserSession
  * @group Session
  */
@@ -50,7 +51,7 @@ class UserSessionTest extends UnitTestCase {
    *   The created user session.
    */
   protected function createUserSession(array $rids = array(), $authenticated = FALSE) {
-    array_unshift($rids, $authenticated ? DRUPAL_AUTHENTICATED_RID : DRUPAL_ANONYMOUS_RID);
+    array_unshift($rids, $authenticated ? RoleInterface::AUTHENTICATED_ID : RoleInterface::ANONYMOUS_ID);
     return new UserSession(array('roles' => $rids));
   }
 
@@ -157,28 +158,8 @@ class UserSessionTest extends UnitTestCase {
    * @todo Move roles constants to a class/interface
    */
   public function testUserGetRoles() {
-    $this->assertEquals(array(DRUPAL_AUTHENTICATED_RID, 'role_two'), $this->users['user_three']->getRoles());
+    $this->assertEquals(array(RoleInterface::AUTHENTICATED_ID, 'role_two'), $this->users['user_three']->getRoles());
     $this->assertEquals(array('role_two'), $this->users['user_three']->getRoles(TRUE));
   }
 
 }
-
-
-}
-
-namespace {
-
-  if (!defined('DRUPAL_ANONYMOUS_RID')) {
-    /**
-     * Stub Role ID for anonymous users since bootstrap.inc isn't available.
-     */
-    define('DRUPAL_ANONYMOUS_RID', 'anonymous');
-  }
-  if (!defined('DRUPAL_AUTHENTICATED_RID')) {
-    /**
-     * Stub Role ID for authenticated users since bootstrap.inc isn't available.
-     */
-    define('DRUPAL_AUTHENTICATED_RID', 'authenticated');
-  }
-
-}