cant remove last openid, public xrds includes immediate

Added a check to make sure the user doesn't remove their last OpenID
if they don't also have a password.

Also, put the finishimmediate URL in the publicxrds so that e.g.
Yahoo! doesn't get snippy.

darcs-hash:20080619153231-5ed1f-a5d784ff39b53afdfb0584689188dd78bdb90c41.gz
This commit is contained in:
Evan Prodromou 2008-06-19 11:32:31 -04:00
parent 26c7d5f04e
commit fa90195c4d
2 changed files with 47 additions and 31 deletions

View File

@ -69,41 +69,58 @@ class OpenidsettingsAction extends SettingsAction {
$oid = new User_openid(); $oid = new User_openid();
$oid->user_id = $user->id; $oid->user_id = $user->id;
if ($oid->find()) { $cnt = $oid->find();
if ($cnt > 0) {
common_element('h2', NULL, _t('OpenID')); common_element('h2', NULL, _t('Remove OpenID'));
common_element('p', NULL,
_t('You can remove an OpenID from your account '.
'by clicking the button marked "Delete" next to it.'));
$idx = 0;
while ($oid->fetch()) { if ($cnt == 1 && !$user->password) {
common_element_start('form', array('method' => 'POST',
'id' => 'openiddelete' . $idx, common_element('p', NULL,
'action' => _t('Removing your only OpenID would make it impossible to log in! ' .
common_local_url('openidsettings'))); 'If you need to remove it, add another OpenID first.'));
common_element_start('p'); common_element_start('p');
common_element('a', array('href' => $oid->canonical), common_element('a', array('href' => $oid->canonical),
$oid->display); $oid->display);
common_element('input', array('type' => 'hidden',
'id' => 'openid_url'.$idx,
'name' => 'openid_url',
'value' => $oid->canonical));
common_element('input', array('type' => 'submit',
'id' => 'remove'.$idx,
'name' => 'remove',
'class' => 'submit',
'value' => _t('Remove')));
common_element_end('p'); common_element_end('p');
common_element_end('form');
$idx++; } else {
common_element('h2', NULL, _t('Remove OpenID'));
common_element('p', NULL,
_t('You can remove an OpenID from your account '.
'by clicking the button marked "Remove".'));
$idx = 0;
while ($oid->fetch()) {
common_element_start('form', array('method' => 'POST',
'id' => 'openiddelete' . $idx,
'action' =>
common_local_url('openidsettings')));
common_element_start('p');
common_element('a', array('href' => $oid->canonical),
$oid->display);
common_element('input', array('type' => 'hidden',
'id' => 'openid_url'.$idx,
'name' => 'openid_url',
'value' => $oid->canonical));
common_element('input', array('type' => 'submit',
'id' => 'remove'.$idx,
'name' => 'remove',
'class' => 'submit',
'value' => _t('Remove')));
common_element_end('p');
common_element_end('form');
$idx++;
}
} }
common_show_footer();
} }
common_show_footer();
} }
function handle_post() { function handle_post() {
if ($this->arg('add')) { if ($this->arg('add')) {
$result = oid_authenticate($this->trimmed('openid_url'), 'finishaddopenid'); $result = oid_authenticate($this->trimmed('openid_url'), 'finishaddopenid');

View File

@ -40,11 +40,10 @@ class PublicxrdsAction extends Action {
common_element('Type', NULL, 'xri://$xrds*simple'); common_element('Type', NULL, 'xri://$xrds*simple');
$this->show_service(Auth_OpenID_RP_RETURN_TO_URL_TYPE, foreach (array('finishopenidlogin', 'finishaddopenid', 'finishimmediate') as $finish) {
common_local_url('finishopenidlogin')); $this->show_service(Auth_OpenID_RP_RETURN_TO_URL_TYPE,
common_local_url($finish));
$this->show_service(Auth_OpenID_RP_RETURN_TO_URL_TYPE, }
common_local_url('finishaddopenid'));
common_element_end('XRD'); common_element_end('XRD');