Improve user/x/openid_sites
alex_b - March 9, 2009 - 20:57
| Project: | OpenID Provider |
| Version: | 6.x-1.x-dev |
| Component: | Code |
| Category: | task |
| Priority: | normal |
| Assigned: | anarcat |
| Status: | needs review |
| Issue tags: | drupal.org identity, drupal.org redesign, Usability |
Description
user/x/openid_sites should be a table with
Site|Always approve|Last access
rather than the current list with unlabeled check boxes.
http://img.skitch.com/20090309-x68fsx3f1bfk8c7dx87pa696ni.preview.jpg
#1
Bigger picture http://img.skitch.com/20090309-x68fsx3f1bfk8c7dx87pa696ni.jpg
#2
Here is the patch which implements this style of openid_sites listing and UI.
#3
Nice improvement!
#4
Marked http://drupal.org/node/395010 as duplicate.
#5
patch doesn't apply cleanly.
$ patch < openid_provider_sites_page.patchpatching file openid_provider.module
Hunk #1 succeeded at 62 with fuzz 2 (offset 6 lines).
patching file openid_provider.pages.inc
Hunk #1 succeeded at 79 (offset -2 lines).
Hunk #2 FAILED at 116.
1 out of 2 hunks FAILED -- saving rejects to file openid_provider.pages.inc.rej
#6
This patch applies cleanly on head.
But it seems to reverse the way the checkbox behave.The checkboxes are severly broken: they don't persist and don't seem to do anything.#7
So I have improved the patch so that it actually works. I have also made the links clickable and improved the help by removing the negation in the text.
The original patch also removed the "No sites yet" behavior when the openid hasn't been used, that is not yet fixed and the form is likely to look odd when the openid_provider hasn't been used.
#8
I have built another patch which adds the "Deny" feature. It turns the checkboxes into radios and allows the user to deny access to some providers altogether.
#9
Small tweak: remove debugging code.
#10
I tested this on our provider against the D6 openid.module and it works well.
#11
One last try: this one fixes the documentation in the form.
#12
I'm reworking this.
#13
I think this is really my final jab at it now. I rerolled the patch so it applies cleanly again, cleaned up a little bit of code, fixed the way the form was handled, and clarified the options presented to the user when prompted.
#14
Tricky one: i forgot that the original behavior was to ask the user, I made sure this was still the case in this (hopefully) last patch.
#15
'sigh... So the patch was making it so that by default, the behaviour was to deny access (since '' = 0 in PHP), so I have fixed the default.
I also included some code to add watchdog entries when allowing access to the openid_provider.
#16
I tried #14 and was surprised that it stopped working. #15 works now when testing at http://openidenabled.com/resources/openid-test/checkup
The new interface also works. The only problem was that I had the setting on Ask, and then at the prompt said always allow, and even though it then always allowed, the interface was still set on Ask.
#17
So this is weird. I was able to reproduce the issue you mentionned only once: one of my relaying parties was set to 'ask' but wasn't asking. I set it to 'allow', saved the page, set it to 'ask', and saved the page again and then it asked.
All the other RPs didn't behave this way.
This is rather weird, i don't think there's an issue with the code... and now i can't reproduce that issue..
Anyone else can provide a reliable test case for that issue?
#18
I tested the patch and it works reliably.
When you try to test it, do a reinstall to make the schema up-to-date.
#19
Actually, just running update.php should be enough.
Also, I must say I have witness some /instability/ regarding website approval. I could swear I have repeatedly approved identi.ca to always have access and it's *sometimes* prompting me, I'm not sure I understand why or if this behavior was present before the patch.
#20
Setting the OpenID module up on drupal.org is a cornerstone of the redesign efforts. So making the server interface usable would be pretty important.
#21
Actually, I'll reset this to 'needs work' because the issue i confirmed earlier is still there and very annoying. Basically, it's a regression: you always get prompted to accept the consumer even if you choose 'yes, always'.
Very annoying bug, we need to fix this.
#22
I can confirm, i could reliably reproduce openid login issues. I get OpenID login failed messages all the time after applying the patch.
#23
I could reproduce the problem described in #21, so I fixed the issue.
The problem was here:
_openid_provider_rp_save($user->uid, $realm, TRUE);TRUE is not appropiate here, because it can be multiple values. I replaced it to $rp->access and it works fine now.
Also I removed watchdog calls, I assume those messages mostly useful in a debugging environment.
#24
I'd like to see the question of whether or not a user can remove an entry addressed again. I looked through the code and didn't see an option for removing entries.