Download & Extend
Demonstration site (Sandbox / Snapshot) » Issues

Add confirmation to reset block

Posted by Michelle on May 19, 2009 at 8:15pm
Project:Demonstration site (Sandbox / Snapshot)
Version:6.x-1.x-dev
Component:Code
Category:feature request
Priority:normal
Assigned:Unassigned
Status:closed (fixed)

Issue Summary

I just did something stupid and I fully admit it was stupid. But maybe this can help other stupid people. :)

I have demo set up on my dev site so I can go back to things after playing around. I had the block enabled but had never used it. I was working on my theme and looked at the site from an anon perspective and noticed the block was visible. I thought that was strange but thought maybe it did access control after you push the button. Since I knew the regular reset has a confirmation, I didn't think anything of it and pushed it to see if it would give me a confirmation page or the access denied page. I was rather shocked to see that it just went ahead and reset my site!

I didn't lose much since it _is_ just a dev site but, still, I lost some and am kicking myself for not taking a new snapshot before trying it. So I decided to ask for confirmation to be put on the block. And maybe a warning in the readme to not enable the block without also setting visibility on it. I was just sort of assuming there was an access check on display and didn't realize it was relying on the visibility settings in the block itself.

Michelle

Login or register to post comments

Comments

#1

Posted by sun on May 19, 2009 at 10:44pm

Oh boy. I feel sorry for that.

When this block was designed and implemented, we still thought of Demo module's primary purpose being to serve a demonstration site. On a demonstration site users may need or want to quickly reset the site because someone else completely hi-jacked it. In addition, demonstration sites are (usually) periodically reset via cron anyway, so it's just a different trigger.

However, the more we are using Demo module for development on our own, the more we would like to remove the entire "demonstration" features. #294879: Split module into admin include and demo_reset module pretty much takes it the point. I wonder whether that would have prevented this issue for you?

#2

Posted by Michelle on May 20, 2009 at 3:32am

Oh, no need to feel sorry. I fully admit it was my carelessness. I don't know what I was thinking pushing that without making a new snapshot first. LOL

http://drupal.org/node/294879#comment-1081646 is sadly true... That block was just sitting out there for anon for a while and I had no idea.

You can close this if you like. Sounds like that plan would take care of the problem.

Michelle

#3

Posted by sun on November 10, 2009 at 5:48am
Status:active» fixed

I just committed http://drupal.org/cvs?commit=286732 to both D7 + D6.

Short version is: All of the functionality that could potentially make you angry lives now in a separate demo_reset module. You only want to enable this new sub-module when your demonstration site is ready. ;)

#4

Posted by System Message on November 24, 2009 at 5:50am
Status:fixed» closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.