cant remove last openid, public xrds includes immediate

Added a check to make sure the user doesn't remove their last OpenID
if they don't also have a password.

Also, put the finishimmediate URL in the publicxrds so that e.g.
Yahoo! doesn't get snippy.

darcs-hash:20080619153231-5ed1f-a5d784ff39b53afdfb0584689188dd78bdb90c41.gz

diff --git a/actions/openidsettings.php b/actions/openidsettings.php
index 7c12bd4429bd11d6ff3997e61f789b1164ceb826..1488c79b8ffc9a801c6886e176d8a4e277e63b2b 100644 (file)
--- a/actions/openidsettings.php
+++ b/actions/openidsettings.php
@@ -69,41 +69,58 @@ class OpenidsettingsAction extends SettingsAction {
 
                $oid = new User_openid();
                $oid->user_id = $user->id;
-               
-               if ($oid->find()) {
+
+               $cnt = $oid->find();
+
+               if ($cnt > 0) {
                        
-                       common_element('h2', NULL, _t('OpenID'));
-                       common_element('p', NULL,
-                                                  _t('You can remove an OpenID from your account '.
-                                                         'by clicking the button marked "Delete" next to it.'));
-                       $idx = 0;
+                       common_element('h2', NULL, _t('Remove OpenID'));
                        
-                       while ($oid->fetch()) {
-                               common_element_start('form', array('method' => 'POST',
-                                                                                                  'id' => 'openiddelete' . $idx,
-                                                                                                  'action' =>
-                                                                                                  common_local_url('openidsettings')));
+                       if ($cnt == 1 && !$user->password) {
+
+                               common_element('p', NULL,
+                                                          _t('Removing your only OpenID would make it impossible to log in! ' .
+                                                                 'If you need to remove it, add another OpenID first.'));
                                common_element_start('p');
                                common_element('a', array('href' => $oid->canonical),
                                                           $oid->display);
-                               common_element('input', array('type' => 'hidden',
-                                                                                         'id' => 'openid_url'.$idx,
-                                                                                         'name' => 'openid_url',
-                                                                                         'value' => $oid->canonical));
-                               common_element('input', array('type' => 'submit',
-                                                                                         'id' => 'remove'.$idx,
-                                                                                         'name' => 'remove',
-                                                                                         'class' => 'submit',
-                                                                                         'value' => _t('Remove')));
                                common_element_end('p');
-                               common_element_end('form');
-                               $idx++;
+                               
+                       } else {
+                       
+                               common_element('h2', NULL, _t('Remove OpenID'));
+                               common_element('p', NULL,
+                                                          _t('You can remove an OpenID from your account '.
+                                                                 'by clicking the button marked "Remove".'));
+                               $idx = 0;
+                               
+                               while ($oid->fetch()) {
+                                       common_element_start('form', array('method' => 'POST',
+                                                                                                          'id' => 'openiddelete' . $idx,
+                                                                                                  'action' =>
+                                                                                                          common_local_url('openidsettings')));
+                                       common_element_start('p');
+                                       common_element('a', array('href' => $oid->canonical),
+                                                                  $oid->display);
+                                       common_element('input', array('type' => 'hidden',
+                                                                                                 'id' => 'openid_url'.$idx,
+                                                                                                 'name' => 'openid_url',
+                                                                                                 'value' => $oid->canonical));
+                                       common_element('input', array('type' => 'submit',
+                                                                                                 'id' => 'remove'.$idx,
+                                                                                                 'name' => 'remove',
+                                                                                                 'class' => 'submit',
+                                                                                                 'value' => _t('Remove')));
+                                       common_element_end('p');
+                                       common_element_end('form');
+                                       $idx++;
+                               }
                        }
+                       
+                       common_show_footer();
                }
-               
-               common_show_footer();
        }
-
+       
        function handle_post() {
                if ($this->arg('add')) {
                        $result = oid_authenticate($this->trimmed('openid_url'), 'finishaddopenid');

diff --git a/actions/publicxrds.php b/actions/publicxrds.php
index 98d7a164ed39048f609727722816bb30cda59a8f..c41c3b2a84be502815dbc9519e0a05d5cf762ae9 100644 (file)
--- a/actions/publicxrds.php
+++ b/actions/publicxrds.php
@@ -40,11 +40,10 @@ class PublicxrdsAction extends Action {
 
                common_element('Type', NULL, 'xri://$xrds*simple');
 
-               $this->show_service(Auth_OpenID_RP_RETURN_TO_URL_TYPE,
-                                                       common_local_url('finishopenidlogin'));
-               
-               $this->show_service(Auth_OpenID_RP_RETURN_TO_URL_TYPE,
-                                                       common_local_url('finishaddopenid'));
+               foreach (array('finishopenidlogin', 'finishaddopenid', 'finishimmediate') as $finish) {
+                       $this->show_service(Auth_OpenID_RP_RETURN_TO_URL_TYPE,
+                                                               common_local_url($finish));
+               }
                
                common_element_end('XRD');