Wordpress Teams Integration

Merge lp:~paulgear/wordpress-teams-integration/no-openid-reset-on-logout into lp:wordpress-teams-integration

  1. no-openid-reset-on-logout
  2. Merge into trunk
Proposed by Paul Gear
Status: Merged
Merged at revision: 32
Proposed branch: lp:~paulgear/wordpress-teams-integration/no-openid-reset-on-logout
Merge into: lp:wordpress-teams-integration
Diff against target: 28 lines (+0/-11)
1 file modified
openid-teams.php (+0/-11)
To merge this branch: bzr merge lp:~paulgear/wordpress-teams-integration/no-openid-reset-on-logout
Reviewer Review Type Date Requested Status
Paul Collins lgtm Approve
Review via email: mp+330051@code.launchpad.net
To post a comment you must log in.
Revision history for this message
Paul Collins (pjdc) :
review: Approve (lgtm)
Revision history for this message
Paul Gear (paulgear) wrote :

To summarise the no-longer-visible commit log:

Do not remove OpenID roles on logout

There is no guarantee that logout will be run anyway, and removing the roles is actively harmful, because it prevents an editor from attributing posts to an author after logout.

OpenID roles are reset to their current values on login, so there is no risk in this arrangement that a user will receive increased privileges due to their roles remaining while they are logged out.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'openid-teams.php'
--- openid-teams.php 2015-01-14 16:21:38 +0000
+++ openid-teams.php 2017-09-01 01:01:35 +0000
@@ -32,7 +32,6 @@
32 'openid_teams_add_extenstion', 10, 2);32 'openid_teams_add_extenstion', 10, 2);
33add_action('openid_finish_auth', 'openid_teams_finish_auth', 9, 2);33add_action('openid_finish_auth', 'openid_teams_finish_auth', 9, 2);
34add_action('wp_login', 'openid_teams_assign_on_login');34add_action('wp_login', 'openid_teams_assign_on_login');
35add_action('wp_logout', 'openid_teams_assign_on_logout');
36/**35/**
37 * Add the teams admin page to the main admin menu36 * Add the teams admin page to the main admin menu
38 */37 */
@@ -613,16 +612,6 @@
613}612}
614613
615/**614/**
616 * Clear the user's roles assigned by openid teams on logout if possible
617 *
618 * It isn't guaranteed that users will use the logout button but this will
619 * remove the roles from the admin interface if they do.
620 */
621function openid_teams_assign_on_logout() {
622 restore_old_roles(wp_get_current_user());
623}
624
625/**
626 * Remove roles from the user which were assigned on last login by openid teams615 * Remove roles from the user which were assigned on last login by openid teams
627 *616 *
628 * @param object $user617 * @param object $user

Subscribers

People subscribed via source and target branches