From 54a052848ac23e8d8eb35159967b037842fe94b7 Mon Sep 17 00:00:00 2001
From: Emi Matchu
Date: Sun, 7 Apr 2024 08:27:02 -0700
Subject: [PATCH] Disable disconnecting NeoPass if no password/email is set
Just as a precautionary thing! Seems polite.
---
.../stylesheets/partials/clean/_mixins.sass | 10 ++++++----
app/models/auth_user.rb | 4 ++++
app/views/devise/registrations/edit.html.erb | 17 ++++++++++++++++-
3 files changed, 26 insertions(+), 5 deletions(-)
diff --git a/app/assets/stylesheets/partials/clean/_mixins.sass b/app/assets/stylesheets/partials/clean/_mixins.sass
index e5fa738b..f248e90c 100644
--- a/app/assets/stylesheets/partials/clean/_mixins.sass
+++ b/app/assets/stylesheets/partials/clean/_mixins.sass
@@ -41,17 +41,19 @@
padding: .5em .75em .45em
color: #fff
text-decoration: none
- -moz-box-shadow: 0 1px 3px rgba(0, 0, 0, 0.5)
- -webkit-box-shadow: 0 1px 3px rgba(0, 0, 0, 0.5)
+ box-shadow: 0 1px 3px rgba(0, 0, 0, 0.5)
text-shadow: 0 -1px 1px rgba(0, 0, 0, 0.25)
border-bottom: 1px solid rgba(0, 0, 0, 0.25)
position: relative
font-weight: bold
line-height: 1
- &:hover
+ &:hover:not(:disabled)
color: #fff
- &:active
+ &:active:not(:disabled)
transform: translateY(1px)
+ &:disabled
+ background: #999999 image-url("alert-overlay.png") repeat-x
+ cursor: not-allowed
=reset-awesome-button
border-radius: 0
diff --git a/app/models/auth_user.rb b/app/models/auth_user.rb
index f8ff9a60..3c9ce87b 100644
--- a/app/models/auth_user.rb
+++ b/app/models/auth_user.rb
@@ -48,6 +48,10 @@ class AuthUser < AuthRecord
neopass_email || uid
end
+ def uses_password?
+ encrypted_password?
+ end
+
def disconnect_neopass
# If there's no NeoPass, we're already done!
return true if !uses_neopass?
diff --git a/app/views/devise/registrations/edit.html.erb b/app/views/devise/registrations/edit.html.erb
index c990065a..68857d5f 100644
--- a/app/views/devise/registrations/edit.html.erb
+++ b/app/views/devise/registrations/edit.html.erb
@@ -75,8 +75,23 @@
you can still use "Forgot your password?" to recover your Dress to
Impress account, using the Email saved in "Your info".
+ <% if !resource.uses_password? && !resource.email %>
+
+ You can't remove this NeoPass yet, because you need to either set a
+ password or a recovery email first. (Ideally both!)
+
+ <% elsif !resource.uses_password? %>
+
+ Be extra careful here! Your account doesn't have a password set.
+
+ <% elsif !resource.email? %>
+
+ Be extra careful here! Your account doesn't have an email set.
+
+ <% end %>
- <%= form.submit "Disconnect your NeoPass" %>
+ <%= form.submit "Disconnect your NeoPass",
+ disabled: !resource.uses_password? && !resource.email? %>
<% end %>
<% end %>