[aur-dev] [PATCH] False 'File Request' buttons for unconfirmed users
Gordian Edenhofer
gordian.edenhofer at gmail.com
Fri Jun 19 22:02:48 UTC 2015
On Fri, 2015-06-19 at 22:48 +0200, Marcel Korpel wrote:
> * Gordian Edenhofer <gordian.edenhofer at gmail.com> (Thu, 11 Jun 2015
> 00:35:59 +0200):
> > On Wed, 2015-06-10 at 20:45 +0200, Marcel Korpel wrote:
> > > * Gordian Edenhofer <gordian.edenhofer at gmail.com> (Wed, 10 Jun
> > > 2015
> > > 19:56:12 +0200):
> > > > Displaying flag, notify, vote and file requet buttons for users
> > > > which did not authenticate themselves and letting those fake
> > > > buttons link to the login page.
> > >
> > > I'm not sure I like this user experience, especially as you get
> > > (back)
> > > to the home page after login yet, and not to the expected page.
> >
> > Good point, I will try to add this functionality pretty soon.
> > However my main concern was to at least show the user what options
> > the
> > AUR offers, without having to dig through the wiki or contact the
> > mailing list.
>
> There's still one thing to bear in mind with these buttons: even if
> you
> click one of them and the redirection after login is implemented, you
> get back to the package page and you have to click the button again.
> I
> don't think this is a good user experience.
>
> A solution would be to
>
> * send the login page something that doesn't let it redirect back to
> the package page, but to the action page,
>
> or
>
> * don't use these false buttons at all, but always link to the
> correct
> pages, and let those decide whether a user has the permission to do
> this
> action and if not, redirect to the login page: this way the login
> page
> will redirect back to the action page.
>
> I'd go for the second approach.
>
Those action pages assume to get incoming post requests. This comes
down to the problem I tried to point out in my comment: Post requests
are not redirected as post requests.
Flagging or voting a package generates a post request, however my
approach is not able to redirect an incoming post request to the login
page back as an outgoing post request to the desired destination. For
this redirect to work js would be needed to autosubmit an invisible
form back to the original referer. Though without js this redirect
would not work and the site would be crippled.
Best regards,
Gordian
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part
URL: <https://lists.archlinux.org/pipermail/aur-dev/attachments/20150620/a1dafad1/attachment.asc>
More information about the aur-dev
mailing list