Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add email verification check before showing the Gravatar Quick Editor #23920

Open
wants to merge 1 commit into
base: trunk
Choose a base branch
from
Open
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ import WordPressMedia
struct GravatarQuickEditorPresenter {
let email: String
let authToken: String
let emailVerificationStatus: WPAccount.VerificationStatus

init?(email: String) {
let context = ContextManager.sharedInstance().mainContext
Expand All @@ -16,9 +17,24 @@ struct GravatarQuickEditorPresenter {
}
self.email = email
self.authToken = account.authToken
self.emailVerificationStatus = account.verificationStatus
Copy link
Contributor

@kean kean Dec 23, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey, I'm not sure how accurate this field is. The usage of it was removed from the app, and I was planning to remove the field as well in favor of relying on the server to tell you which operations are not permitted without hardcoding it on the client. What happens if the client doesn't hardcode this check?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What happens if the client doesn't hardcode this check?

Sounds good to me but is there a way to currently achieve that on the JP side?

We want to improve our endpoints to know the reason as to why 401 unauthorized is thrown. That way we'll be able to show a better error. Unfortunately we didn't have chance to come up with a better solution on the SDK side yet(holidays).

There has been a very recent backend change on the Gravatar side. Before that, the Quick Editor worked successfully for unverified emails, but it turns out this isn't supposed to be happening so it's fixed urgently. So, a "session expired" error is displayed in the Gravatar Quick Editor for unverified emails which can be misleading and confusing. This is just an attempt to show a better message until we sort things out the SDK side.

Although I am not sure when this change would be live even if we merged this...

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Gotcha. In that case, I suggest moving the verification check to where the "session expired" error is displayed. I'm just not entirely sure you can rely on account.verificationStatus, and it would be a shame if it blocks the legitimate requests from going through.

}

func presentQuickEditor(on presentingViewController: UIViewController) {
guard emailVerificationStatus == .verified else {
let alert = UIAlertController(
title: nil,
message: NSLocalizedString(
"avatar.update.email.verification.required",
value: "To update your avatar, you need to verify your email address first.",
comment: "An error message displayed when attempting to update an avatar while the user's email address is not verified."
),
preferredStyle: .alert
)
alert.addAction(UIAlertAction(title: SharedStrings.Button.ok, style: .default))
presentingViewController.present(alert, animated: true)
return
}
let presenter = QuickEditorPresenter(
email: Email(email),
scope: .avatarPicker(AvatarPickerConfiguration(contentLayout: .horizontal())),
Expand Down
Loading