Closed Bug 706069 Opened 13 years ago Closed 12 years ago

Apps with incomplete submission process cannot be deleted using BrowserID password

Categories

(addons.mozilla.org Graveyard :: Public Pages, defect, P1)

Product:
addons.mozilla.org Graveyard
Component:
Public Pages
Type:
defect

Tracking

(Not tracked)

Status:
VERIFIED FIXED

People

(Reporter: cboldan.mozbugs, Assigned: robhudson)

References

Details

Steps to reproduce:
1. Login to AMO apps page https://apps-preview-dev.allizom.org/en-US/apps/
2. Click on "Tools -> Manage my apps"
3. Click "Delete" link on an app with incomplete submission process
4. Enter your password and click "Delete App"

Expected Results:
The app is deleted and no longer showing in user uploaded apps

Actual Results:
Error message is displayed "Password was incorrect." and user is redirected to the submission process

Notes/Issues:
Verified on IE9 and Safari
Screencast for this issue http://screencast.com/t/shkEqSm2o
Blocks: 690899
Priority: -- → P3
Blocks: 710074
No longer blocks: 690899
Summary: Apps with incomplete submission process cannot be deleted → Apps with incomplete submission process cannot be deleted using BrowserID password
Moving to browserid sounds like we'll need to remove password prompts for regular users and developers.  Fligtar - is that a problem?

Ben - For some parts of AMO where major changes can be done (eg. deleting an app) we prompt the user to reconfirm their password even though they have a valid session.  Is this a use case browserid has thought about or has a solution for?  Asking them to log in again with the big browserid popup could be confusing and is a heavy/jarring flow.
Target Milestone: --- → 6.4.0
(In reply to Wil Clouser [:clouserw] from comment #2)
> Ben - For some parts of AMO where major changes can be done (eg. deleting an
> app) we prompt the user to reconfirm their password even though they have a
> valid session.  Is this a use case browserid has thought about or has a
> solution for?

This is what Crystal calls "reauth", and yes we are working on exactly that. We don't support it yet.
(In reply to Wil Clouser [:clouserw] from comment #2)
> Ben - For some parts of AMO where major changes can be done (eg. deleting an
> app) we prompt the user to reconfirm their password even though they have a
> valid session.  Is this a use case browserid has thought about or has a
> solution for?  Asking them to log in again with the big browserid popup
> could be confusing and is a heavy/jarring flow.

Here's the issue that tracks this feature:

https://github.com/mozilla/browserid/issues/895
I'm fine with removing the password requirement until reauth is supported.
Blocks: 722905
Until reauth is supported, we will disable the password requirement (that's bug 722905).
OS: Windows 7 → All
Hardware: x86_64 → All
Target Milestone: 6.4.0 → ---
Priority: P3 → P1
Assignee: nobody → chudson
Target Milestone: --- → 6.4.3
https://github.com/mozilla/zamboni/commit/62e94c8
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Verified as fixed in https://marketplace-dev.allizom.org/en-US/developers/submissions
Postfix screencast for this issue http://screencast.com/t/xCkDTZHCme
Closing bug.
Status: RESOLVED → VERIFIED
Product: addons.mozilla.org → addons.mozilla.org Graveyard
You need to log in before you can comment on or make changes to this bug.