Change the order of processing to allow various modules to respond to the identity change event after the new provider instance has been installed. Once the new provider is installed and activated, we can uninstall the old provider which causes users to be deleted. This should be safer, because at this point our new identity provider has been installed, most of the ownership issues have been resolved by the identity change handlers. If there are any ownership issues left, the user deleted event has the new identity provider to uses to rectify them.

1 files changed, 4 insertions, 4 deletions

diff --git a/modules/gallery/controllers/admin_identity.php b/modules/gallery/controllers/admin_identity.php
index 520b1966..acf71665 100644
--- a/modules/gallery/controllers/admin_identity.php
+++ b/modules/gallery/controllers/admin_identity.php
@@ -40,15 +40,11 @@ class Admin_Identity_Controller extends Admin_Controller {
 
     $active_provider = module::get_var("gallery", "identity_provider", "user");
     $providers = identity::providers();
-
     $new_provider = $this->input->post("provider");
 
     if ($new_provider != $active_provider) {
 
-      module::event("identity_before_change", $active_provider, $new_provider);
-
       module::deactivate($active_provider);
-      module::uninstall($active_provider);
 
       // Switch authentication
       identity::reset();
@@ -57,6 +53,10 @@ class Admin_Identity_Controller extends Admin_Controller {
       module::install($new_provider);
       module::activate($new_provider);
 
+      module::event("identity_provider_changed", $active_provider, $new_provider);
+
+      module::uninstall($active_provider);
+
       message::success(t("Changed to %description",
                          array("description" => $providers->$new_provider)));