janboddez
commented
1 month ago Note that 2838bb8 is far from good enough. The Profile screen's a mess, and somehow updates (like getting or revoking access) aren't visible right away; a page refresh is needed. Also, changing instances should revoke and remove access and client details, but is looks like maybe it doesn't, or at least not right away?
Think this is because we load the user's meta and then update is later on (in a separate function), but then as we render the page we still work off the old values.
The original (blog-wide) options handler doesn't suffer from this, because the options array is a class var that is always kept up to date. Could probably fix this by overriding the global values (with the user's) in that same class var.
Could add an option (behind a global constant) for multi-account support.
This would move the instance field and authorize button to either Users > Profile or a separate subpage under Users.
All other settings should (or could) probably stay where they currently are.
If we kept everything as is but instead store separate tokens per user and instance, all in the same options table row, we'd have to rethink the minimum capability for things like accessing the settings page. I don't want to do that.
Instead, if the option is active, we'd disregard the global instance/token/whatnot and instead look at the current user's meta. And we'd still only crosspost to the account of the post author (even is someone else is doing the editing/publishing/updating).