Here's what I wrote mailing list post I linked to, it gives an example of why this feature is required:
There are a number of cases where it makes sense to be able to remove a snap without logging in: - You may be offline and so can't do an Ubuntu One login at this time. - You don't have an Ubuntu One account but you want to remove something. - The snap came pre-installed, and you want to remove it. You have no need to log in and install more snaps (at that time). - You are a different user to the one who installed it. The reason gnome-software triggers the login is the following happens: 1. g-s finds the snap using GET /v2/snaps on snapd. 2. The user clicks "Remove" 3. g-s requests removal using POST /v2/snaps/[name] 4. snapd returns the error "login-required" 5. g-s prompts the user for email address / password 6. g-s asks the system D-Bus service snapd-login-service to login with the email address / password 7. snapd-login-service checks with Polkit that the user is allowed to do this 8. Polkit triggers a password prompt to check the user is there 9. snapd-login-service calls POST /v2/login on snapd 10. snapd returns a macaroon 11. snapd-login-service returns the macaroon to g-s 12. g-s repeats POST /v2/snaps/[name] using the macaroon The question is - does it make sense to make a new request to snapd that gets an authorization macaroon without logging into Ubuntu One? i.e. something like this: 1. g-s finds the snap using GET /v2/snaps on snapd. 2. The user clicks "Remove" 3. g-s requests removal using POST /v2/snaps/[name] 4. snapd returns the error "login-required" 5. g-s asks the system D-Bus service snapd-login-service to authorize 6. snapd-login-service checks with Polkit that the user is allowed to do this 7. Polkit triggers a password prompt to check the user is there 8. snapd-login-service calls POST /v2/authorize on snapd 9. snapd returns a macaroon 10. snapd-login-service returns the macaroon to g-s 11. g-s repeats POST /v2/snaps/[name] using the macaroon If we do this at what point do we prompt a user to do an Ubuntu One login? Do we have two error messages "auth-required" and "login-required"? Or is login an optional thing that we let the user decide if they want to do it? -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-software in Ubuntu. https://bugs.launchpad.net/bugs/1581713 Title: Ubuntu Software always asks for an Ubuntu Single Sign-On account when installing or removing a snap package To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-gnome/+bug/1581713/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
