cherry pick changes from main (#3371)

* feat: remove exif data from uploaded images (#3221) * feat: remove exif tags from images * feat: remove exif data * feat: remove exif * fix: add preferredLoginName to user grant response (#3271) * chore: log webauthn parse error (#3272) * log error * log error * feat: Help link in privacy policy * fix: convert correct detail data on organization (#3279) * fix: handle empty editor users * fix: add some missing translations (#3291) * fix: org policy translations * fix: metadata event types translation * fix: translations * fix: filter resource owner correctly on project grant members (#3281) * fix: filter resource owner correctly on project grant members * fix: filter resource owner correctly on project grant members * fix: add orgIDs to zitadel permissions request Co-authored-by: fabi <fabienne.gerschwiler@gmail.com> * fix: get IAM memberships correctly in MyZitadelPermissions (#3309) * fix: correct login names on auth and notification users (#3349) * fix: correct login names on auth and notification users * fix: migration * fix: handle resource owner in action flows (#3361) * fix merge * fix: exchange exif library (#3366) * fix: exchange exif library * ignore tiffs * requested fixes * feat: Help link in privacy policy Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com> Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2025-08-12 03:57:32 +00:00 · 2022-03-24 14:00:24 +01:00
parent 56b916a2b0
commit 504fe5b761
84 changed files with 1055 additions and 602 deletions
--- a/internal/api/ui/login/external_login_handler.go
+++ b/internal/api/ui/login/external_login_handler.go
@@ -203,7 +203,7 @@ func (l *Login) handleExternalUserAuthenticated(w http.ResponseWriter, r *http.R
 	}

 	instanceID := authz.GetInstance(r.Context()).ID
-	err = l.authRepo.CheckExternalUserLogin(r.Context(), authReq.ID, userAgentID, instanceID, externalUser, domain.BrowserInfoFromRequest(r))
+	err = l.authRepo.CheckExternalUserLogin(setContext(r.Context(), ""), authReq.ID, userAgentID, instanceID, externalUser, domain.BrowserInfoFromRequest(r))
 	if err != nil {
 		if errors.IsNotFound(err) {
 			err = nil
--- a/internal/api/ui/login/jwt_handler.go
+++ b/internal/api/ui/login/jwt_handler.go
@@ -84,7 +84,7 @@ func (l *Login) handleJWTExtraction(w http.ResponseWriter, r *http.Request, auth
 		return
 	}
 	metadata := externalUser.Metadatas
-	err = l.authRepo.CheckExternalUserLogin(r.Context(), authReq.ID, authReq.AgentID, authReq.InstanceID, externalUser, domain.BrowserInfoFromRequest(r))
+	err = l.authRepo.CheckExternalUserLogin(setContext(r.Context(), ""), authReq.ID, authReq.AgentID, authReq.InstanceID, externalUser, domain.BrowserInfoFromRequest(r))
 	if err != nil {
 		l.jwtExtractionUserNotFound(w, r, authReq, idpConfig, tokens, err)
 		return
--- a/internal/api/ui/login/renderer.go
+++ b/internal/api/ui/login/renderer.go
@@ -16,6 +16,7 @@ import (
 	"github.com/caos/zitadel/internal/domain"
 	caos_errs "github.com/caos/zitadel/internal/errors"
 	"github.com/caos/zitadel/internal/i18n"
+	"github.com/caos/zitadel/internal/notification/templates"
 	"github.com/caos/zitadel/internal/renderer"
 	"github.com/caos/zitadel/internal/static"
 )
@@ -30,6 +31,10 @@ type Renderer struct {
 	staticStorage static.Storage
 }

+type LanguageData struct {
+	Lang string
+}
+
 func CreateRenderer(pathPrefix string, staticDir http.FileSystem, staticStorage static.Storage, cookieName string, defaultLanguage language.Tag) *Renderer {
 	r := &Renderer{
 		pathPrefix:    pathPrefix,
@@ -345,24 +350,23 @@ func (l *Login) getBaseData(r *http.Request, authReq *domain.AuthRequest, title
 		CSRF:                   csrf.TemplateField(r),
 		Nonce:                  http_mw.GetNonce(r),
 	}
+	var privacyPolicy *domain.PrivacyPolicy
 	if authReq != nil {
 		baseData.LoginPolicy = authReq.LoginPolicy
 		baseData.LabelPolicy = authReq.LabelPolicy
 		baseData.IDPProviders = authReq.AllowedExternalIDPs
-		if authReq.PrivacyPolicy != nil {
-			baseData.TOSLink = authReq.PrivacyPolicy.TOSLink
-			baseData.PrivacyLink = authReq.PrivacyPolicy.PrivacyLink
+		if authReq.PrivacyPolicy == nil {
+			return baseData
 		}
+		privacyPolicy = authReq.PrivacyPolicy
 	} else {
-		privacyPolicy, err := l.query.DefaultPrivacyPolicy(r.Context())
+		policy, err := l.query.DefaultPrivacyPolicy(r.Context())
 		if err != nil {
 			return baseData
 		}
-		if privacyPolicy != nil {
-			baseData.TOSLink = privacyPolicy.TOSLink
-			baseData.PrivacyLink = privacyPolicy.PrivacyLink
-		}
+		privacyPolicy = policy.ToDomain()
 	}
+	baseData = l.setLinksOnBaseData(baseData, privacyPolicy)
 	return baseData
 }

@@ -392,6 +396,26 @@ func (l *Login) getProfileData(authReq *domain.AuthRequest) profileData {
 	}
 }

+func (l *Login) setLinksOnBaseData(baseData baseData, privacyPolicy *domain.PrivacyPolicy) baseData {
+	lang := LanguageData{
+		Lang: baseData.Lang,
+	}
+	baseData.TOSLink = privacyPolicy.TOSLink
+	baseData.PrivacyLink = privacyPolicy.PrivacyLink
+	baseData.HelpLink = privacyPolicy.HelpLink
+
+	if link, err := templates.ParseTemplateText(privacyPolicy.TOSLink, lang); err == nil {
+		baseData.TOSLink = link
+	}
+	if link, err := templates.ParseTemplateText(privacyPolicy.PrivacyLink, lang); err == nil {
+		baseData.PrivacyLink = link
+	}
+	if link, err := templates.ParseTemplateText(privacyPolicy.HelpLink, lang); err == nil {
+		baseData.HelpLink = link
+	}
+	return baseData
+}
+
 func (l *Login) getErrorMessage(r *http.Request, err error) (errID, errMsg string) {
 	caosErr := new(caos_errs.CaosError)
 	if errors.As(err, &caosErr) {
@@ -519,6 +543,7 @@ type baseData struct {
 	DisplayLoginNameSuffix bool
 	TOSLink                string
 	PrivacyLink            string
+	HelpLink               string
 	AuthReqID              string
 	CSRF                   template.HTML
 	Nonce                  string
--- a/internal/api/ui/login/static/i18n/de.yaml
+++ b/internal/api/ui/login/static/i18n/de.yaml
@@ -297,7 +297,6 @@ Footer:
  Tos: AGB
  PrivacyPolicy: Datenschutzerklärung
  Help: Hilfe
-  HelpLink: https://docs.zitadel.ch/docs/manuals/user-login

 Errors:
  Internal: Es ist ein interner Fehler aufgetreten
--- a/internal/api/ui/login/static/i18n/en.yaml
+++ b/internal/api/ui/login/static/i18n/en.yaml
@@ -298,7 +298,6 @@ Footer:
  Tos: TOS
  PrivacyPolicy: Privacy policy
  Help: Help
-  HelpLink: https://docs.zitadel.ch/docs/manuals/user-login

 Errors:
  Internal: An internal error occured
--- a/internal/api/ui/login/static/i18n/it.yaml
+++ b/internal/api/ui/login/static/i18n/it.yaml
@@ -298,7 +298,6 @@ Footer:
  Tos: Termini di servizio
  PrivacyPolicy: l'informativa sulla privacy
  Help: Aiuto
-  HelpLink: 'https://docs.zitadel.ch/docs/manuals/user-login'

 Errors:
  Internal: Si è verificato un errore interno
--- a/internal/api/ui/login/static/templates/footer.html
+++ b/internal/api/ui/login/static/templates/footer.html
@@ -13,6 +13,8 @@
    {{ if .PrivacyLink }}
        <a href="{{.PrivacyLink}}" rel="noopener noreferrer" target="_blank" alt="Privacy Policy">{{t "Footer.PrivacyPolicy"}}</a>
    {{end}}
-    <a href="{{t "Footer.HelpLink"}}" target="_black" alt="Help">{{t "Footer.Help"}}</a>
+    {{ if .HelpLink }}
+        <a href="{{.HelpLink}}" rel="noopener noreferrer" target="_blank" alt="Help">{{t "Footer.Help"}}</a>
+    {{end}}
 </footer>
 {{end}}