TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2024-12-04 23:45:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: remove default TOS and privacy links (#8122)

Browse Source 
# Which Problems Are Solved

The default terms of service and privacy policy links are applied to all
new ZITADEL instances, also for self hosters. However, the links
contents don't apply to self-hosters.

# How the Problems Are Solved

The links are removed from the DefaultInstance section in the
*defaults.yaml* file.
By default, the links are not shown anymore in the hosted login pages.
They can still be configured using the privacy policy.

# Additional Context

- Found because of a support request
This commit is contained in:
Elio Bischof 2024-07-25 08:39:10 +02:00 committed by GitHub
parent f34897a8c8
commit 693e27b906
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 87 additions and 94 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
cmd/defaults.yaml
View File

@ -712,8 +712,8 @@ DefaultInstance:
SecondFactorCheckLifetime: 18h # ZITADEL_DEFAULTINSTANCE_LOGINPOLICY_SECONDFACTORCHECKLIFETIME
MultiFactorCheckLifetime: 12h # ZITADEL_DEFAULTINSTANCE_LOGINPOLICY_MULTIFACTORCHECKLIFETIME
PrivacyPolicy:
TOSLink: https://zitadel.com/docs/legal/terms-of-service # ZITADEL_DEFAULTINSTANCE_PRIVACYPOLICY_TOSLINK
PrivacyLink: https://zitadel.com/docs/legal/privacy-policy # ZITADEL_DEFAULTINSTANCE_PRIVACYPOLICY_PRIVACYLINK
TOSLink: "" # ZITADEL_DEFAULTINSTANCE_PRIVACYPOLICY_TOSLINK
PrivacyLink: "" # ZITADEL_DEFAULTINSTANCE_PRIVACYPOLICY_PRIVACYLINK
HelpLink: "" # ZITADEL_DEFAULTINSTANCE_PRIVACYPOLICY_HELPLINK
SupportEmail: "" # ZITADEL_DEFAULTINSTANCE_PRIVACYPOLICY_SUPPORTEMAIL
DocsLink: https://zitadel.com/docs # ZITADEL_DEFAULTINSTANCE_PRIVACYPOLICY_DOCSLINK

166
e2e/cypress/e2e/settings/external-links-settings.cy.ts
View File

@ -1,104 +1,98 @@
import { ensureExternalLinksSettingsSet } from 'support/api/external-links-settings';
import { apiAuth } from '../../support/api/apiauth';
describe('instance external link settings', () => {
const externalLinkSettingsPath = `/instance?id=privacypolicy`;
const tosLink = 'https://zitadel.com/docs/legal/terms-of-service';
const privacyPolicyLink = 'https://zitadel.com/docs/legal/privacy-policy';
describe('external link settings', () => {
const tosLink = '';
const privacyPolicyLink = '';
const helpLink = '';
const supportEmail = '';
const customLink = '';
const customLinkText = '';
const docsLink = 'https://zitadel.com/docs';
beforeEach(`ensure they are set`, () => {
beforeEach(`reset`, () => {
apiAuth().then((apiCallProperties) => {
ensureExternalLinksSettingsSet(apiCallProperties, tosLink, privacyPolicyLink, docsLink);
cy.visit(externalLinkSettingsPath);
});
});
it(`should have default settings`, () => {
cy.get('[formcontrolname="tosLink"]').should('value', tosLink);
cy.get('[formcontrolname="privacyLink"]').should('value', privacyPolicyLink);
cy.get('[formcontrolname="helpLink"]').should('value', helpLink);
cy.get('[formcontrolname="supportEmail"]').should('value', supportEmail);
cy.get('[formcontrolname="customLink"]').should('value', customLink);
cy.get('[formcontrolname="customLinkText"]').should('value', customLinkText);
cy.get('[formcontrolname="docsLink"]').should('value', docsLink);
describe('instance', () => {
beforeEach(`visit`, () => {
cy.visit(`/instance?id=privacypolicy`);
});
it(`should have default settings`, () => {
cy.get('[formcontrolname="tosLink"]').should('value', tosLink);
cy.get('[formcontrolname="privacyLink"]').should('value', privacyPolicyLink);
cy.get('[formcontrolname="helpLink"]').should('value', helpLink);
cy.get('[formcontrolname="supportEmail"]').should('value', supportEmail);
cy.get('[formcontrolname="customLink"]').should('value', customLink);
cy.get('[formcontrolname="customLinkText"]').should('value', customLinkText);
cy.get('[formcontrolname="docsLink"]').should('value', docsLink);
});
it(`should update external links`, () => {
cy.get('[formcontrolname="tosLink"]').clear().type('tosLink2');
cy.get('[formcontrolname="privacyLink"]').clear().type('privacyLink2');
cy.get('[formcontrolname="helpLink"]').clear().type('helpLink');
cy.get('[formcontrolname="supportEmail"]').clear().type('support@example.com');
cy.get('[formcontrolname="customLink"]').clear().type('customLink');
cy.get('[formcontrolname="customLinkText"]').clear().type('customLinkText');
cy.get('[formcontrolname="docsLink"]').clear().type('docsLink');
cy.get('[data-e2e="save-button"]').click();
cy.shouldConfirmSuccess();
});
it(`should return to default values`, () => {
cy.get('[formcontrolname="tosLink"]').should('value', tosLink);
cy.get('[formcontrolname="privacyLink"]').should('value', privacyPolicyLink);
cy.get('[formcontrolname="helpLink"]').should('value', helpLink);
cy.get('[formcontrolname="supportEmail"]').should('value', supportEmail);
cy.get('[formcontrolname="customLink"]').should('value', customLink);
cy.get('[formcontrolname="customLinkText"]').should('value', customLinkText);
cy.get('[formcontrolname="docsLink"]').should('value', docsLink);
});
});
it(`should update external links`, () => {
cy.get('[formcontrolname="tosLink"]').clear().type('tosLink2');
cy.get('[formcontrolname="privacyLink"]').clear().type('privacyLink2');
cy.get('[formcontrolname="helpLink"]').clear().type('helpLink');
cy.get('[formcontrolname="supportEmail"]').clear().type('support@example.com');
cy.get('[formcontrolname="customLink"]').clear().type('customLink');
cy.get('[formcontrolname="customLinkText"]').clear().type('customLinkText');
cy.get('[formcontrolname="docsLink"]').clear().type('docsLink');
cy.get('[data-e2e="save-button"]').click();
cy.shouldConfirmSuccess();
describe('org', () => {
beforeEach(`visit`, () => {
cy.visit(`/org-settings?id=privacypolicy`);
});
it(`should have default settings`, () => {
cy.get('[formcontrolname="tosLink"]').should('value', tosLink);
cy.get('[formcontrolname="privacyLink"]').should('value', privacyPolicyLink);
cy.get('[formcontrolname="helpLink"]').should('value', helpLink);
cy.get('[formcontrolname="supportEmail"]').should('value', supportEmail);
cy.get('[formcontrolname="customLink"]').should('value', customLink);
cy.get('[formcontrolname="customLinkText"]').should('value', customLinkText);
cy.get('[formcontrolname="docsLink"]').should('value', docsLink);
});
it(`should update external links`, () => {
cy.get('[formcontrolname="tosLink"]').clear().type('tosLink2');
cy.get('[formcontrolname="privacyLink"]').clear().type('privacyLink2');
cy.get('[formcontrolname="helpLink"]').clear().type('helpLink');
cy.get('[formcontrolname="supportEmail"]').clear().type('support@example.com');
cy.get('[formcontrolname="customLink"]').clear().type('customLink');
cy.get('[formcontrolname="customLinkText"]').clear().type('customLinkText');
cy.get('[formcontrolname="docsLink"]').clear().type('docsLink');
cy.get('[data-e2e="save-button"]').click();
cy.shouldConfirmSuccess();
});
it(`should return to default values`, () => {
cy.get('[data-e2e="reset-button"]').click();
cy.get('[data-e2e="confirm-dialog-button"]').click();
cy.get('[formcontrolname="tosLink"]').should('value', tosLink);
cy.get('[formcontrolname="privacyLink"]').should('value', privacyPolicyLink);
cy.get('[formcontrolname="helpLink"]').should('value', helpLink);
cy.get('[formcontrolname="supportEmail"]').should('value', supportEmail);
cy.get('[formcontrolname="customLink"]').should('value', customLink);
cy.get('[formcontrolname="customLinkText"]').should('value', customLinkText);
cy.get('[formcontrolname="docsLink"]').should('value', docsLink);
});
});
})
it(`should return to default values`, () => {
cy.get('[formcontrolname="tosLink"]').should('value', tosLink);
cy.get('[formcontrolname="privacyLink"]').should('value', privacyPolicyLink);
cy.get('[formcontrolname="helpLink"]').should('value', helpLink);
cy.get('[formcontrolname="supportEmail"]').should('value', supportEmail);
cy.get('[formcontrolname="customLink"]').should('value', customLink);
cy.get('[formcontrolname="customLinkText"]').should('value', customLinkText);
cy.get('[formcontrolname="docsLink"]').should('value', docsLink);
});
});
describe('instance external link settings', () => {
const externalLinkSettingsPath = `/org-settings?id=privacypolicy`;
const tosLink = 'https://zitadel.com/docs/legal/terms-of-service';
const privacyPolicyLink = 'https://zitadel.com/docs/legal/privacy-policy';
const helpLink = '';
const supportEmail = '';
const customLink = '';
const customLinkText = '';
const docsLink = 'https://zitadel.com/docs';
beforeEach(() => {
cy.context().as('ctx');
cy.visit(externalLinkSettingsPath);
});
it(`should have default settings`, () => {
cy.get('[formcontrolname="tosLink"]').should('value', tosLink);
cy.get('[formcontrolname="privacyLink"]').should('value', privacyPolicyLink);
cy.get('[formcontrolname="helpLink"]').should('value', helpLink);
cy.get('[formcontrolname="supportEmail"]').should('value', supportEmail);
cy.get('[formcontrolname="customLink"]').should('value', customLink);
cy.get('[formcontrolname="customLinkText"]').should('value', customLinkText);
cy.get('[formcontrolname="docsLink"]').should('value', docsLink);
});
it(`should update external links`, () => {
cy.get('[formcontrolname="tosLink"]').clear().type('tosLink2');
cy.get('[formcontrolname="privacyLink"]').clear().type('privacyLink2');
cy.get('[formcontrolname="helpLink"]').clear().type('helpLink');
cy.get('[formcontrolname="supportEmail"]').clear().type('support@example.com');
cy.get('[formcontrolname="customLink"]').clear().type('customLink');
cy.get('[formcontrolname="customLinkText"]').clear().type('customLinkText');
cy.get('[formcontrolname="docsLink"]').clear().type('docsLink');
cy.get('[data-e2e="save-button"]').click();
cy.shouldConfirmSuccess();
});
it(`should return to default values`, () => {
cy.get('[data-e2e="reset-button"]').click();
cy.get('[data-e2e="confirm-dialog-button"]').click();
cy.get('[formcontrolname="tosLink"]').should('value', tosLink);
cy.get('[formcontrolname="privacyLink"]').should('value', privacyPolicyLink);
cy.get('[formcontrolname="helpLink"]').should('value', helpLink);
cy.get('[formcontrolname="supportEmail"]').should('value', supportEmail);
cy.get('[formcontrolname="customLink"]').should('value', customLink);
cy.get('[formcontrolname="customLinkText"]').should('value', customLinkText);
cy.get('[formcontrolname="docsLink"]').should('value', docsLink);
});
});

7
e2e/cypress/support/api/external-links-settings.ts
View File

@ -11,12 +11,11 @@ export function ensureExternalLinksSettingsSet(api: API, tosLink: string, privac
id: body.policy.id,
entity: null,
};
if (
body.policy &&
body.policy.tosLink === tosLink &&
body.policy.privacyLink === privacyPolicyLink &&
body.policy.docsLink === docsLink
(body.policy.tosLink || '') === tosLink &&
(body.policy.privacyLink || '') === privacyPolicyLink &&
(body.policy.docsLink || '') === docsLink
) {
return { ...result, entity: body.policy };
}

4
internal/api/grpc/admin/restrictions_integration_allowed_languages_test.go
View File

@ -90,7 +90,7 @@ func TestServer_Restrictions_AllowedLanguages(t *testing.T) {
awaitDiscoveryEndpoint(tt, domain, []string{defaultAndAllowedLanguage.String()}, []string{disallowedLanguage.String()})
})
t.Run("the login ui is rendered in the default language", func(tt *testing.T) {
awaitLoginUILanguage(tt, domain, disallowedLanguage, defaultAndAllowedLanguage, "Allgemeine Geschäftsbedingungen und Datenschutz")
awaitLoginUILanguage(tt, domain, disallowedLanguage, defaultAndAllowedLanguage, "Passwort")
})
t.Run("preferred languages are not restricted by the supported languages", func(tt *testing.T) {
tt.Run("change user profile", func(ttt *testing.T) {
@ -151,7 +151,7 @@ func TestServer_Restrictions_AllowedLanguages(t *testing.T) {
awaitDiscoveryEndpoint(ttt, domain, []string{disallowedLanguage.String()}, nil)
})
tt.Run("the login ui is rendered in the previously disallowed language", func(ttt *testing.T) {
awaitLoginUILanguage(ttt, domain, disallowedLanguage, disallowedLanguage, "Términos y condiciones")
awaitLoginUILanguage(ttt, domain, disallowedLanguage, disallowedLanguage, "Contraseña")
})
})
}