fix: hide / show username suffix correctly on registration pages (#4097)

2025-01-12 12:43:40 +00:00 · 2022-08-02 16:31:35 +02:00 · 2022-08-02 16:31:35 +02:00 · fbd04d399d
commit fbd04d399d
parent 9326061f1a
7 changed files with 43 additions and 5 deletions
--- a/internal/api/ui/login/external_login_handler.go
+++ b/internal/api/ui/login/external_login_handler.go
@ -51,6 +51,7 @@ type externalNotFoundOptionData struct {
 	ExternalIDPUserID          string
 	ExternalIDPUserDisplayName string
 	ShowUsername               bool
+	ShowUsernameSuffix         bool
 	OrgRegister                bool
 	ExternalEmail              string
 	ExternalEmailVerified      bool
@ -274,6 +275,19 @@ func (l *Login) renderExternalNotFoundOption(w http.ResponseWriter, r *http.Requ
 		human, externalIDP, _ = l.mapExternalUserToLoginUser(orgIAMPolicy, linkingUser, idpConfig)
 	}

+	var resourceOwner string
+	if authReq != nil {
+		resourceOwner = authReq.RequestedOrgID
+	}
+	if resourceOwner == "" {
+		resourceOwner = authz.GetInstance(r.Context()).DefaultOrganisationID()
+	}
+	labelPolicy, err := l.getLabelPolicy(r, resourceOwner)
+	if err != nil {
+		l.renderError(w, r, authReq, err)
+		return
+	}
+
 	data := externalNotFoundOptionData{
 		baseData: l.getBaseData(r, authReq, "ExternalNotFoundOption", errID, errMessage),
 		externalNotFoundOptionFormData: externalNotFoundOptionFormData{
@ -292,6 +306,7 @@ func (l *Login) renderExternalNotFoundOption(w http.ResponseWriter, r *http.Requ
 		ExternalEmail:              human.EmailAddress,
 		ExternalEmailVerified:      human.IsEmailVerified,
 		ShowUsername:               orgIAMPolicy.UserLoginMustBeDomain,
+		ShowUsernameSuffix:         !labelPolicy.HideLoginNameSuffix,
 		OrgRegister:                orgIAMPolicy.UserLoginMustBeDomain,
 	}
 	if human.Phone != nil {
--- a/internal/api/ui/login/external_register_handler.go
+++ b/internal/api/ui/login/external_register_handler.go
@ -44,6 +44,7 @@ type externalRegisterData struct {
 	ExternalIDPUserID          string
 	ExternalIDPUserDisplayName string
 	ShowUsername               bool
+	ShowUsernameSuffix         bool
 	OrgRegister                bool
 	ExternalEmail              string
 	ExternalEmailVerified      bool
@ -121,13 +122,19 @@ func (l *Login) handleExternalUserRegister(w http.ResponseWriter, r *http.Reques
 		l.renderRegisterOption(w, r, authReq, err)
 		return
 	}
+
+	labelPolicy, err := l.getLabelPolicy(r, resourceOwner)
+	if err != nil {
+		l.renderRegisterOption(w, r, authReq, err)
+		return
+	}
 	user, externalIDP := l.mapTokenToLoginHumanAndExternalIDP(orgIamPolicy, tokens, idpConfig)
 	if err != nil {
 		l.renderRegisterOption(w, r, authReq, err)
 		return
 	}
 	if !idpConfig.AutoRegister {
-		l.renderExternalRegisterOverview(w, r, authReq, orgIamPolicy, user, externalIDP, nil)
+		l.renderExternalRegisterOverview(w, r, authReq, orgIamPolicy, user, externalIDP, labelPolicy.HideLoginNameSuffix, nil)
 		return
 	}
 	l.registerExternalUser(w, r, authReq, user, externalIDP)
@ -157,7 +164,7 @@ func (l *Login) registerExternalUser(w http.ResponseWriter, r *http.Request, aut
 	l.renderNextStep(w, r, authReq)
 }

-func (l *Login) renderExternalRegisterOverview(w http.ResponseWriter, r *http.Request, authReq *domain.AuthRequest, orgIAMPolicy *query.DomainPolicy, human *domain.Human, idp *domain.UserIDPLink, err error) {
+func (l *Login) renderExternalRegisterOverview(w http.ResponseWriter, r *http.Request, authReq *domain.AuthRequest, orgIAMPolicy *query.DomainPolicy, human *domain.Human, idp *domain.UserIDPLink, hideLoginNameSuffix bool, err error) {
 	var errID, errMessage string
 	if err != nil {
 		errID, errMessage = l.getErrorMessage(r, err)
@ -180,6 +187,7 @@ func (l *Login) renderExternalRegisterOverview(w http.ResponseWriter, r *http.Re
 		ExternalEmailVerified:      human.IsEmailVerified,
 		ShowUsername:               orgIAMPolicy.UserLoginMustBeDomain,
 		OrgRegister:                orgIAMPolicy.UserLoginMustBeDomain,
+		ShowUsernameSuffix:         !hideLoginNameSuffix,
 	}
 	if human.Phone != nil {
 		data.Phone = human.PhoneNumber
--- a/internal/api/ui/login/policy_handler.go
+++ b/internal/api/ui/login/policy_handler.go
@ -28,3 +28,10 @@ func (l *Login) getLoginPolicy(r *http.Request, orgID string) (*query.LoginPolic
 	}
 	return l.query.LoginPolicyByID(r.Context(), false, orgID)
 }
+
+func (l *Login) getLabelPolicy(r *http.Request, orgID string) (*query.LabelPolicy, error) {
+	if orgID == "" {
+		return l.query.DefaultActiveLabelPolicy(r.Context())
+	}
+	return l.query.ActiveLabelPolicyByOrg(r.Context(), orgID)
+}
--- a/internal/api/ui/login/register_handler.go
+++ b/internal/api/ui/login/register_handler.go
@ -37,6 +37,7 @@ type registerData struct {
 	HasNumber                 string
 	HasSymbol                 string
 	ShowUsername              bool
+	ShowUsernameSuffix        bool
 	OrgRegister               bool
 }

@ -149,6 +150,13 @@ func (l *Login) renderRegister(w http.ResponseWriter, r *http.Request, authReque
 	data.ShowUsername = orgIAMPolicy.UserLoginMustBeDomain
 	data.OrgRegister = orgIAMPolicy.UserLoginMustBeDomain

+	labelPolicy, err := l.getLabelPolicy(r, resourceOwner)
+	if err != nil {
+		l.renderRegister(w, r, authRequest, formData, err)
+		return
+	}
+	data.ShowUsernameSuffix = !labelPolicy.HideLoginNameSuffix
+
 	funcs := map[string]interface{}{
 		"selectedLanguage": func(l string) bool {
 			if formData == nil {
--- a/internal/api/ui/login/static/templates/external_not_found_option.html
+++ b/internal/api/ui/login/static/templates/external_not_found_option.html
@ -39,7 +39,7 @@
            <div class="lgn-suffix-wrapper">
                <input class="lgn-input lgn-suffix-input" type="text" id="username" name="username"
                       value="{{ .Username }}" required>
-                {{if .ShowUsername}}
+                {{if .ShowUsernameSuffix}}
                <span id="default-login-suffix" lgnsuffix class="loginname-suffix">@{{.PrimaryDomain}}</span>
                {{end}}
            </div>
--- a/internal/api/ui/login/static/templates/external_register_overview.html
+++ b/internal/api/ui/login/static/templates/external_register_overview.html
@ -39,7 +39,7 @@
            <div class="lgn-suffix-wrapper">
                <input class="lgn-input lgn-suffix-input" type="text" id="username" name="username"
                       value="{{ .Username }}" required>
-                {{if .ShowUsername}}
+                {{if .ShowUsernameSuffix}}
                <span id="default-login-suffix" lgnsuffix class="loginname-suffix">@{{.PrimaryDomain}}</span>
                {{end}}
            </div>
--- a/internal/api/ui/login/static/templates/register.html
+++ b/internal/api/ui/login/static/templates/register.html
@ -42,7 +42,7 @@
            <label class="lgn-label" for="username">{{t "RegistrationUser.UsernameLabel"}}</label>
            <div class="lgn-suffix-wrapper">
                <input class="lgn-input lgn-suffix-input" type="text" id="username" name="username" autocomplete="email" value="{{ .Email }}" required>
-                {{if .ShowUsername}}
+                {{if .ShowUsernameSuffix}}
                    <span id="default-login-suffix" lgnsuffix class="loginname-suffix">@{{.PrimaryDomain}}</span>
                {{end}}
            </div>