FEATURE: Rename 'Discourse SSO' to DiscourseConnect (#11978)

The 'Discourse SSO' protocol is being rebranded to DiscourseConnect. This should help to reduce confusion when 'SSO' is used in the generic sense. This commit aims to: - Rename `sso_` site settings. DiscourseConnect specific ones are prefixed `discourse_connect_`. Generic settings are prefixed `auth_` - Add (server-side-only) backwards compatibility for the old setting names, with deprecation notices - Copy `site_settings` database records to the new names - Rename relevant translation keys - Update relevant translations This commit does **not** aim to: - Rename any Ruby classes or methods. This might be done in a future commit - Change any URLs. This would break existing integrations - Make any changes to the protocol. This would break existing integrations - Change any functionality. Further normalization across DiscourseConnect and other auth methods will be done separately The risks are: - There is no backwards compatibility for site settings on the client-side. Accessing auth-related site settings in Javascript is fairly rare, and an error on the client side would not be security-critical. - If a plugin is monkey-patching parts of the auth process, changes to locale keys could cause broken error messages. This should also be unlikely. The old site setting names remain functional, so security-related overrides will remain working. A follow-up commit will be made with a post-deploy migration to delete the old `site_settings` rows.
2025-02-25 18:55:32 -06:00 · 2021-02-08 10:04:33 +00:00
parent 205db66864
commit 821bb1e8cb
71 changed files with 421 additions and 355 deletions
--- a/db/migrate/20181005084357_add_sso_provider_secrets_to_site_settings.rb
+++ b/db/migrate/20181005084357_add_sso_provider_secrets_to_site_settings.rb
@@ -2,12 +2,14 @@

 class AddSsoProviderSecretsToSiteSettings < ActiveRecord::Migration[5.2]
  def up
-    return unless SiteSetting.enable_sso_provider && SiteSetting.sso_secret.present?
-    sso_secret = SiteSetting.sso_secret
-    sso_secret_insert = ActiveRecord::Base.connection.quote("*|#{sso_secret}")
-
-    execute "INSERT INTO site_settings(name, data_type, value, created_at, updated_at)
-             VALUES ('sso_provider_secrets', 8, #{sso_secret_insert}, now(), now())"
+    execute <<~SQL
+      INSERT INTO site_settings(name, data_type, value, created_at, updated_at)
+      SELECT 'sso_provider_secrets', 8, '*|' || value, now(), now()
+      FROM site_settings WHERE name = 'sso_secret'
+      AND EXISTS (
+        SELECT 1 FROM site_settings WHERE name = 'enable_sso_provider' AND value = 't'
+      )
+    SQL
  end

  def down
--- a/db/migrate/20210204135429_rename_sso_site_settings.rb
+++ b/db/migrate/20210204135429_rename_sso_site_settings.rb
@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+class RenameSsoSiteSettings < ActiveRecord::Migration[6.0]
+  RENAME_SETTINGS = [
+    ['enable_sso', 'enable_discourse_connect'],
+    ['sso_allows_all_return_paths', 'discourse_connect_allows_all_return_paths'],
+    ['enable_sso_provider', 'enable_discourse_connect_provider'],
+    ['verbose_sso_logging', 'verbose_discourse_connect_logging'],
+    ['sso_url', 'discourse_connect_url'],
+    ['sso_secret', 'discourse_connect_secret'],
+    ['sso_provider_secrets', 'discourse_connect_provider_secrets'],
+    ['sso_overrides_groups', 'discourse_connect_overrides_groups'],
+    ['sso_overrides_bio', 'discourse_connect_overrides_bio'],
+    ['sso_overrides_email', 'auth_overrides_email'],
+    ['sso_overrides_username', 'auth_overrides_username'],
+    ['sso_overrides_name', 'auth_overrides_name'],
+    ['sso_overrides_avatar', 'discourse_connect_overrides_avatar'],
+    ['sso_overrides_profile_background', 'discourse_connect_overrides_profile_background'],
+    ['sso_overrides_location', 'discourse_connect_overrides_location'],
+    ['sso_overrides_website', 'discourse_connect_overrides_website'],
+    ['sso_overrides_card_background', 'discourse_connect_overrides_card_background'],
+    ['external_auth_skip_create_confirm', 'auth_skip_create_confirm'],
+    ['external_auth_immediately', 'auth_immediately']
+  ]
+
+  def up
+    # Copying the rows so that things keep working during deploy
+    # TODO: Add a post-deploy migration to drop the old rows
+
+    RENAME_SETTINGS.each do |old_name, new_name|
+      execute <<~SQL
+        INSERT INTO site_settings (name, data_type, value, created_at, updated_at)
+        SELECT '#{new_name}', data_type, value, created_at, updated_at
+        FROM site_settings
+        WHERE name = '#{old_name}'
+      SQL
+    end
+  end
+
+  def down
+    raise ActiveRecord::IrreversibleMigration
+  end
+end