PLT-4041 Make SAML FirstName and LastName optional (#3951)

2025-02-25 18:55:24 -06:00 · 2016-09-06 09:19:58 -03:00
parent 9d11dd437f
commit 4bd5935bd8
6 changed files with 9 additions and 22 deletions
--- a/i18n/en.json
+++ b/i18n/en.json
@@ -3103,10 +3103,6 @@
    "id": "model.config.is_valid.saml_email_attribute.app_error",
    "translation": "Invalid Email attribute. Must be set."
  },
-  {
-    "id": "model.config.is_valid.saml_first_name_attribute.app_error",
-    "translation": "Invalid First Name attribute. Must be set."
-  },
  {
    "id": "model.config.is_valid.saml_idp_cert.app_error",
    "translation": "Identity Provider Public Certificate missing. Did you forget to upload it?"
@@ -3119,10 +3115,6 @@
    "id": "model.config.is_valid.saml_idp_url.app_error",
    "translation": "SAML SSO URL must be a valid URL and start with http:// or https://."
  },
-  {
-    "id": "model.config.is_valid.saml_last_name_attribute.app_error",
-    "translation": "Invalid Last Name attribute. Must be set."
-  },
  {
    "id": "model.config.is_valid.saml_private_key.app_error",
    "translation": "Service Provider Private Key missing. Did you forget to upload it?"
--- a/model/config.go
+++ b/model/config.go
@@ -1048,14 +1048,6 @@ func (o *Config) IsValid() *AppError {
 			return NewLocAppError("Config.IsValid", "model.config.is_valid.saml_username_attribute.app_error", nil, "")
 		}

-		if len(*o.SamlSettings.FirstNameAttribute) == 0 {
-			return NewLocAppError("Config.IsValid", "model.config.is_valid.saml_first_name_attribute.app_error", nil, "")
-		}
-
-		if len(*o.SamlSettings.LastNameAttribute) == 0 {
-			return NewLocAppError("Config.IsValid", "model.config.is_valid.saml_last_name_attribute.app_error", nil, "")
-		}
-
 		if *o.SamlSettings.Verify {
 			if len(*o.SamlSettings.AssertionConsumerServiceURL) == 0 || !IsValidHttpUrl(*o.SamlSettings.AssertionConsumerServiceURL) {
 				return NewLocAppError("Config.IsValid", "model.config.is_valid.saml_assertion_consumer_service_url.app_error", nil, "")
--- a/utils/config.go
+++ b/utils/config.go
@@ -296,6 +296,9 @@ func getClientConfig(c *model.Config) map[string]string {
 		if *License.Features.SAML {
 			props["EnableSaml"] = strconv.FormatBool(*c.SamlSettings.Enable)
 			props["SamlLoginButtonText"] = *c.SamlSettings.LoginButtonText
+			props["FirstNameAttributeSet"] = strconv.FormatBool(*c.SamlSettings.FirstNameAttribute != "")
+			props["LastNameAttributeSet"] = strconv.FormatBool(*c.SamlSettings.LastNameAttribute != "")
+			props["NicknameAttributeSet"] = strconv.FormatBool(*c.SamlSettings.NicknameAttribute != "")
 		}

 		if *License.Features.Cluster {
--- a/webapp/components/admin_console/saml_settings.jsx
+++ b/webapp/components/admin_console/saml_settings.jsx
@@ -455,7 +455,7 @@ export default class SamlSettings extends AdminSettings {
                    helpText={
                        <FormattedMessage
                            id='admin.saml.firstnameAttrDesc'
-                            defaultMessage='The attribute in the SAML Assertion that will be used to populate the first name of users in Mattermost.'
+                            defaultMessage='(Optional) The attribute in the SAML Assertion that will be used to populate the first name of users in Mattermost.'
                        />
                    }
                    value={this.state.firstNameAttribute}
@@ -474,7 +474,7 @@ export default class SamlSettings extends AdminSettings {
                    helpText={
                        <FormattedMessage
                            id='admin.saml.lastnameAttrDesc'
-                            defaultMessage='The attribute in the SAML Assertion that will be used to populate the last name of users in Mattermost.'
+                            defaultMessage='(Optional) The attribute in the SAML Assertion that will be used to populate the last name of users in Mattermost.'
                        />
                    }
                    value={this.state.lastNameAttribute}
--- a/webapp/components/user_settings/user_settings_general.jsx
+++ b/webapp/components/user_settings/user_settings_general.jsx
@@ -630,7 +630,7 @@ class UserSettingsGeneralTab extends React.Component {
            let extraInfo;
            let submit = null;
            if (this.props.user.auth_service === '' ||
-                 (this.props.user.auth_service === 'ldap' &&
+                 ((this.props.user.auth_service === 'ldap' || this.props.user.auth_service === Constants.SAML_SERVICE) &&
                  (global.window.mm_config.FirstNameAttributeSet === 'false' || global.window.mm_config.LastNameAttributeSet === 'false'))) {
                inputs.push(
                    <div
@@ -765,7 +765,7 @@ class UserSettingsGeneralTab extends React.Component {
        if (this.props.activeSection === 'nickname') {
            let extraInfo;
            let submit = null;
-            if (this.props.user.auth_service === 'ldap' && global.window.mm_config.NicknameAttributeSet === 'true') {
+            if ((this.props.user.auth_service === 'ldap' || this.props.user.auth_service === Constants.SAML_SERVICE) && global.window.mm_config.NicknameAttributeSet === 'true') {
                extraInfo = (
                    <span>
                        <FormattedMessage
--- a/webapp/i18n/en.json
+++ b/webapp/i18n/en.json
@@ -563,7 +563,7 @@
  "admin.saml.enableTitle": "Enable Login With SAML:",
  "admin.saml.encryptDescription": "When true, Mattermost will decrypt SAML Assertions encrypted with your Service Provider Public Certificate.",
  "admin.saml.encryptTitle": "Enable Encryption:",
-  "admin.saml.firstnameAttrDesc": "The attribute in the SAML Assertion that will be used to populate the first name of users in Mattermost.",
+  "admin.saml.firstnameAttrDesc": "(Optional) The attribute in the SAML Assertion that will be used to populate the first name of users in Mattermost.",
  "admin.saml.firstnameAttrEx": "Ex \"FirstName\"",
  "admin.saml.firstnameAttrTitle": "First Name Attribute:",
  "admin.saml.idpCertificateFileDesc": "The public authentication certificate issued by your Identity Provider.",
@@ -575,7 +575,7 @@
  "admin.saml.idpUrlDesc": "The URL where Mattermost sends a SAML request to start login sequence.",
  "admin.saml.idpUrlEx": "Ex \"https://idp.example.org/SAML2/SSO/Login\"",
  "admin.saml.idpUrlTitle": "SAML SSO URL:",
-  "admin.saml.lastnameAttrDesc": "The attribute in the SAML Assertion that will be used to populate the last name of users in Mattermost.",
+  "admin.saml.lastnameAttrDesc": "(Optional) The attribute in the SAML Assertion that will be used to populate the last name of users in Mattermost.",
  "admin.saml.lastnameAttrEx": "Ex \"LastName\"",
  "admin.saml.lastnameAttrTitle": "Last Name Attribute:",
  "admin.saml.localeAttrDesc": "(Optional) The attribute in the SAML Assertion that will be used to populate the language of users in Mattermost.",