demo-orgs: Disable admin of authentication methods until email set.

Because demo organization owners do not initially have an email set, some of the personal and organization settings in the web-app UI should be disabled/hidden until the owner configures an email address for their account. Disables configuring organization authentication methods in the organization settings overlay until the user has configured an email address. Adds a tip at the top of the authentication methods tab to indicate why the authentication method checkboxes are disabled.
2025-11-07 07:23:22 +00:00 · 2023-01-20 18:29:34 +01:00
parent 665deac7c0
commit b0bc66a8ba
4 changed files with 17 additions and 2 deletions
--- a/web/src/admin.js
+++ b/web/src/admin.js
@@ -203,6 +203,7 @@ export function build_page() {
        allow_sorting_deactivated_users_list_by_email:
            settings_users.allow_sorting_deactivated_users_list_by_email(),
        has_bots: bot_data.get_all_bots_for_current_user().length > 0,
+        user_has_email_set: !settings_data.user_email_not_configured(),
    };

    if (options.realm_logo_source !== "D" && options.realm_night_logo_source === "D") {
--- a/web/src/settings_org.js
+++ b/web/src/settings_org.js
@@ -19,6 +19,7 @@ import * as realm_icon from "./realm_icon";
 import * as realm_logo from "./realm_logo";
 import {realm_user_settings_defaults} from "./realm_user_settings_defaults";
 import * as settings_config from "./settings_config";
+import * as settings_data from "./settings_data";
 import * as settings_notifications from "./settings_notifications";
 import * as settings_realm_domains from "./settings_realm_domains";
 import * as settings_realm_user_settings_defaults from "./settings_realm_user_settings_defaults";
@@ -533,6 +534,16 @@ function sort_object_by_key(obj) {
    return new_obj;
 }

+function can_configure_auth_methods() {
+    if (settings_data.user_email_not_configured()) {
+        return false;
+    }
+    if (page_params.is_owner) {
+        return true;
+    }
+    return false;
+}
+
 export function populate_auth_methods(auth_methods) {
    if (!meta.loaded) {
        return;
@@ -544,7 +555,7 @@ export function populate_auth_methods(auth_methods) {
        rendered_auth_method_rows += render_settings_admin_auth_methods_list({
            method: auth_method,
            enabled: value,
-            is_owner: page_params.is_owner,
+            disable_configure_auth_method: !can_configure_auth_methods(),
            // The negated character class regexp serves as an allowlist - the replace() will
            // remove *all* symbols *but* digits (\d) and lowecase letters (a-z),
            // so that we can make assumptions on this string elsewhere in the code.
--- a/web/templates/settings/admin_auth_methods_list.hbs
+++ b/web/templates/settings/admin_auth_methods_list.hbs
@@ -4,5 +4,5 @@
      prefix=prefix
      is_checked=enabled
      label=method
-      is_disabled=(not is_owner) }}
+      is_disabled=disable_configure_auth_method}}
 </div>
--- a/web/templates/settings/auth_methods_settings_admin.hbs
+++ b/web/templates/settings/auth_methods_settings_admin.hbs
@@ -2,6 +2,9 @@
    {{#unless is_owner}}
    <div class='tip'>{{t "Only organization owners can edit these settings."}}</div>
    {{/unless}}
+    {{#unless user_has_email_set}}
+    <div class='tip'>{{t "You must configure your email to access this feature."}}</div>
+    {{/unless}}
    <form class="admin-realm-form org-authentications-form">
        <div id="org-auth_settings" class="admin-table-wrapper settings-subsection-parent">
            <div class ="subsection-header">