From 1f49f072810736baf5f7cdf6748a6708aa560aa0 Mon Sep 17 00:00:00 2001 From: jamesspeake Date: Fri, 11 Oct 2024 16:53:42 +0100 Subject: [PATCH 1/6] [TAN-2794] Added the ability to hide verification methods from the front end --- back/app/models/app_configuration.rb | 2 +- back/app/services/settings_service.rb | 22 ++++--- back/config/schemas/settings.schema.json.erb | 1 + .../app/lib/id_keycloak/keycloak_omniauth.rb | 4 +- .../lib/id_keycloak/keycloak_verification.rb | 7 ++ .../verification/verification_method.rb | 4 ++ .../verification/patches/settings_service.rb | 27 ++++++++ .../spec/services/settings_service_spec.rb | 64 +++++++++++++++++++ back/spec/services/settings_service_spec.rb | 6 +- 9 files changed, 123 insertions(+), 14 deletions(-) create mode 100644 back/engines/commercial/verification/app/services/verification/patches/settings_service.rb create mode 100644 back/engines/commercial/verification/spec/services/settings_service_spec.rb diff --git a/back/app/models/app_configuration.rb b/back/app/models/app_configuration.rb index f4b4ffbbeed6..f966ce1842dc 100644 --- a/back/app/models/app_configuration.rb +++ b/back/app/models/app_configuration.rb @@ -147,7 +147,7 @@ def closest_locale_to(locale) end def public_settings - @public_settings ||= SettingsService.new.remove_private_settings(settings, Settings.json_schema) + @public_settings ||= SettingsService.new.format_for_front_end(settings, Settings.json_schema) end def location diff --git a/back/app/services/settings_service.rb b/back/app/services/settings_service.rb index 8dfcca335f23..2801f82d50f2 100644 --- a/back/app/services/settings_service.rb +++ b/back/app/services/settings_service.rb @@ -67,14 +67,8 @@ def remove_additional_settings(settings, schema) res end - def remove_private_settings(settings, schema) - res = settings.deep_dup - schema['properties'].each do |feature, feature_schema| - feature_schema['properties'].each do |setting, setting_schema| - res[feature]&.delete(setting) if setting_schema['private'] - end - end - res + def format_for_front_end(settings, schema) + remove_private_settings(settings, schema) end def activate_feature!(feature, config: nil, settings: {}) @@ -112,7 +106,19 @@ def minimal_required_settings(locales: ['en'], lifecycle_stage: 'demo') private + def remove_private_settings(settings, schema) + res = settings.deep_dup + schema['properties'].each do |feature, feature_schema| + feature_schema['properties'].each do |setting, setting_schema| + res[feature]&.delete(setting) if setting_schema['private'] + end + end + res + end + def default_setting(schema, feature, setting) schema.dig('properties', feature, 'properties', setting, 'default') end end + +SettingsService.prepend(Verification::Patches::SettingsService) diff --git a/back/config/schemas/settings.schema.json.erb b/back/config/schemas/settings.schema.json.erb index 0caded5124d1..247a95fb6cca 100644 --- a/back/config/schemas/settings.schema.json.erb +++ b/back/config/schemas/settings.schema.json.erb @@ -1368,6 +1368,7 @@ "id_gent_rrn": ["verification"], "id_oostende_rrn": ["verification"], "id_id_card_lookup": ["verification"], + "id_keycloak": ["verification"], "power_bi": ["public_api_tokens"], "large_summaries": ["analysis"], "ask_a_question": ["analysis"], diff --git a/back/engines/commercial/id_keycloak/app/lib/id_keycloak/keycloak_omniauth.rb b/back/engines/commercial/id_keycloak/app/lib/id_keycloak/keycloak_omniauth.rb index f9f1627475f0..c3eb0052ccfd 100644 --- a/back/engines/commercial/id_keycloak/app/lib/id_keycloak/keycloak_omniauth.rb +++ b/back/engines/commercial/id_keycloak/app/lib/id_keycloak/keycloak_omniauth.rb @@ -46,8 +46,8 @@ def verification_prioritized? end def email_confirmed?(auth) - # Response will tell us if the email is verified - auth&.info&.email_verified + # Even if the response says the email is NOT verified, we assume that it is if email is present + auth&.info&.email.present? end def filter_auth_to_persist(auth) diff --git a/back/engines/commercial/id_keycloak/app/lib/id_keycloak/keycloak_verification.rb b/back/engines/commercial/id_keycloak/app/lib/id_keycloak/keycloak_verification.rb index 82a931d9fa79..2a3da9e5d3ba 100644 --- a/back/engines/commercial/id_keycloak/app/lib/id_keycloak/keycloak_verification.rb +++ b/back/engines/commercial/id_keycloak/app/lib/id_keycloak/keycloak_verification.rb @@ -22,9 +22,12 @@ def config_parameters domain client_id client_secret + hide_from_profile ] end + # TODO: JS - Implement hide_from_profile + def config_parameters_schema { ui_method_name: { @@ -56,5 +59,9 @@ def profile_to_uid(auth) def updateable_user_attrs super + %i[first_name last_name] end + + def show_in_user_profile? + false + end end end diff --git a/back/engines/commercial/verification/app/models/verification/verification_method.rb b/back/engines/commercial/verification/app/models/verification/verification_method.rb index bd7b05e75f84..41bda0687f73 100644 --- a/back/engines/commercial/verification/app/models/verification/verification_method.rb +++ b/back/engines/commercial/verification/app/models/verification/verification_method.rb @@ -17,5 +17,9 @@ def config .symbolize_keys .presence end + + def show_in_user_profile? + false + end end end diff --git a/back/engines/commercial/verification/app/services/verification/patches/settings_service.rb b/back/engines/commercial/verification/app/services/verification/patches/settings_service.rb new file mode 100644 index 000000000000..9f1930097276 --- /dev/null +++ b/back/engines/commercial/verification/app/services/verification/patches/settings_service.rb @@ -0,0 +1,27 @@ +# frozen_string_literal: true + +module Verification + module Patches + module SettingsService + def format_for_front_end(settings, schema) + settings = disable_verification_if_no_methods_enabled(settings) + super(settings, schema) + end + + private + + # Ensures the FE does not show verification if: + # a) There are no verification methods + # b) All verification methods are flagged as 'hide_from_profile' + def disable_verification_if_no_methods_enabled(settings) + return settings if settings['verification']['enabled'] == false + + enabled = settings['verification']['verification_methods'].present? + enabled = false if settings['verification']['verification_methods']&.pluck('hide_in_profile')&.all?(true) + + settings['verification']['enabled'] = enabled + settings + end + end + end +end diff --git a/back/engines/commercial/verification/spec/services/settings_service_spec.rb b/back/engines/commercial/verification/spec/services/settings_service_spec.rb new file mode 100644 index 000000000000..3a2308ffda40 --- /dev/null +++ b/back/engines/commercial/verification/spec/services/settings_service_spec.rb @@ -0,0 +1,64 @@ +# frozen_string_literal: true + +require 'rails_helper' + +describe SettingsService do + let(:ss) { described_class.new } + + describe 'disable_verification_if_no_methods_enabled' do + it 'disables verification if there are no methods enabled' do + settings = { + 'verification' => { + 'allowed' => true, + 'enabled' => true + } + } + + updated_settings = ss.send(:disable_verification_if_no_methods_enabled, settings) + expect(updated_settings['verification']['enabled']).to be false + end + + it 'disables verification if all methods are hidden from the profile' do + settings = { + 'verification' => { + 'allowed' => true, + 'enabled' => true, + 'verification_methods' => [ + { + 'name' => "nemlog_in", + 'hide_in_profile' => true + }, + { + 'name' => "keycloak", + 'hide_in_profile' => true + } + ] + } + } + + updated_settings = ss.send(:disable_verification_if_no_methods_enabled, settings) + expect(updated_settings['verification']['enabled']).to be false + end + + it 'does not disable verification if at least one methods is NOT hidden from the profile' do + settings = { + 'verification' => { + 'allowed' => true, + 'enabled' => true, + 'verification_methods' => [ + { + 'name' => "nemlog_in" + }, + { + 'name' => "keycloak", + 'hide_in_profile' => true + } + ] + } + } + + updated_settings = ss.send(:disable_verification_if_no_methods_enabled, settings) + expect(updated_settings['verification']['enabled']).to be true + end + end +end \ No newline at end of file diff --git a/back/spec/services/settings_service_spec.rb b/back/spec/services/settings_service_spec.rb index b70f4ec0cbf3..40cd90597160 100644 --- a/back/spec/services/settings_service_spec.rb +++ b/back/spec/services/settings_service_spec.rb @@ -194,7 +194,7 @@ end end - describe 'remove_private_settings' do + describe 'format_for_front_end' do let(:schema) do { 'type' => 'object', @@ -214,7 +214,7 @@ settings = { 'a' => { 'settings1' => true } } - expect(ss.remove_private_settings(settings, schema)).to eq settings + expect(ss.format_for_front_end(settings, schema)).to eq settings end it 'removes private settings' do @@ -224,7 +224,7 @@ expected_settings = { 'a' => { 'settings1' => true } } - expect(ss.remove_private_settings(settings, schema)).to eq expected_settings + expect(ss.format_for_front_end(settings, schema)).to eq expected_settings end end end From 841b1ac703cc569a43b53dfc0457966573e807fa Mon Sep 17 00:00:00 2001 From: jamesspeake Date: Fri, 11 Oct 2024 17:53:49 +0100 Subject: [PATCH 2/6] [TAN-2794] Test fix and rubocop --- .../services/verification/patches/settings_service.rb | 4 ++-- .../spec/services/settings_service_spec.rb | 10 +++++----- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/back/engines/commercial/verification/app/services/verification/patches/settings_service.rb b/back/engines/commercial/verification/app/services/verification/patches/settings_service.rb index 9f1930097276..a87da1e39aea 100644 --- a/back/engines/commercial/verification/app/services/verification/patches/settings_service.rb +++ b/back/engines/commercial/verification/app/services/verification/patches/settings_service.rb @@ -5,7 +5,7 @@ module Patches module SettingsService def format_for_front_end(settings, schema) settings = disable_verification_if_no_methods_enabled(settings) - super(settings, schema) + super end private @@ -14,7 +14,7 @@ def format_for_front_end(settings, schema) # a) There are no verification methods # b) All verification methods are flagged as 'hide_from_profile' def disable_verification_if_no_methods_enabled(settings) - return settings if settings['verification']['enabled'] == false + return settings if !settings['verification'] || settings['verification']['enabled'] == false enabled = settings['verification']['verification_methods'].present? enabled = false if settings['verification']['verification_methods']&.pluck('hide_in_profile')&.all?(true) diff --git a/back/engines/commercial/verification/spec/services/settings_service_spec.rb b/back/engines/commercial/verification/spec/services/settings_service_spec.rb index 3a2308ffda40..6c37b92e8309 100644 --- a/back/engines/commercial/verification/spec/services/settings_service_spec.rb +++ b/back/engines/commercial/verification/spec/services/settings_service_spec.rb @@ -25,11 +25,11 @@ 'enabled' => true, 'verification_methods' => [ { - 'name' => "nemlog_in", + 'name' => 'nemlog_in', 'hide_in_profile' => true }, { - 'name' => "keycloak", + 'name' => 'keycloak', 'hide_in_profile' => true } ] @@ -47,10 +47,10 @@ 'enabled' => true, 'verification_methods' => [ { - 'name' => "nemlog_in" + 'name' => 'nemlog_in' }, { - 'name' => "keycloak", + 'name' => 'keycloak', 'hide_in_profile' => true } ] @@ -61,4 +61,4 @@ expect(updated_settings['verification']['enabled']).to be true end end -end \ No newline at end of file +end From 174c3f70f5e79e221c3ec3ee17c955eed3f4d1e1 Mon Sep 17 00:00:00 2001 From: jamesspeake Date: Mon, 14 Oct 2024 10:46:41 +0100 Subject: [PATCH 3/6] [TAN-2794] Added params to schema --- .../app/lib/id_keycloak/keycloak_verification.rb | 15 +++++++++++---- .../models/verification/verification_method.rb | 4 ---- 2 files changed, 11 insertions(+), 8 deletions(-) diff --git a/back/engines/commercial/id_keycloak/app/lib/id_keycloak/keycloak_verification.rb b/back/engines/commercial/id_keycloak/app/lib/id_keycloak/keycloak_verification.rb index 2a3da9e5d3ba..5f9b87023dca 100644 --- a/back/engines/commercial/id_keycloak/app/lib/id_keycloak/keycloak_verification.rb +++ b/back/engines/commercial/id_keycloak/app/lib/id_keycloak/keycloak_verification.rb @@ -22,6 +22,7 @@ def config_parameters domain client_id client_secret + enabled_for_verified_actions hide_from_profile ] end @@ -34,6 +35,16 @@ def config_parameters_schema type: 'string', description: 'The name this verification method will have in the UI', default: 'ID-Porten' + }, + enabled_for_verified_actions: { + private: true, + type: 'boolean', + description: 'Whether this verification method should be enabled for verified actions.' + }, + hide_from_profile: { + private: true, + type: 'boolean', + description: 'Should verification be shown in the user profile and under the username?' } } end @@ -59,9 +70,5 @@ def profile_to_uid(auth) def updateable_user_attrs super + %i[first_name last_name] end - - def show_in_user_profile? - false - end end end diff --git a/back/engines/commercial/verification/app/models/verification/verification_method.rb b/back/engines/commercial/verification/app/models/verification/verification_method.rb index 41bda0687f73..bd7b05e75f84 100644 --- a/back/engines/commercial/verification/app/models/verification/verification_method.rb +++ b/back/engines/commercial/verification/app/models/verification/verification_method.rb @@ -17,9 +17,5 @@ def config .symbolize_keys .presence end - - def show_in_user_profile? - false - end end end From ad2d7709f5c822d86d2928c3bb60faa5b9b9d89a Mon Sep 17 00:00:00 2001 From: jamesspeake Date: Mon, 14 Oct 2024 11:32:08 +0100 Subject: [PATCH 4/6] [TAN-2794] Fixed settings for hiding keycloak verification --- back/config/schemas/settings.schema.json.erb | 1 - .../app/lib/id_keycloak/keycloak_verification.rb | 6 +++++- .../app/services/verification/patches/settings_service.rb | 2 +- .../verification/spec/services/settings_service_spec.rb | 4 ++-- 4 files changed, 8 insertions(+), 5 deletions(-) diff --git a/back/config/schemas/settings.schema.json.erb b/back/config/schemas/settings.schema.json.erb index 247a95fb6cca..0caded5124d1 100644 --- a/back/config/schemas/settings.schema.json.erb +++ b/back/config/schemas/settings.schema.json.erb @@ -1368,7 +1368,6 @@ "id_gent_rrn": ["verification"], "id_oostende_rrn": ["verification"], "id_id_card_lookup": ["verification"], - "id_keycloak": ["verification"], "power_bi": ["public_api_tokens"], "large_summaries": ["analysis"], "ask_a_question": ["analysis"], diff --git a/back/engines/commercial/id_keycloak/app/lib/id_keycloak/keycloak_verification.rb b/back/engines/commercial/id_keycloak/app/lib/id_keycloak/keycloak_verification.rb index 5f9b87023dca..3bd2a6e4945c 100644 --- a/back/engines/commercial/id_keycloak/app/lib/id_keycloak/keycloak_verification.rb +++ b/back/engines/commercial/id_keycloak/app/lib/id_keycloak/keycloak_verification.rb @@ -44,7 +44,7 @@ def config_parameters_schema hide_from_profile: { private: true, type: 'boolean', - description: 'Should verification be shown in the user profile and under the username?' + description: 'Should verification be hidden in the user profile and under the username?' } } end @@ -70,5 +70,9 @@ def profile_to_uid(auth) def updateable_user_attrs super + %i[first_name last_name] end + + def enabled_for_verified_actions? + config[:enabled_for_verified_actions] || false + end end end diff --git a/back/engines/commercial/verification/app/services/verification/patches/settings_service.rb b/back/engines/commercial/verification/app/services/verification/patches/settings_service.rb index a87da1e39aea..c1f3ad5dee9e 100644 --- a/back/engines/commercial/verification/app/services/verification/patches/settings_service.rb +++ b/back/engines/commercial/verification/app/services/verification/patches/settings_service.rb @@ -17,7 +17,7 @@ def disable_verification_if_no_methods_enabled(settings) return settings if !settings['verification'] || settings['verification']['enabled'] == false enabled = settings['verification']['verification_methods'].present? - enabled = false if settings['verification']['verification_methods']&.pluck('hide_in_profile')&.all?(true) + enabled = false if settings['verification']['verification_methods']&.pluck('hide_from_profile')&.all?(true) settings['verification']['enabled'] = enabled settings diff --git a/back/engines/commercial/verification/spec/services/settings_service_spec.rb b/back/engines/commercial/verification/spec/services/settings_service_spec.rb index 6c37b92e8309..3f5154a80503 100644 --- a/back/engines/commercial/verification/spec/services/settings_service_spec.rb +++ b/back/engines/commercial/verification/spec/services/settings_service_spec.rb @@ -26,11 +26,11 @@ 'verification_methods' => [ { 'name' => 'nemlog_in', - 'hide_in_profile' => true + 'hide_from_profile' => true }, { 'name' => 'keycloak', - 'hide_in_profile' => true + 'hide_from_profile' => true } ] } From 1fbd84230a2bed65cc608af075388ffca901949b Mon Sep 17 00:00:00 2001 From: jamesspeake Date: Mon, 14 Oct 2024 11:32:51 +0100 Subject: [PATCH 5/6] [TAN-2794] Fixed settings for hiding keycloak verification --- back/config/schemas/settings.schema.json.erb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/back/config/schemas/settings.schema.json.erb b/back/config/schemas/settings.schema.json.erb index 0caded5124d1..d6979f6f1335 100644 --- a/back/config/schemas/settings.schema.json.erb +++ b/back/config/schemas/settings.schema.json.erb @@ -1368,6 +1368,8 @@ "id_gent_rrn": ["verification"], "id_oostende_rrn": ["verification"], "id_id_card_lookup": ["verification"], + "id_keycloak": ["verification"], + "power_bi": ["public_api_tokens"], "large_summaries": ["analysis"], "ask_a_question": ["analysis"], From 4d49fd98ef283b5b376ffe9b613fdb43a0570392 Mon Sep 17 00:00:00 2001 From: jamesspeake Date: Mon, 14 Oct 2024 16:12:05 +0100 Subject: [PATCH 6/6] [TAN-2794] Final small changes to keycloak verification --- .../app/lib/id_keycloak/keycloak_verification.rb | 6 ++++-- .../verification/spec/services/settings_service_spec.rb | 2 +- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/back/engines/commercial/id_keycloak/app/lib/id_keycloak/keycloak_verification.rb b/back/engines/commercial/id_keycloak/app/lib/id_keycloak/keycloak_verification.rb index 3bd2a6e4945c..89e71313efa4 100644 --- a/back/engines/commercial/id_keycloak/app/lib/id_keycloak/keycloak_verification.rb +++ b/back/engines/commercial/id_keycloak/app/lib/id_keycloak/keycloak_verification.rb @@ -27,8 +27,6 @@ def config_parameters ] end - # TODO: JS - Implement hide_from_profile - def config_parameters_schema { ui_method_name: { @@ -74,5 +72,9 @@ def updateable_user_attrs def enabled_for_verified_actions? config[:enabled_for_verified_actions] || false end + + def ui_method_name + config[:ui_method_name] || name + end end end diff --git a/back/engines/commercial/verification/spec/services/settings_service_spec.rb b/back/engines/commercial/verification/spec/services/settings_service_spec.rb index 3f5154a80503..44854435f777 100644 --- a/back/engines/commercial/verification/spec/services/settings_service_spec.rb +++ b/back/engines/commercial/verification/spec/services/settings_service_spec.rb @@ -40,7 +40,7 @@ expect(updated_settings['verification']['enabled']).to be false end - it 'does not disable verification if at least one methods is NOT hidden from the profile' do + it 'does not disable verification if at least one method is NOT hidden from the profile' do settings = { 'verification' => { 'allowed' => true,