final fixes

2025-04-12 21:35:39 +02:00 · 2025-04-06 04:22:56 +02:00 · 2025-04-06 04:22:56 +02:00 · 3077d86aa1
parent 9b3f814b67
commit 3077d86aa1
3 changed files with 93 additions and 67 deletions
--- a/proto/src/scim_v1/mod.rs
+++ b/proto/src/scim_v1/mod.rs
@ -71,7 +71,7 @@ pub enum ScimSchema {
 }

 #[serde_as]
-#[derive(Deserialize, Serialize, Debug, Clone, ToSchema)]
+#[derive(Deserialize, Serialize, PartialEq, Eq, Debug, Clone, ToSchema)]
 #[serde(deny_unknown_fields, rename_all = "camelCase")]
 pub struct ScimMail {
    #[serde(default)]
--- a/server/core/src/https/views/profile.rs
+++ b/server/core/src/https/views/profile.rs
@ -17,7 +17,7 @@ use axum_extra::extract::Form;
 use axum_htmx::{HxEvent, HxPushUrl, HxResponseTrigger};
 use futures_util::TryFutureExt;
 use kanidm_proto::attribute::Attribute;
-use kanidm_proto::constants::{ATTR_DISPLAYNAME, ATTR_MAIL};
+use kanidm_proto::constants::{ATTR_DISPLAYNAME, ATTR_MAIL, ATTR_NAME};
 use kanidm_proto::internal::UserAuthToken;
 use kanidm_proto::scim_v1::server::{ScimEffectiveAccess, ScimPerson};
 use kanidm_proto::scim_v1::ScimMail;
@ -63,9 +63,9 @@ pub(crate) struct SaveProfileQuery {
 #[derive(Clone, Debug, Serialize, Deserialize)]
 pub(crate) struct CommitSaveProfileQuery {
    #[serde(rename = "account_name")]
-    account_name: String,
+    account_name: Option<String>,
    #[serde(rename = "display_name")]
-    display_name: String,
+    display_name: Option<String>,
    #[serde(rename = "emails[]")]
    emails: Vec<String>,
    #[serde(rename = "new_primary_mail")]
@ -88,6 +88,7 @@ struct ProfileChangesPartialView {
    primary_mail: Option<String>,
    new_attrs: ProfileAttributes,
    new_primary_mail: Option<String>,
+    emails_are_same: bool,
 }

 #[derive(Template, Clone)]
@ -186,6 +187,8 @@ pub(crate) async fn view_profile_diff_start_save_post(
        .find(|sm| sm.primary)
        .map(|sm| sm.value.clone());

+    let emails_are_same = scim_person.mails == new_mails;
+
    let profile_view = ProfileChangesPartialView {
        menu_active_item: ProfileMenuItems::UserProfile,
        can_rw,
@ -196,6 +199,7 @@ pub(crate) async fn view_profile_diff_start_save_post(
            display_name: query.display_name,
            emails: new_mails,
        },
+        emails_are_same,
        new_primary_mail: query.emails.get(primary_index).cloned(),
    };

@ -219,23 +223,37 @@ pub(crate) async fn view_profile_diff_confirm_save_post(
        .handle_whoami_uat(client_auth_info.clone(), kopid.eventid)
        .map_err(|op_err| HtmxError::new(&kopid, op_err, domain_info.clone()))
        .await?;
-    dbg!(&query);

    let filter = filter_all!(f_and!([f_id(uat.uuid.to_string().as_str())]));

-    state
-        .qe_w_ref
-        .handle_setattribute(
-            client_auth_info.clone(),
-            uat.uuid.to_string(),
-            ATTR_DISPLAYNAME.to_string(),
-            vec![query.display_name],
-            filter.clone(),
-            kopid.eventid,
-        )
-        .map_err(|op_err| HtmxError::new(&kopid, op_err, domain_info.clone()))
-        .await?;
-
+    if let Some(account_name) = query.account_name {
+        state
+            .qe_w_ref
+            .handle_setattribute(
+                client_auth_info.clone(),
+                uat.uuid.to_string(),
+                ATTR_NAME.to_string(),
+                vec![account_name],
+                filter.clone(),
+                kopid.eventid,
+            )
+            .map_err(|op_err| HtmxError::new(&kopid, op_err, domain_info.clone()))
+            .await?;
+    }
+    if let Some(display_name) = query.display_name {
+        state
+            .qe_w_ref
+            .handle_setattribute(
+                client_auth_info.clone(),
+                uat.uuid.to_string(),
+                ATTR_DISPLAYNAME.to_string(),
+                vec![display_name],
+                filter.clone(),
+                kopid.eventid,
+            )
+            .map_err(|op_err| HtmxError::new(&kopid, op_err, domain_info.clone()))
+            .await?;
+    }
    let mut emails = query.emails;
    if let Some(primary) = query.new_primary_mail {
        emails.insert(0, primary);
--- a/server/core/templates/user_settings/profile_changes_partial.html
+++ b/server/core/templates/user_settings/profile_changes_partial.html
@ -9,79 +9,87 @@ Profile Difference
 (% block settings_window %)

 <form>
+    (% if person.name != new_attrs.account_name %)
    <input type="hidden" name="account_name" value="(( new_attrs.account_name ))"/>
+    (% endif %)
+    (% if person.displayname != new_attrs.display_name %)
    <input type="hidden" name="display_name" value="(( new_attrs.display_name ))"/>
-<!--    <input type="hidden" name="legal_name" value=" new_attrs.legal_name "/>-->
+    (% endif %)
+
    (% for email in new_attrs.emails %)
-        (% if !email.primary %)
-            <input type="hidden" name="emails[]" value="(( email.value ))"/>
-        (% endif %)
+    (% if !email.primary %)
+    <input type="hidden" name="emails[]" value="(( email.value ))"/>
+    (% endif %)
    (% endfor %)
    (% if let Some(new_primary_mail) = new_primary_mail %)
-        <input type="hidden" name="new_primary_mail" value="(( new_primary_mail ))"/>
+    <input type="hidden" name="new_primary_mail" value="(( new_primary_mail ))"/>
    (% endif %)

    <table class="table table-bordered overflow-x-scroll">
        <thead>
-            <tr>
-                <th scope="col">Attribute</th>
-                <th scope="col">Old value</th>
-                <th scope="col">New value</th>
-            </tr>
+        <tr>
+            <th scope="col">Attribute</th>
+            <th scope="col">Old value</th>
+            <th scope="col">New value</th>
+        </tr>
        </thead>
-    (% if person.name != new_attrs.account_name %)
+        (% if person.name != new_attrs.account_name %)
        <tr>
            <th scope="row">Username</th>
            <td class="text-break">(( person.name ))</td>
            <td class="text-break">(( new_attrs.account_name ))</td>
        </tr>
-    (% endif %)
+        (% endif %)

-    (% if person.displayname != new_attrs.display_name %)
+        (% if person.displayname != new_attrs.display_name %)
        <tr>
            <th scope="row">Display name</th>
            <td class="text-break">(( person.displayname ))</td>
            <td class="text-break">(( new_attrs.display_name ))</td>
        </tr>
-    (% endif %)
-    <!-- TODO: List new items with +, same items with . -->
-    <tr>
-        <th scope="row">Primary Emails</th>
-        <td class="text-nowrap">
-            (( primary_mail.clone().unwrap_or("none".to_string()) ))
-        </td>
-        <td class="text-nowrap">
-            (( new_primary_mail.clone().unwrap_or("none".to_string()) ))
-        </td>
-    </tr>
-    <tr>
-        <th scope="row">Secondary Emails</th>
-        <td class="text-break">
-            <ul class="ps-3">
-                (% for email in person.mails %)
-                (% if !email.primary %)
-                <li class="text-nowrap">(( email.value ))</li>
-                (% endif %)
-                (% endfor %)
-            </ul>
-        </td>
-        <td class="text-break">
-            <ul class="ps-3">
-                (% for email in new_attrs.emails %)
-                (% if !email.primary %)
-                <li class="text-nowrap">(( email.value ))</li>
-                (% endif %)
-                (% endfor %)
-            </ul>
-        </td>
-    </tr>
-
+        (% endif %)
+        (% if !emails_are_same %)
+        <tr>
+            <th scope="row">Primary Emails</th>
+            <td class="text-nowrap">
+                (( primary_mail.clone().unwrap_or("none".to_string()) ))
+            </td>
+            <td class="text-nowrap">
+                (( new_primary_mail.clone().unwrap_or("none".to_string()) ))
+            </td>
+        </tr>
+        <tr>
+            <th scope="row">Secondary Emails</th>
+            <td class="text-break">
+                <ul class="ps-3">
+                    (% for email in person.mails %)
+                    (% if !email.primary %)
+                    <li class="text-nowrap">(( email.value ))</li>
+                    (% endif %)
+                    (% endfor %)
+                </ul>
+            </td>
+            <td class="text-break">
+                <ul class="ps-3">
+                    (% for email in new_attrs.emails %)
+                    (% if !email.primary %)
+                    <li class="text-nowrap">(( email.value ))</li>
+                    (% endif %)
+                    (% endfor %)
+                </ul>
+            </td>
+        </tr>
+        (% endif %)
    </table>
-    <!-- Edit button -->
+
    <div class="pt-4" hx-target="#user_settings_container" hx-swap="outerHTML">
        (% if can_rw %)
-        <button class="btn btn-danger" type="button" hx-get="/ui/profile" hx-target="body" hx-swap="outerHTML">Discard Changes</button>
-        <button class="btn btn-primary" type="button" hx-post="/ui/api/user_settings/confirm_profile" hx-target="body" hx-swap="outerHTML">Confirm Changes</button>
+        <button class="btn btn-danger" type="button" hx-get="/ui/profile" hx-target="body" hx-swap="outerHTML">Discard
+            Changes
+        </button>
+        <button class="btn btn-primary" type="button" hx-post="/ui/api/user_settings/confirm_profile" hx-target="body"
+                hx-swap="outerHTML">Confirm Changes
+        </button>
        (% else %)
        <a href="/ui/profile/unlock" hx-boost="false">
            <!-- TODO: at the moment, session expiring here means progress is lost. Do we just show an error screen ? We can't pass the update state through the reauth session, and we don't have profile update sessions like cred update. -->