From 1fec674d28f2c6abe26710d4eb60c7eaae9c0e91 Mon Sep 17 00:00:00 2001 From: Florent Date: Wed, 22 Nov 2023 20:58:29 +0100 Subject: [PATCH 1/5] OIDC: ensure that email_veridied is set by default (#765) Co-authored-by: Florent FAYOLLE --- app/server/lib/OIDCConfig.ts | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/app/server/lib/OIDCConfig.ts b/app/server/lib/OIDCConfig.ts index 5c36d09c78..58d0144381 100644 --- a/app/server/lib/OIDCConfig.ts +++ b/app/server/lib/OIDCConfig.ts @@ -29,6 +29,9 @@ * env GRIST_OIDC_IDP_SKIP_END_SESSION_ENDPOINT * If set to "true", on logout, there won't be any attempt to call the IdP's end_session_endpoint * (the user will remain logged in in the IdP). + * env GRIST_OIDC_SP_IGNORE_EMAIL_VERIFIED + * If set to "true", the user will be allowed to login even if the email is not verified by the IDP. + * Defaults to false. * * This version of OIDCConfig has been tested with Keycloak OIDC IdP following the instructions * at: @@ -61,6 +64,7 @@ export class OIDCConfig { private _namePropertyKey?: string; private _emailPropertyKey: string; private _skipEndSessionEndpoint: boolean; + private _ignoreEmailVerified: boolean; public constructor() { } @@ -95,6 +99,11 @@ export class OIDCConfig { defaultValue: false, })!; + this._ignoreEmailVerified = section.flag('ignoreEmailVerified').readBool({ + envVar: 'GRIST_OIDC_SP_IGNORE_EMAIL_VERIFIED', + defaultValue: false, + })!; + const issuer = await Issuer.discover(issuerUrl); this._redirectUrl = new URL(CALLBACK_URL, spHost).href; this._client = new issuer.Client({ @@ -134,6 +143,11 @@ export class OIDCConfig { ); const userInfo = await this._client.userinfo(tokenSet); + + if (!this._ignoreEmailVerified && userInfo.email_verified !== true) { + throw new Error(`OIDCConfig: email not verified for ${userInfo.email}`); + } + const profile = this._makeUserProfileFromUserInfo(userInfo); log.info(`OIDCConfig: got OIDC response for ${profile.email} (${profile.name}) redirecting to ${targetUrl}`); @@ -204,7 +218,6 @@ export class OIDCConfig { return { email: String(userInfo[ this._emailPropertyKey ]), name: this._extractName(userInfo) - }; } From 9e37fe83b53e2cb8b6e414e4d6164a14cf1b83d6 Mon Sep 17 00:00:00 2001 From: Paul Janzen Date: Wed, 22 Nov 2023 17:46:25 +0000 Subject: [PATCH 2/5] Translated using Weblate (Portuguese (Brazil)) Currently translated at 100.0% (1012 of 1012 strings) Translation: Grist/client Translate-URL: https://hosted.weblate.org/projects/grist/client/pt_BR/ --- static/locales/pt_BR.client.json | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/static/locales/pt_BR.client.json b/static/locales/pt_BR.client.json index dce820bddf..735e209c1a 100644 --- a/static/locales/pt_BR.client.json +++ b/static/locales/pt_BR.client.json @@ -217,7 +217,13 @@ "Duplicate Table": "Duplicar a Tabela", "Raw Data Tables": "Tabelas de Dados Primários", "Table ID copied to clipboard": "ID da Tabela copiada para a área de transferência", - "You do not have edit access to this document": "Você não tem permissão de edição desse documento" + "You do not have edit access to this document": "Você não tem permissão de edição desse documento", + "Edit Record Card": "Editar cartão de registro", + "Rename Table": "Renomear tabela", + "{{action}} Record Card": "{{action}} Cartão de registro", + "Record Card": "Cartão de registro", + "Remove Table": "Remover tabela", + "Record Card Disabled": "Cartão de registro desabilitado" }, "DocHistory": { "Activity": "Atividade", @@ -663,7 +669,8 @@ "Insert row above": "Inserir linha acima", "Insert row below": "Inserir linha abaixo", "Duplicate rows_one": "Duplicar linha", - "Duplicate rows_other": "Duplicar linhas" + "Duplicate rows_other": "Duplicar linhas", + "View as card": "Ver como cartão" }, "SelectionSummary": { "Copied to clipboard": "Copiado para a área de transferência" @@ -1295,5 +1302,13 @@ "FloatingPopup": { "Maximize": "Maximizar", "Minimize": "Minimizar" + }, + "CardContextMenu": { + "Insert card above": "Inserir cartão acima", + "Duplicate card": "Duplicar o cartão", + "Insert card below": "Inserir cartão abaixo", + "Delete card": "Excluir cartão", + "Copy anchor link": "Copiar link de ancoragem", + "Insert card": "Inserir cartão" } } From 8dfbfd8217fc3417fe466511f9918cbf74a886ff Mon Sep 17 00:00:00 2001 From: gallegonovato Date: Tue, 21 Nov 2023 21:30:07 +0000 Subject: [PATCH 3/5] Translated using Weblate (Spanish) Currently translated at 100.0% (1012 of 1012 strings) Translation: Grist/client Translate-URL: https://hosted.weblate.org/projects/grist/client/es/ --- static/locales/es.client.json | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/static/locales/es.client.json b/static/locales/es.client.json index 252b53f26b..221fa36725 100644 --- a/static/locales/es.client.json +++ b/static/locales/es.client.json @@ -543,7 +543,8 @@ "Insert row above": "Insertar fila arriba", "Insert row below": "Insertar fila debajo", "Duplicate rows_one": "Duplicar fila", - "Duplicate rows_other": "Duplicar filas" + "Duplicate rows_other": "Duplicar filas", + "View as card": "Ver como tarjeta" }, "ShareMenu": { "Access Details": "Detalles de Acceso", @@ -718,7 +719,13 @@ "Duplicate Table": "Duplicar tabla", "Raw Data Tables": "Tablas de datos brutos", "Table ID copied to clipboard": "ID de tabla copiado al portapapeles", - "Click to copy": "Haga clic para copiar" + "Click to copy": "Haga clic para copiar", + "Edit Record Card": "Editar la ficha del registro", + "Rename Table": "Cambiar el nombre de la tabla", + "{{action}} Record Card": "{{action}} Ficha", + "Record Card": "Ficha de registro", + "Remove Table": "Quitar la tabla", + "Record Card Disabled": "Tarjeta de registro desactivada" }, "DocPageModel": { "Add Empty Table": "Agregar tabla vacía", @@ -1285,5 +1292,13 @@ "FloatingPopup": { "Maximize": "Maximizar", "Minimize": "Minimizar" + }, + "CardContextMenu": { + "Insert card above": "Inserte la tarjeta arriba", + "Duplicate card": "Tarjeta duplicada", + "Insert card below": "Inserte la tarjeta a continuación", + "Delete card": "Borrar la tarjeta", + "Copy anchor link": "Copiar enlace fijado", + "Insert card": "Insertar la tarjeta" } } From 9e6f3775c379f97963c14bc9dbe4ddc28c2a3864 Mon Sep 17 00:00:00 2001 From: Paul Janzen Date: Wed, 22 Nov 2023 17:44:45 +0000 Subject: [PATCH 4/5] Translated using Weblate (German) Currently translated at 100.0% (1012 of 1012 strings) Translation: Grist/client Translate-URL: https://hosted.weblate.org/projects/grist/client/de/ --- static/locales/de.client.json | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/static/locales/de.client.json b/static/locales/de.client.json index b320802a35..a7546d2dd8 100644 --- a/static/locales/de.client.json +++ b/static/locales/de.client.json @@ -217,7 +217,13 @@ "Duplicate Table": "Tabelle duplizieren", "Raw Data Tables": "Rohdaten-Tabellen", "Table ID copied to clipboard": "Tabellen-ID in die Zwischenablage kopiert", - "You do not have edit access to this document": "Sie haben keinen Bearbeitungszugriff auf dieses Dokument" + "You do not have edit access to this document": "Sie haben keinen Bearbeitungszugriff auf dieses Dokument", + "Edit Record Card": "Karteikarte bearbeiten", + "Rename Table": "Tabelle umbenennen", + "{{action}} Record Card": "{{action}} Karteikarte", + "Record Card": "Karteikarte", + "Remove Table": "Tabelle entfernen", + "Record Card Disabled": "Karteikarte Deaktiviert" }, "DocHistory": { "Activity": "Aktivität", @@ -663,7 +669,8 @@ "Insert row above": "Zeile oben einfügen", "Insert row below": "Zeile unten einfügen", "Duplicate rows_one": "Zeile duplizieren", - "Duplicate rows_other": "Zeilen duplizieren" + "Duplicate rows_other": "Zeilen duplizieren", + "View as card": "Ansicht als Karte" }, "SelectionSummary": { "Copied to clipboard": "In die Zwischenablage kopiert" @@ -1295,5 +1302,13 @@ }, "searchDropdown": { "Search": "Suchen" + }, + "CardContextMenu": { + "Insert card above": "Karte oben einfügen", + "Duplicate card": "Karte duplizieren", + "Insert card below": "Karte unten einfügen", + "Delete card": "Karte löschen", + "Copy anchor link": "Ankerlink kopieren", + "Insert card": "Karte einfügen" } } From c06828d35da0a8fe316aca14be508e3d4be886f5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C4=8Dek=20Prijatelj?= Date: Wed, 22 Nov 2023 17:56:04 +0000 Subject: [PATCH 5/5] Translated using Weblate (Slovenian) Currently translated at 100.0% (1012 of 1012 strings) Translation: Grist/client Translate-URL: https://hosted.weblate.org/projects/grist/client/sl/ --- static/locales/sl.client.json | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/static/locales/sl.client.json b/static/locales/sl.client.json index e69bfb5fc8..bf76dc00d5 100644 --- a/static/locales/sl.client.json +++ b/static/locales/sl.client.json @@ -260,7 +260,8 @@ "Copy anchor link": "Kopiraj sidrno povezavo", "Duplicate rows_one": "Podvoji vrstico", "Duplicate rows_other": "Podvoji vrstice", - "Insert row above": "Vstavi vrstico zgoraj" + "Insert row above": "Vstavi vrstico zgoraj", + "View as card": "Kartični pogled" }, "Tools": { "Delete": "Izbriši", @@ -298,7 +299,13 @@ "Duplicate Table": "Podvojena tabela", "Table ID copied to clipboard": "ID tabele kopiran v odložišče", "You do not have edit access to this document": "Nimate dostopa za urejanje tega dokumenta", - "Raw Data Tables": "Neobdelana tabela" + "Raw Data Tables": "Neobdelana tabela", + "Edit Record Card": "Uredi evidenčno kartico", + "Rename Table": "Preimenuj Tabelo", + "{{action}} Record Card": "{{action}} Evidenčno Kartico", + "Record Card": "Evidenčna kartica", + "Remove Table": "Odstrani Tabelo", + "Record Card Disabled": "Evidenčna kartica onemogočena" }, "ViewLayoutMenu": { "Delete record": "Brisanje zapisa", @@ -1231,5 +1238,13 @@ }, "sendToDrive": { "Sending file to Google Drive": "Pošiljanje datoteke v Google Drive" + }, + "CardContextMenu": { + "Insert card above": "Vstavi kartico zgoraj", + "Duplicate card": "Podvoji kartico", + "Insert card below": "Vstavi kartico spodaj", + "Delete card": "Briši kartico", + "Copy anchor link": "Kopiraj sidrno povezavo", + "Insert card": "Vstavi kartico" } }