diff --git a/config/application.rb b/config/application.rb index e41dc316bb..2e7eccae48 100644 --- a/config/application.rb +++ b/config/application.rb @@ -73,6 +73,29 @@ end require File.dirname(__FILE__) + '/../lib/open_project/configuration' +env = ENV['RAILS_ENV'] || 'production' +db_config = ActiveRecord::Base.configurations[env] || {} +db_adapter = db_config['adapter'] +if db_adapter&.start_with? 'mysql' + warn <<~ERROR + ======= INCOMPATIBLE DATABASE DETECTED ======= + Your database is set up for use with a MySQL or MySQL-compatible variant. + This installation of OpenProject 10.0. no longer supports these variants. + + The following guides provide extensive documentation for migrating + your installation to a PostgreSQL database: + + https://www.openproject.org/migration-guides/ + + This process is mostly automated so you can continue using your + OpenProject installation within a few minutes! + + ============================================== + ERROR + + Kernel.exit 1 +end + module OpenProject class Application < Rails::Application # Settings in config/environments/* take precedence over those specified here. diff --git a/config/initializers/01-mysql-error.rb b/config/initializers/01-mysql-error.rb deleted file mode 100644 index 5989461439..0000000000 --- a/config/initializers/01-mysql-error.rb +++ /dev/null @@ -1,20 +0,0 @@ -db_adapter = ActiveRecord::Base.configurations[Rails.env]['adapter'] -if db_adapter.start_with? 'mysql' - warn <<~ERROR - ======= INCOMPATIBLE DATABASE DETECTED ======= - Your database is set up for use with a MySQL or MySQL-compatible variant. - This installation of OpenProject 10.0. no longer supports these variants. - - The following guides provide extensive documentation for migrating - your installation to a PostgreSQL database: - - https://www.openproject.org/migration-guides/ - - This process is mostly automated so you can continue using your - OpenProject installation within a few minutes! - - ============================================== - ERROR - - Kernel.exit 1 -end diff --git a/frontend/src/app/modules/grids/widgets/header/header.component.html b/frontend/src/app/modules/grids/widgets/header/header.component.html index b0cee2c169..3d14e7c409 100644 --- a/frontend/src/app/modules/grids/widgets/header/header.component.html +++ b/frontend/src/app/modules/grids/widgets/header/header.component.html @@ -1,6 +1,6 @@

- diff --git a/frontend/src/app/modules/grids/widgets/header/header.component.sass b/frontend/src/app/modules/grids/widgets/header/header.component.sass index 047041a3de..256bbfe126 100644 --- a/frontend/src/app/modules/grids/widgets/header/header.component.sass +++ b/frontend/src/app/modules/grids/widgets/header/header.component.sass @@ -1,7 +1,14 @@ -.widget-box--header.-editable - .icon-context - padding-top: 5px +.widget-box--header + margin-top: 5px + &.-editable + margin-top: 0 + + .widget-box--header-icon + padding-top: 5px + +.widget-box--header-icon + align-self: center .widget-box--header-title padding-right: 5px diff --git a/modules/auth_plugins/lib/open_project/plugins/auth_plugin.rb b/modules/auth_plugins/lib/open_project/plugins/auth_plugin.rb index f2e53e4ffb..514bbe4695 100644 --- a/modules/auth_plugins/lib/open_project/plugins/auth_plugin.rb +++ b/modules/auth_plugins/lib/open_project/plugins/auth_plugin.rb @@ -47,11 +47,22 @@ module OpenProject::Plugins end def self.providers_for(strategy) - strategies[strategy_key(strategy)].map(&:call).flatten.map(&:to_hash) + filtered_strategies strategies[strategy_key(strategy)].map(&:call).flatten.map(&:to_hash) end def self.providers - strategies.values.flatten.map(&:call).flatten.map(&:to_hash) + filtered_strategies strategies.values.flatten.map(&:call).flatten.map(&:to_hash) + end + + def self.filtered_strategies(options) + options.select do |provider| + name = provider[:name]&.to_s + next true if !EnterpriseToken.show_banners? || name == 'developer' + + warn_unavailable(name) + + false + end end def self.strategy_key(strategy) @@ -66,11 +77,19 @@ module OpenProject::Plugins [camelization, name].compact.first.underscore.to_sym end + + def self.warn_unavailable(name) + RequestStore.fetch("warn_unavailable_auth_#{name}") do + Rails.logger.warn { "OmniAuth SSO strategy #{name} is only available for Enterprise Editions." } + true + end + end end class ProviderBuilder def strategy(strategy, &providers) key = AuthPlugin.strategy_key(strategy) + if AuthPlugin.strategies.include? key AuthPlugin.strategies[key] << providers else diff --git a/modules/auth_saml/lib/open_project/auth_saml/engine.rb b/modules/auth_saml/lib/open_project/auth_saml/engine.rb index c352925d8f..4c8d2396cb 100644 --- a/modules/auth_saml/lib/open_project/auth_saml/engine.rb +++ b/modules/auth_saml/lib/open_project/auth_saml/engine.rb @@ -33,6 +33,7 @@ module OpenProject register_auth_providers do settings = Rails.root.join('config', 'plugins', 'auth_saml', 'settings.yml') if settings.exist? + Rails.logger.info("[auth_saml] Registering saml integration from 'config/plugins/auth_saml/settings.yml'") providers = YAML::load(File.open(settings)).symbolize_keys strategy :saml do providers.values.map do |h| @@ -45,8 +46,6 @@ module OpenProject h.symbolize_keys end end - else - Rails.logger.warn("[auth_saml] Missing settings from '#{settings}', skipping omniauth registration.") end end end diff --git a/modules/openid_connect/app/controllers/openid_connect/providers_controller.rb b/modules/openid_connect/app/controllers/openid_connect/providers_controller.rb index 0fde558d8c..fbd93b0844 100644 --- a/modules/openid_connect/app/controllers/openid_connect/providers_controller.rb +++ b/modules/openid_connect/app/controllers/openid_connect/providers_controller.rb @@ -4,6 +4,7 @@ module OpenIDConnect menu_item :plugin_openid_connect before_action :require_admin + before_action :check_ee before_action :find_provider, only: [:edit, :update, :destroy] def index; end @@ -53,6 +54,13 @@ module OpenIDConnect private + def check_ee + if EnterpriseToken.show_banners? + render template: '/openid_connect/providers/upsale' + return false + end + end + def create_params params.require(:openid_connect_provider).permit(:name, :display_name, :identifier, :secret) end diff --git a/modules/openid_connect/app/views/openid_connect/providers/upsale.html.erb b/modules/openid_connect/app/views/openid_connect/providers/upsale.html.erb new file mode 100644 index 0000000000..f946f8e78a --- /dev/null +++ b/modules/openid_connect/app/views/openid_connect/providers/upsale.html.erb @@ -0,0 +1,31 @@ +<% html_title(t(:label_administration), t('openid_connect.providers.plural')) -%> + + +<%= breadcrumb_toolbar(t('openid_connect.providers.plural')) %> +
+
+

<%= t('admin.enterprise.upgrade_to_ee') %>

+ <%= image_tag "enterprise_edition.png", class: "widget-box--teaser-image" %> + +

<%= t('homescreen.blocks.upsale.description') %>

+ +
    +
  • + <%= t('homescreen.blocks.upsale.additional_features') %> +
    • +
  • + <%= t('homescreen.blocks.upsale.professional_support') %> +
    • +
+

+ <%= t('homescreen.blocks.upsale.become_hero') %> <%= t('homescreen.blocks.upsale.you_contribute') %> +

+ <%= link_to( "#{OpenProject::Static::Links.links[:upsale][:href]}/?utm_source=unknown&utm_medium=community-edition&utm_campaign=enterprise-openid-connect", + { class: 'button -alt-highlight', + aria: {label: t('admin.enterprise.order')}, + title: t('admin.enterprise.order')}) do %> + <%= op_icon('button--icon icon-add') %> + <%= t('admin.enterprise.order') %> + <% end %> +
+
diff --git a/modules/openid_connect/spec/controllers/providers_controller_spec.rb b/modules/openid_connect/spec/controllers/providers_controller_spec.rb index f67cd427c0..1db9b2a193 100644 --- a/modules/openid_connect/spec/controllers/providers_controller_spec.rb +++ b/modules/openid_connect/spec/controllers/providers_controller_spec.rb @@ -16,6 +16,7 @@ require 'spec_helper' describe ::OpenIDConnect::ProvidersController, type: :controller do let(:user) { FactoryBot.build_stubbed :admin } + let(:ee) { true } let(:valid_params) do { @@ -27,6 +28,17 @@ describe ::OpenIDConnect::ProvidersController, type: :controller do before do login_as user + allow(EnterpriseToken).to receive(:show_banners?).and_return(!ee) + end + + context 'when not ee' do + let(:ee) { false } + + it 'renders upsale' do + get :index + expect(response.status).to eq 200 + expect(response).to render_template 'openid_connect/providers/upsale' + end end context 'when not admin' do diff --git a/modules/openid_connect/spec/requests/openid_connect_spec.rb b/modules/openid_connect/spec/requests/openid_connect_spec.rb index 5664049024..cade98aa1b 100644 --- a/modules/openid_connect/spec/requests/openid_connect_spec.rb +++ b/modules/openid_connect/spec/requests/openid_connect_spec.rb @@ -46,6 +46,8 @@ describe 'OpenID Connect', type: :rails_request do end before do + allow(EnterpriseToken).to receive(:show_banners?).and_return(false) + # The redirect will include an authorisation code. # Since we don't actually get a valid code in the test we will stub the resulting AccessToken. allow_any_instance_of(OpenIDConnect::Client).to receive(:access_token!) do @@ -137,7 +139,7 @@ describe 'OpenID Connect', type: :rails_request do end context 'provider configuration through the settings' do - it 'should make providers that have been configured through settings available without requiring a restart' do + before do allow(Setting).to receive(:plugin_openproject_openid_connect).and_return( 'providers' => { 'google' => { @@ -150,7 +152,16 @@ describe 'OpenID Connect', type: :rails_request do } } ) + end + it 'will show no option unless EE' do + allow(EnterpriseToken).to receive(:show_banners?).and_return(true) + get '/login' + expect(response.body).not_to match /Google/i + expect(response.body).not_to match /Azure/i + end + + it 'should make providers that have been configured through settings available without requiring a restart' do get '/login' expect(response.body).to match /Google/i expect(response.body).to match /Azure/i