Better display name in apps for all user types

cs3org · Sep 26, 2022 · cffd30a · cffd30a
1 parent da6ddce
commit cffd30a
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 16 deletions.
diff --git a/changelog/unreleased/ext-users.md b/changelog/unreleased/ext-users.md
@@ -0,0 +1,7 @@
+Enhancement: better display name in apps for all user types
+
+This includes a `FirstName FamilyName (domain)` format for non-primary accounts,
+and a sanitization of the email address claim for such non-primary accounts.
+
+https://github.com/cs3org/reva/pull/2986
+https://github.com/cs3org/reva/pull/....
diff --git a/pkg/app/provider/wopi/wopi.go b/pkg/app/provider/wopi/wopi.go
@@ -144,32 +144,19 @@ func (p *wopiProvider) GetAppURL(ctx context.Context, resource *provider.Resourc
 	q.Add("fileid", resource.GetId().OpaqueId)
 	q.Add("endpoint", resource.GetId().StorageId)
 	q.Add("viewmode", viewMode.String())
+	q.Add("appname", p.conf.AppName)
 
 	u, ok := ctxpkg.ContextGetUser(ctx)
-	if ok { // else defaults to "Guest xyz"
-		var isPublicShare bool
-		if u.Opaque != nil {
-			if _, ok := u.Opaque.Map["public-share-role"]; ok {
-				isPublicShare = true
-			}
-		}
+	if ok { // else username defaults to "Guest xyz"
+		q.Add("username", u.DisplayName)
 
 		if u.Id.Type == userpb.UserType_USER_TYPE_LIGHTWEIGHT || u.Id.Type == userpb.UserType_USER_TYPE_FEDERATED {
 			q.Add("userid", resource.Owner.OpaqueId+"@"+resource.Owner.Idp)
-			if !isPublicShare {
-				// for visual display, federated/external accounts are shown with their email but act on behalf of the owner
-				q.Add("username", u.Mail)
-			}
 		} else {
 			q.Add("userid", u.Id.OpaqueId+"@"+u.Id.Idp)
-			if !isPublicShare {
-				q.Add("username", u.Username)
-			}
 		}
 	}
 
-	q.Add("appname", p.conf.AppName)
-
 	var viewAppURL string
 	if viewAppURLs, ok := p.appURLs["view"]; ok {
 		if viewAppURL, ok = viewAppURLs[ext]; ok {

diff --git a/pkg/auth/manager/oidc/oidc.go b/pkg/auth/manager/oidc/oidc.go
@@ -247,6 +247,10 @@ func (am *mgr) Authenticate(ctx context.Context, clientID, clientSecret string)
 		if err != nil {
 			return nil, nil, err
 		}
+		// strip the `guest:` prefix if present in the email claim (appears to come from LDAP at CERN?)
+		u.Mail = strings.Replace(u.Mail, "guest: ", "", 1)
+		// and decorate the display name with the email domain to make it different from a primary account
+		u.DisplayName = u.DisplayName + " (" + strings.Split(u.Mail, "@")[1] + ")"
 	} else {
 		scopes, err = scope.AddOwnerScope(nil)
 		if err != nil {