Fix federated scope not shown when public addressbook upload is disabled #26725
Conversation
danxuliu
added
bug
3. to review
danxuliu
requested review from
rullzer,
nickvergessen,
MorrisJobke,
PVince81 and
juliusknorr
|
/backport to stable21 |
Not renamed, but we actually need 2 capabilities? |
I have checked and if the federation app is disabled in server B it is no longer possible to synchronize its users from server A. So I guess that it would make sense to hide the Federated scope if the federation app is disabled. However, if I am not mistaken in the WebUI the Federated scope was never hidden before, so I do not know if there is a special reason for that or if it was just an oversight 🤷 |
Before @PVince81 recent work all scope settings were always hidden when the settings was off. Now it only hides the federation+published one as the others still make sense |
|
So what's to do with this? |
danxuliu
force-pushed
the
fix-federated-scope-not-shown-when-public-addressbook-upload-is-disabled
branch
2 times, most recently
from
df9c510
to
7bb2507
Compare
|
Besides the initial fix the Federated option is now hidden when the Federation app is disabled, and the capability was split in two different capabilities. |
|
@danxuliu rebase? close? |
skjnldsv
added
2. developing
Signed-off-by: Daniel Calviño Sánchez <[email protected]>
When the lookup server is disabled the address books can still be exchanged between trusted servers. Therefore the user should be able to set the "Federated" scope in that case. Signed-off-by: Daniel Calviño Sánchez <[email protected]>
danxuliu
force-pushed
the
fix-federated-scope-not-shown-when-public-addressbook-upload-is-disabled
branch
from
7bb2507
to
b006c9c
Compare
If the Federation app is disabled it is not possible to synchronize the users from a different server. Signed-off-by: Daniel Calviño Sánchez <[email protected]>
The "federated" and "published" scopes are independent one from each other, so the capability that encompassed both needs to be split. Signed-off-by: Daniel Calviño Sánchez <[email protected]>
danxuliu
force-pushed
the
fix-federated-scope-not-shown-when-public-addressbook-upload-is-disabled
branch
from
b006c9c
to
193cf6c
Compare
danxuliu
added
3. to review
|
Rebased and ready to review again. |
skjnldsv
requested review from
Pytal and
kesselb
and removed request for
rullzer
skjnldsv
deleted the
fix-federated-scope-not-shown-when-public-addressbook-upload-is-disabled
branch
|
/backport to stable22 |
|
I guess we backport to 22 before to 21 |
Follow up to #26243
Besides a small change in a test, when the public address book is disabled now it is possible to select the Federated scope for the profile attributes, as the address books can still be exchanged between trusted servers. Besides that the Federated option is now hidden when the Federation app is disabled
Please note that this might need to be adjusted in the mobile apps as well.
Should the property in the capabilities be renamed too?The capabilityAccountPropertyScopesFederationEnabledwas split inAccountPropertyScopesFederatedEnabledandAccountPropertyScopesPublishedEnabled.How to test (scenario 1)
Result with this pull request
The Federated option is still available, although the Published option is not
Result without this pull request
Neither the Federated nor the Published options are available
How to test (scenario 2)
Result with this pull request
The Federated option is no longer available
Result without this pull request
The Federated option is still available
Additional context
It can be checked that even if uploads to the lookup server are disabled the address book is still exchanged between trusted servers in the following way:
Now both servers need to trust each other. This is done using background jobs, so either force somehow the jobs to run or wait patiently until they run :-) (or, if you are using the AJAX method, entertain yourself reloading pages on each server around 30 times, although you need to do it alternatively as the jobs need to run in both servers :party:). There are probably much better ways to do it, but in order to know when the servers have trusted each other you can print a log message in TrustedServers::addSharedSecret
Once the servers trust each other, synchronize their address books running
occ federation:sync-addressbooksin both servers. If the sharing settings are then opened again the other server should be shown as trusted and synchronized.Now, if you open the Contacts menu in any of the servers you will see the users from the other server.