fix(auth): conditionally show unlinked member warning based on SSO requirement#115461
Open
sentry-junior[bot] wants to merge 1 commit into
Open
fix(auth): conditionally show unlinked member warning based on SSO requirement#115461sentry-junior[bot] wants to merge 1 commit into
sentry-junior[bot] wants to merge 1 commit into
Conversation
…quirement When an SSO provider is configured but 'Require SSO' is not enabled, the unlinked members warning incorrectly states that unlinked members 'will be unable to access the organization.' In reality, they can still log in with email and password — they just can't use the SSO provider. Pass the require_link flag to the template context and show an accurate message depending on whether SSO is actually required: - Required: keep the existing 'unable to access' warning - Not required: explain they can still use email/password but can't use the SSO provider until linked
github-actions
Bot
added
the
Scope: Backend
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
When an SSO provider is configured but Require SSO is not enabled, the Auth Settings page shows this warning for unlinked members:
This is misleading — when SSO is not required, unlinked members can still access the organization via email/password login at the generic auth page. They just can't use the SSO provider login flow.
Solution
require_linkflag (derived fromauth_provider.flags.allow_unlinked) to the template contextChanges
src/sentry/web/frontend/organization_auth_settings.py: addedrequire_linkto template contextsrc/sentry/templates/sentry/organization-auth-provider-settings.html: conditional warning message based onrequire_linkCloses https://github.com/getsentry/sentry/issues/XXXXX
PR created on behalf of @NickMeisenheimer