fix: login buttons remain visible until refresh after disabling authe…

…ntication service (#31371)
RocketChat · Jan 9, 2024 · 9a6e9b4 · 9a6e9b4
1 parent 319f05e
commit 9a6e9b4
Show file tree

Hide file tree

Showing 10 changed files with 120 additions and 7 deletions.
diff --git a/.changeset/little-planes-wonder.md b/.changeset/little-planes-wonder.md
@@ -0,0 +1,7 @@
+---
+'@rocket.chat/core-services': patch
+'@rocket.chat/ddp-streamer': patch
+'@rocket.chat/meteor': patch
+---
+
+Fixed an issue that caused login buttons to not be reactively removed from the login page when the related authentication service was disabled by an admin.
diff --git a/apps/meteor/packages/rocketchat-mongo-config/server/index.js b/apps/meteor/packages/rocketchat-mongo-config/server/index.js
@@ -4,8 +4,8 @@ import { PassThrough } from 'stream';
 import { Email } from 'meteor/email';
 import { Mongo } from 'meteor/mongo';
 
-const shouldDisableOplog = ['yes', 'true'].includes(String(process.env.USE_NATIVE_OPLOG).toLowerCase());
-if (!shouldDisableOplog) {
+const shouldUseNativeOplog = ['yes', 'true'].includes(String(process.env.USE_NATIVE_OPLOG).toLowerCase());
+if (!shouldUseNativeOplog) {
 	Package['disable-oplog'] = {};
 }
 

diff --git a/apps/meteor/server/modules/watchers/watchers.module.ts b/apps/meteor/server/modules/watchers/watchers.module.ts
@@ -339,7 +339,13 @@ export function initWatchers(watcher: DatabaseWatcher, broadcast: BroadcastCallb
 	});
 
 	watcher.on<ILoginServiceConfiguration>(LoginServiceConfiguration.getCollectionName(), async ({ clientAction, id }) => {
+		if (clientAction === 'removed') {
+			void broadcast('watch.loginServiceConfiguration', { clientAction, id });
+			return;
+		}
+
 		const data = await LoginServiceConfiguration.findOne<Omit<ILoginServiceConfiguration, 'secret'>>(id, { projection: { secret: 0 } });
+
 		if (!data) {
 			return;
 		}

diff --git a/apps/meteor/server/services/meteor/service.ts b/apps/meteor/server/services/meteor/service.ts
@@ -152,9 +152,11 @@ export class MeteorService extends ServiceClassInternal implements IMeteor {
 					return;
 				}
 
-				serviceConfigCallbacks.forEach((callbacks) => {
-					callbacks[clientAction === 'inserted' ? 'added' : 'changed']?.(id, data);
-				});
+				if (data) {
+					serviceConfigCallbacks.forEach((callbacks) => {
+						callbacks[clientAction === 'inserted' ? 'added' : 'changed']?.(id, data);
+					});
+				}
 			});
 		}
 

diff --git a/apps/meteor/tests/e2e/fixtures/inject-initial-data.ts b/apps/meteor/tests/e2e/fixtures/inject-initial-data.ts
@@ -57,6 +57,10 @@ export default async function injectInitialData() {
 				_id: 'API_Enable_Rate_Limiter_Dev',
 				value: false,
 			},
+			{
+				_id: 'Accounts_OAuth_Google',
+				value: false,
+			},
 		].map((setting) =>
 			connection
 				.db()

diff --git a/apps/meteor/tests/e2e/oauth.spec.ts b/apps/meteor/tests/e2e/oauth.spec.ts
@@ -0,0 +1,26 @@
+import { Registration } from './page-objects';
+import { setSettingValueById } from './utils/setSettingValueById';
+import { test, expect } from './utils/test';
+
+test.describe('OAuth', () => {
+	let poRegistration: Registration;
+
+	test.beforeEach(async ({ page }) => {
+		poRegistration = new Registration(page);
+
+		await page.goto('/home');
+	});
+
+	test('Login Page', async ({ api }) => {
+		await test.step('expect OAuth button to be visible', async () => {
+			await expect((await setSettingValueById(api, 'Accounts_OAuth_Google', true)).status()).toBe(200);
+			await expect(poRegistration.btnLoginWithGoogle).toBeVisible({ timeout: 10000 });
+		});
+
+		await test.step('expect OAuth button to not be visible', async () => {
+			await expect((await setSettingValueById(api, 'Accounts_OAuth_Google', false)).status()).toBe(200);
+
+			await expect(poRegistration.btnLoginWithGoogle).not.toBeVisible({ timeout: 10000 });
+		});
+	});
+});
diff --git a/apps/meteor/tests/e2e/page-objects/auth.ts b/apps/meteor/tests/e2e/page-objects/auth.ts
@@ -20,6 +20,10 @@ export class Registration {
 		return this.page.locator('role=button[name="Login"]');
 	}
 
+	get btnLoginWithGoogle(): Locator {
+		return this.page.locator('role=button[name="Sign in with Google"]');
+	}
+
 	get goToRegister(): Locator {
 		return this.page.locator('role=link[name="Create an account"]');
 	}

diff --git a/apps/meteor/tests/end-to-end/api/08-settings.js b/apps/meteor/tests/end-to-end/api/08-settings.js
@@ -2,6 +2,7 @@ import { expect } from 'chai';
 import { before, describe, it } from 'mocha';
 
 import { getCredentials, api, request, credentials } from '../../data/api-data.js';
+import { updateSetting } from '../../data/permissions.helper';
 
 describe('[Settings]', function () {
 	this.retries(0);
@@ -84,6 +85,54 @@ describe('[Settings]', function () {
 				})
 				.end(done);
 		});
+
+		describe('With OAuth enabled', () => {
+			before((done) => {
+				updateSetting('Accounts_OAuth_Google', true).then(done);
+			});
+
+			it('should include the OAuth service in the response', (done) => {
+				// wait 3 seconds before getting the service list so the server has had time to update it
+				setTimeout(() => {
+					request
+						.get(api('service.configurations'))
+						.set(credentials)
+						.expect('Content-Type', 'application/json')
+						.expect(200)
+						.expect((res) => {
+							expect(res.body).to.have.property('success', true);
+							expect(res.body).to.have.property('configurations');
+
+							expect(res.body.configurations.find(({ service }) => service === 'google')).to.exist;
+						})
+						.end(done);
+				}, 3000);
+			});
+		});
+
+		describe('With OAuth disabled', () => {
+			before((done) => {
+				updateSetting('Accounts_OAuth_Google', false).then(done);
+			});
+
+			it('should not include the OAuth service in the response', (done) => {
+				// wait 3 seconds before getting the service list so the server has had time to update it
+				setTimeout(() => {
+					request
+						.get(api('service.configurations'))
+						.set(credentials)
+						.expect('Content-Type', 'application/json')
+						.expect(200)
+						.expect((res) => {
+							expect(res.body).to.have.property('success', true);
+							expect(res.body).to.have.property('configurations');
+
+							expect(res.body.configurations.find(({ service }) => service === 'google')).to.not.exist;
+						})
+						.end(done);
+				}, 3000);
+			});
+		});
 	});
 
 	describe('/settings.oauth', () => {

diff --git a/ee/apps/ddp-streamer/src/DDPStreamer.ts b/ee/apps/ddp-streamer/src/DDPStreamer.ts
@@ -44,7 +44,9 @@ export class DDPStreamer extends ServiceClass {
 				return;
 			}
 
-			events.emit('meteor.loginServiceConfiguration', clientAction === 'inserted' ? 'added' : 'changed', data);
+			if (data) {
+				events.emit('meteor.loginServiceConfiguration', clientAction === 'inserted' ? 'added' : 'changed', data);
+			}
 		});
 
 		this.onEvent('meteor.clientVersionUpdated', (versions): void => {

diff --git a/packages/core-services/src/events/Events.ts b/packages/core-services/src/events/Events.ts
@@ -40,6 +40,19 @@ import type { AutoUpdateRecord } from '../types/IMeteor';
 
 type ClientAction = 'inserted' | 'updated' | 'removed' | 'changed';
 
+type LoginServiceConfigurationEvent = {
+	id: string;
+} & (
+	| {
+			clientAction: 'removed';
+			data?: never;
+	  }
+	| {
+			clientAction: Omit<ClientAction, 'removed'>;
+			data: Partial<ILoginServiceConfiguration>;
+	  }
+);
+
 export type EventSignatures = {
 	'room.video-conference': (params: { rid: string; callId: string }) => void;
 	'shutdown': (params: Record<string, string[]>) => void;
@@ -235,7 +248,7 @@ export type EventSignatures = {
 			  }
 		),
 	): void;
-	'watch.loginServiceConfiguration'(data: { clientAction: ClientAction; data: Partial<ILoginServiceConfiguration>; id: string }): void;
+	'watch.loginServiceConfiguration'(data: LoginServiceConfigurationEvent): void;
 	'watch.instanceStatus'(data: {
 		clientAction: ClientAction;
 		data?: undefined | Partial<IInstanceStatus>;