Add support for claim-wise uniqueness validation

wso2 · Nov 11, 2024 · 8a293ef · 8a293ef
1 parent 163f073
commit 8a293ef
Show file tree

Hide file tree

Showing 9 changed files with 99 additions and 3 deletions.
diff --git a/...le/java/org.wso2.identity.apps.console.server.feature/resources/deployment.config.json.j2 b/...le/java/org.wso2.identity.apps.console.server.feature/resources/deployment.config.json.j2
@@ -1909,5 +1909,8 @@
         "theme": {
             "name": "{{ console.theme }}"
         }
+        {% if identity_mgt.user_claim_update.uniqueness.enable is defined %}
+        "isClaimUniquenessValidationEnabled": "{{ identity_mgt.user_claim_update.uniqueness.enable }}",
+        {% endif %}
     }
 }
diff --git a/features/admin.claims.v1/components/edit/local-claim/edit-basic-details-local-claims.tsx b/features/admin.claims.v1/components/edit/local-claim/edit-basic-details-local-claims.tsx
@@ -18,6 +18,7 @@
 
 import { Show } from "@wso2is/access-control";
 import { AppConstants, AppState, FeatureConfigInterface, history } from "@wso2is/admin.core.v1";
+import useUIConfig from "@wso2is/admin.core.v1/hooks/use-ui-configs";
 import { attributeConfig } from "@wso2is/admin.extensions.v1";
 import { SCIMConfigs } from "@wso2is/admin.extensions.v1/configs/scim";
 import {
@@ -135,6 +136,8 @@ export const EditBasicDetailsLocalClaims: FunctionComponent<EditBasicDetailsLoca
 
     const { data: validationData } = useValidationConfigData();
 
+    const { UIConfig } = useUIConfig();
+
     /**
      * Get username configuration.
      */
@@ -418,14 +421,28 @@ export const EditBasicDetailsLocalClaims: FunctionComponent<EditBasicDetailsLoca
     };
 
     const onSubmit = (values: Record<string, unknown>) => {
+        const updatedProperties: { key: string; value: string }[] = [ ...(claim.properties || []) ];
+        const uniquenessScopeIndex: number = updatedProperties.findIndex((prop: { key: string; value: string }) =>
+            prop.key === "UniquenessScope"
+        );
+
+        if (uniquenessScopeIndex !== -1) {
+            updatedProperties[uniquenessScopeIndex].value = values.uniquenessScope?.toString() || "NONE";
+        } else {
+            updatedProperties.push({
+                key: "UniquenessScope",
+                value: values.uniquenessScope?.toString() || "NONE"
+            });
+        }
+
         const data: Claim = {
             attributeMapping: claim.attributeMapping,
             claimURI: claim.claimURI,
             description: values?.description !== undefined ? values.description?.toString() : claim?.description,
             displayName: values?.name !== undefined ? values.name?.toString() : claim?.displayName,
             displayOrder: attributeConfig.editAttributes.getDisplayOrder(
                 claim.displayOrder, values.displayOrder?.toString()),
-            properties: claim.properties,
+            properties: updatedProperties,
             readOnly: values?.readOnly !== undefined ? !!values.readOnly : claim?.readOnly,
             regEx:  values?.regularExpression !== undefined ? values.regularExpression?.toString() : claim?.regEx,
             required: values?.required !== undefined && !values?.readOnly ? !!values.required : false,
@@ -555,6 +572,39 @@ export const EditBasicDetailsLocalClaims: FunctionComponent<EditBasicDetailsLoca
                             />
                         )
                     }
+                    {
+                        claim && !READONLY_CLAIM_CONFIGS.includes(claim?.claimURI)
+                            && !hideSpecialClaims && mappingChecked
+                            && UIConfig?.isClaimUniquenessValidationEnabled && (
+                            <Field.Dropdown
+                                ariaLabel="uniqueness-scope-dropdown"
+                                name="uniquenessScope"
+                                label={ t("claims:local.forms.uniquenessScope.label") }
+                                data-testid={ `${ testId }-form-uniqueness-scope-dropdown` }
+                                disabled={ !hasMapping }
+                                hint={ t("claims:local.forms.uniquenessScopeHint") }
+                                options={ [
+                                    {
+                                        text: t("claims:local.forms.uniquenessScope.options.none"),
+                                        value: "NONE"
+                                    },
+                                    {
+                                        text: t("claims:local.forms.uniquenessScope.options.withinUserstore"),
+                                        value: "WITHIN_USERSTORE"
+                                    },
+                                    {
+                                        text: t("claims:local.forms.uniquenessScope.options.acrossUserstores"),
+                                        value: "ACROSS_USERSTORES"
+                                    }
+                                ] }
+                                value={
+                                    (claim?.properties?.find(
+                                        (prop: { key: string; value: string }) => prop.key === "UniquenessScope"
+                                    )?.value as string) || "NONE"
+                                }
+                            />
+                        )
+                    }
                     { !READONLY_CLAIM_CONFIGS.includes(claim?.claimURI) &&  mappingChecked
                         ? (
                             !hideSpecialClaims &&

diff --git a/features/admin.core.v1/configs/app.ts b/features/admin.core.v1/configs/app.ts
@@ -320,6 +320,8 @@ export class Config {
             hiddenUserStores: window[ "AppUtils" ]?.getConfig()?.ui?.hiddenUserStores,
             i18nConfigs: window[ "AppUtils" ]?.getConfig()?.ui?.i18nConfigs,
             identityProviderTemplates: window[ "AppUtils" ]?.getConfig()?.ui?.identityProviderTemplates,
+            isClaimUniquenessValidationEnabled:
+                window[ "AppUtils" ]?.getConfig()?.ui?.isClaimUniquenessValidationEnabled,
             isClientSecretHashEnabled: window[ "AppUtils" ]?.getConfig()?.ui?.isClientSecretHashEnabled,
             isCookieConsentBannerEnabled: window[ "AppUtils" ]?.getConfig()?.ui?.isCookieConsentBannerEnabled,
             isCustomClaimMappingEnabled: window[ "AppUtils" ]?.getConfig()?.ui?.isCustomClaimMappingEnabled,

diff --git a/features/admin.core.v1/models/config.ts b/features/admin.core.v1/models/config.ts
@@ -360,6 +360,10 @@ export interface UIConfigInterface extends CommonUIConfigInterface<FeatureConfig
      * Should dialects addition be allowed.
      */
     isDialectAddingEnabled?: boolean;
+    /**
+     * Flag to check if the claims uniqueness validation is enabled.
+     */
+    isClaimUniquenessValidationEnabled?: boolean;
     /**
      * Flag to check if the `OAuth.EnableClientSecretHash` is enabled in the `identity.xml`.
      */

diff --git a/features/admin.core.v1/store/reducers/config.ts b/features/admin.core.v1/store/reducers/config.ts
@@ -252,6 +252,7 @@ export const commonConfigReducerInitialState: CommonConfigReducerStateInterface<
                     enabled: false
                 }
             },
+            isClaimUniquenessValidationEnabled: undefined,
             isClientSecretHashEnabled: undefined,
             isCookieConsentBannerEnabled: undefined,
             isCustomClaimMappingEnabled: undefined,

diff --git a/modules/i18n/src/models/namespaces/claims-ns.ts b/modules/i18n/src/models/namespaces/claims-ns.ts
@@ -466,6 +466,15 @@ export interface ClaimsNS {
                     invalidName: string;
                 };
             };
+            uniquenessScope: {
+                label: string;
+                options: {
+                    none: string;
+                    withinUserstore: string;
+                    acrossUserstores: string;
+                };
+            };
+            uniquenessScopeHint: string;
             nameHint: string;
             description: {
                 label: string;

diff --git a/modules/i18n/src/models/namespaces/console-ns.ts b/modules/i18n/src/models/namespaces/console-ns.ts
@@ -4186,6 +4186,15 @@ export interface ConsoleNS {
                             disabledConfigInfo: string;
                             configApplicabilityInfo: string;
                         };
+                        uniquenessScope: {
+                            label: string;
+                            options: {
+                                none: string;
+                                withinUserstore: string;
+                                acrossUserstores: string;
+                            }
+                        };
+                        uniquenessScopeHint: string;
                     };
                     dangerZone: {
                         actionTitle: string;

diff --git a/modules/i18n/src/translations/en-US/portals/claims.ts b/modules/i18n/src/translations/en-US/portals/claims.ts
@@ -494,7 +494,16 @@ export const claims: ClaimsNS = {
                 "you need to disable account verification for your organization.",
             supportedByDefault: {
                 label: "Display this attribute on the user's profile"
-            }
+            },
+            uniquenessScope: {
+                label: "Uniqueness Validation",
+                options: {
+                    none: "None",
+                    withinUserstore: "Within User Store",
+                    acrossUserstores: "Across User Stores"
+                }
+            },
+            uniquenessScopeHint: "Select the scope to validate the uniqueness of the attribute value."
         },
         mappedAttributes: {
             hint: "Enter the attribute from each user store that you want to map to this attribute."

diff --git a/modules/i18n/src/translations/en-US/portals/console.ts b/modules/i18n/src/translations/en-US/portals/console.ts
@@ -3501,7 +3501,16 @@ export const console: ConsoleNS = {
                             "you need to disable account verification for your organization.",
                         supportedByDefault: {
                             label: "Display this attribute on the user's profile"
-                        }
+                        },
+                        uniquenessScope: {
+                            label: "Uniqueness Validation",
+                            options: {
+                                none: "None",
+                                withinUserstore: "Within User Store",
+                                acrossUserstores: "Across User Stores"
+                            }
+                        },
+                        uniquenessScopeHint: "Select the scope to validate the uniqueness of the attribute value."
                     },
                     mappedAttributes: {
                         hint: "Enter the attribute from each user store that you want to map to this attribute."