-
Notifications
You must be signed in to change notification settings - Fork 4.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Finalize login page migration #36348
Finalize login page migration #36348
Conversation
jolelievre
commented
Jun 11, 2024
•
edited
Loading
edited
Questions | Answers |
---|---|
Branch? | develop |
Description? | Finalize login page migration |
Type? | new feature |
Category? | BO |
BC breaks? | yes |
Deprecations? | no |
How to test? | CI green UI tests green Functional test: the login page in BO, the reset password feature, any campaign/scenario related to login page |
UI Tests | https://github.com/jolelievre/ga.tests.ui.pr/actions/runs/9676037962 https://github.com/florine2623/testing_pr/actions/runs/9663231021 ✅ |
Fixed issue or discussion? | Fixes #36347 |
Related PRs | ~ |
Sponsor company | ~ |
@@ -886,41 +886,6 @@ | |||
<title>Perform actions before controller initialization</title> | |||
<description>This hook is launched before the initialization of all controllers</description> | |||
</hook> | |||
<hook id="actionAdminLoginControllerBefore"> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@jolelievre do you plan to reintroduce those hooks? one way or another, I'm pretty sure they've been useful for some 2FA modules
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@jolelievre unless there are certain events triggered on the SF side of things that could be a replacement
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No these hooks were triggered by the legacy controller, the legacy controller is no more and it wouldn't make sense to maintain them because we can't dispatch the same parameters (which was the legacy controller)
Usually we actually never maintain/remove the hooks removed along with legacy pages, but this time I thought it as worth the extra effort This way I also noted which hooks were actually removed and I'm adding them in the dev doc
My plan is to explain which hook were removed, which ones were maintained (two actually), and what alternative hooks can be used no even if they are different, I'll ping you on the PR for the doc
If we realize some hooks are missing we can also think of what new hooks could/should be introduced
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There is one hook that was kept strictly for legacy retro compatibility here:
PrestaShop/src/PrestaShopBundle/Twig/Component/Login/LoginHeadTag.php
Lines 38 to 43 in 29bf247
$this->hookDispatcher->dispatchWithParameters( | |
'actionAdminLoginControllerSetMedia', | |
[ | |
'controller' => $this->legacyControllerContext, | |
] | |
); |
It does provide a legacy controller, or actually a "fake" legacy controller we implemented as a bridge to still allow some legacy modifications like $legacyController->addJs
Maintaining this hook to allow adding assets was relevant, but all the other hooks would be overkill IMHO It gives the wrong impression that nothing changed and it forces us to maintain retro compatibility in too many places
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok for tests/UI
directory
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hello @jolelievre ,
Tested and compared to old login page.
QA OK ✅
- Standard employee email/password login
- Correct employee email/wrong password
- Non-existing email/any password
- Logout from BO
- Links to prestashop-project.org and social medias
- Make sure the work done by @M0rgan01 for backoffice cron calls work correctly with the migrated Login system (search cron regeneration)
- Responsive
- Correct email is sent for Forget my password feature
QA NOK ❌ or needs improvement
BUG 1
Changing the name of shop (Contact > Stores) doesn't change the title of the login page
![Screenshot 2024-06-13 at 14 06 54](https://private-user-images.githubusercontent.com/16019289/339351539-1b9a08af-ab24-4c8d-a5de-d51a306ae186.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MTk2MTk0MDcsIm5iZiI6MTcxOTYxOTEwNywicGF0aCI6Ii8xNjAxOTI4OS8zMzkzNTE1MzktMWI5YTA4YWYtYWIyNC00YzhkLWE1ZGUtZDUxYTMwNmFlMTg2LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA2MjglMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNjI4VDIzNTgyN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWQzYWFkNjk3ZmRlMDA2OWU2MzlmOWI4MmFiOGEwMjYyYmQ5ZTA0Yzg5M2RlYjEzY2I1ZmM4ZjgzNjg5MDA0MDgmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.kCAxcfrZvJzn3IDupbOM4p9VeX20aDmceCoqhTAXrbg)
BUG 2
Clickable link "back to FO" is too long. I can click anywhere on the header and it will go back to my FO.
BUG 3
Non-valid email is not detected. I should have a warning message and I should not be able to click on Log In until my email address has a valid format.
BUG 4
When a reset link is sent, the message is different between Old and New Login page.
Old Login Page :
New Login page :
BUG 5
Employees with different roles and permissions cannot access the BO. I created a translator, when I log in with correct email/password, I have an exception. I kept the Default page as Dashboard (not accessible by this employee).
BUG 6
When my login page has been open long enough and refreshed, I have a CSRF alert. Even after refreshing the page the alert is displayed, I have to manually close the alert.
BUG 7
Alert message in Log In page is still displayed after I go to Forget my password page. I should not have to manually close it if I move to another page.
Screen.Recording.2024-06-13.at.14.43.55.mov
BUG 8
maybe not bug but feature, but I couldn't find any info on that topic)
I can't receive multiple "Forget my password" emails. I have to wait 24 hours. This cannot be configured. In Old Login Page I could send as many as I wanted.
BUG 9
In Multistore context, I created a second-store, granted access to only 1 employee Translator. Tried to log in via my translator employee account ❌ tried to access m store via my default SuperAdmin employee ❌
BO and login page can't be accessed anymore.
Waiting for your feedback ^^
Thanks!
6753c0b
138a7c5
to
6753c0b
Compare
Thanks @florine2623 here are the bugs I fixed with the recent changes: Bug 1 The form title now uses the global configuration (previously it used the Shop->name which stores the shop name in another place) This is the only don't that wasn't fixed, but it matches the usual behaviour of Symfony |
35693aa
to
5304c0c
Compare
…omepage is accesible for the selected profile
5304c0c
to
bc58627
Compare
522671e
to
3b8034f
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hello @jolelievre ,
BUG 5 ✅
Works like a charm !
The employee has only access to the pages that are accessible by his role !
Screen.Recording.2024-06-26.at.12.08.16.mov
BUG 10 ✅
Fixed, same design in login and password page.
Thanks !
It is QA ✅ 💪
QA approved, well done! Message to the maintainers: do not forget to milestone it before the merge. |
we need one approval @Progi1984 @nesrineabdmouleh |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok for UI Tests (tests/UI/tools/urls.ts
).
Not in my scope for remaining files.
thanks @jolelievre 🎉 |