+
Skip to content

Do not show update email link if the email attribute is not writable #40721

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jun 28, 2025
Merged

Do not show update email link if the email attribute is not writable #40721

merged 1 commit into from
Jun 28, 2025

Conversation

pedroigor
Copy link
Contributor

@pedroigor pedroigor commented Jun 25, 2025
edited
Loading

Closes #39669

  • Certain attributes, like the email, might only be updated through an AIA. In this case, the UP configuration will allow setting a "annotation decorator" to dynamically resolve annotations based on contextual data so that UIs can check whether or not a link to initiate the action should be rendered.
  • The reason why this issue is resolved using an annotation is because the attribute is indeed readonly when at the ACCOUNT context, and we can not rely on the org.keycloak.representations.idm.UserProfileAttributeMetadata#readOnly field to decide to show or hide the link. In addition to that, annotations serve as a hint to UIs about how to render attributes.

@pedroigor pedroigor requested review from a team as code owners June 25, 2025 16:12
keycloak-github-bot[bot]
keycloak-github-bot bot reviewed Jun 25, 2025
View reviewed changes
Copy link

@keycloak-github-bot keycloak-github-bot bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unreported flaky test detected, please review

@keycloak-github-bot
Copy link

Unreported flaky test detected

If the flaky tests below are affected by the changes, please review and update the changes accordingly. Otherwise, a maintainer should report the flaky tests prior to merging the PR.

org.keycloak.testsuite.forms.AuthenticatorSubflowsTest2#testSubflow2

Keycloak CI - Forms IT (chrome)

java.lang.AssertionError: Expected AppPage but was PushTheButton (https://localhost:8543/auth/realms/test/login-actions/authenticate?execution=282b465a-8787-42e8-b2ad-712e2db3e3ae&client_id=test-app&tab_id=vcxEwc8paK4&client_data=eyJydSI6Imh0dHBzOi8vbG9jYWxob3N0Ojg1NDMvYXV0aC9yZWFsbXMvbWFzdGVyL2FwcC9hdXRoIiwicnQiOiJjb2RlIn0)
	at org.junit.Assert.fail(Assert.java:89)
	at org.junit.Assert.assertTrue(Assert.java:42)
	at org.keycloak.testsuite.pages.AbstractPage.assertCurrent(AbstractPage.java:38)
	at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
...

Report flaky test

@pedroigor
Do not show update email link if the email attribute is not writable
fd63f47 
Closes keycloak#39669

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
martin-kanis
martin-kanis approved these changes Jun 27, 2025
View reviewed changes
Copy link
Contributor

@martin-kanis martin-kanis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

ahus1
ahus1 approved these changes Jun 28, 2025
View reviewed changes
Copy link
Contributor

@ahus1 ahus1 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approving based on previous reviews

@ahus1 ahus1 merged commit 304bcdc into keycloak:main Jun 28, 2025
76 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@keycloak-github-bot keycloak-github-bot[bot] keycloak-github-bot[bot] left review comments

@martin-kanis martin-kanis martin-kanis approved these changes

@ahus1 ahus1 ahus1 approved these changes

Assignees
No one assigned
Labels
flaky-test team/cloud-native team/core-clients team/core-iam team/ui
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Hide update email link in account console when email is read-only in user profile
3 participants
@pedroigor @martin-kanis @ahus1
点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载