Merge pull request #21677 from overleaf/msm-register-hide-sso-login

[web] Hide 'Login with SSO' when accepting SSO group invite GitOrigin-RevId: fd4c327bbb838209773b4e7b1c41f6e3a355ad8b
2026-05-23 17:19:37 +02:00 · 2025-01-10 09:58:04 +01:00
parent fe623d2297
commit 84413c991d
3 changed files with 23 additions and 7 deletions
--- a/services/web/app/src/Features/Subscription/TeamInvitesController.mjs
+++ b/services/web/app/src/Features/Subscription/TeamInvitesController.mjs
@@ -80,6 +80,10 @@ async function viewInvite(req, res, next) {
    return ErrorController.notFound(req, res)
  }

+  const groupSSOActive = (
+    await Modules.promises.hooks.fire('hasGroupSSOEnabled', subscription)
+  )?.[0]
+
  let validationStatus = new Map()
  if (userId) {
    const personalSubscription =
@@ -92,10 +96,6 @@ async function viewInvite(req, res, next) {
      personalSubscription.recurlySubscription_id &&
      personalSubscription.recurlySubscription_id !== ''

-    const groupSSOActive = (
-      await Modules.promises.hooks.fire('hasGroupSSOEnabled', subscription)
-    )?.[0]
-
    if (subscription?.groupPolicy) {
      if (!subscription.populated('groupPolicy')) {
        // eslint-disable-next-line no-restricted-syntax
@@ -178,6 +178,7 @@ async function viewInvite(req, res, next) {
      accountExists: userByEmail != null,
      emailAddress: invite.email,
      user: { id: null },
+      groupSSOActive,
    })
  }
 }
--- a/services/web/app/views/subscriptions/team/invite_logged_out.pug
+++ b/services/web/app/views/subscriptions/team/invite_logged_out.pug
@@ -25,10 +25,10 @@ block content
 									p #{translate("invited_to_group_login_benefits", {appName: appName})}
 									p #{translate("invited_to_group_login", {emailAddress: emailAddress})}
 									p
-										a.btn.btn-primary(href=`/login?redir=/subscription/invites/${inviteToken}`) #{translate("login_to_accept_invitation")}
+										a.btn.btn-primary(href=`/login?redir=/subscription/invites/${inviteToken}${groupSSOActive ? "&hide_sso_login=true" : ""}`) #{translate("login_to_accept_invitation")}
 							else
 								div
 									p #{translate("invited_to_group_register_benefits", {appName: appName})}
 									p #{translate("invited_to_group_register", {inviterName: inviterName})}
 									p
-										a.btn.btn-primary(href=`/register?redir=/subscription/invites/${inviteToken}`) #{translate("register_to_accept_invitation")}
+										a.btn.btn-primary(href=`/register?redir=/subscription/invites/${inviteToken}${groupSSOActive ? "&hide_sso_login=true" : ""}`) #{translate("register_to_accept_invitation")}
--- a/services/web/test/unit/src/Subscription/TeamInvitesControllerTests.mjs
+++ b/services/web/test/unit/src/Subscription/TeamInvitesControllerTests.mjs
@@ -187,8 +187,23 @@ describe('TeamInvitesController', function () {
    describe('when user is logged out', function () {
      it('renders logged out invite page', function (done) {
        const res = {
-          render: template => {
+          render: (template, data) => {
            expect(template).to.equal('subscriptions/team/invite_logged_out')
+            expect(data.groupSSOActive).to.be.undefined
+            done()
+          },
+        }
+        this.Controller.viewInvite(
+          { params: { token: 'token123' }, session: {} },
+          res
+        )
+      })
+
+      it('includes groupSSOActive flag when the group has SSO enabled', function (done) {
+        this.Modules.promises.hooks.fire = sinon.stub().resolves([true])
+        const res = {
+          render: (template, data) => {
+            expect(data.groupSSOActive).to.be.true
            done()
          },
        }