allow to edit profile to users logged in via OIDC

Fixes #942

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>

internal/httpd/oidc_test.go

@@ -484,7 +484,7 @@ func TestOIDCLoginLogout(t *testing.T) {
 	r.RequestURI = webClientProfilePath
 	r.Header.Set("Cookie", fmt.Sprintf("%v=%v", oidcCookieKey, tokenCookie))
 	server.router.ServeHTTP(rr, r)
-	assert.Equal(t, http.StatusForbidden, rr.Code)
+	assert.Equal(t, http.StatusOK, rr.Code)
 	// the user can access the allowed pages
 	rr = httptest.NewRecorder()
 	r, err = http.NewRequest(http.MethodGet, webClientFilesPath, nil)

internal/httpd/server.go

@@ -1454,10 +1454,9 @@ func (s *httpdServer) setupWebClientRoutes() {
 				Delete(webClientDirsPath, deleteUserDir)
 			router.With(s.checkSecondFactorRequirement, s.refreshCookie).
 				Get(webClientDownloadZipPath, s.handleWebClientDownloadZip)
-			router.With(s.checkSecondFactorRequirement, s.refreshCookie, s.requireBuiltinLogin).
+			router.With(s.checkSecondFactorRequirement, s.refreshCookie).Get(webClientProfilePath,
-				Get(webClientProfilePath, s.handleClientGetProfile)
+				s.handleClientGetProfile)
-			router.With(s.checkSecondFactorRequirement, s.requireBuiltinLogin).
+			router.With(s.checkSecondFactorRequirement).Post(webClientProfilePath, s.handleWebClientProfilePost)
-				Post(webClientProfilePath, s.handleWebClientProfilePost)
 			router.With(s.checkSecondFactorRequirement, s.checkHTTPUserPerm(sdk.WebClientPasswordChangeDisabled)).
 				Get(webChangeClientPwdPath, s.handleWebClientChangePwd)
 			router.With(s.checkSecondFactorRequirement, s.checkHTTPUserPerm(sdk.WebClientPasswordChangeDisabled)).

internal/httpd/webclient.go

@@ -110,7 +110,6 @@ type baseClientPage struct {
 	ProfileTitle string
 	Version      string
 	CSRFToken    string
-	HasExternalLogin bool
 	LoggedUser   *dataprovider.User
 	Branding     UIBranding
 }
@@ -367,7 +366,6 @@ func (s *httpdServer) getBaseClientPageData(title, currentURL string, r *http.Re
 		ProfileTitle: pageClientProfileTitle,
 		Version:      fmt.Sprintf("%v-%v", v.Version, v.CommitHash),
 		CSRFToken:    csrfToken,
-		HasExternalLogin: isLoggedInWithOIDC(r),
 		LoggedUser:   getUserFromToken(r),
 		Branding:     s.binding.Branding.WebClient,
 	}

templates/webclient/base.html

@@ -80,13 +80,11 @@ along with this program.  If not, see <https://www.gnu.org/licenses/>.
                     <span>{{.SharesTitle}}</span></a>
             </li>
             {{end}}
-            {{if not .HasExternalLogin}}
             <li class="nav-item {{if eq .CurrentURL .ProfileURL}}active{{end}}">
                 <a class="nav-link" href="{{.ProfileURL}}">
                     <i class="fas fa-user"></i>
                     <span>{{.ProfileTitle}}</span></a>
             </li>
-            {{end}}
             {{if .LoggedUser.CanManageMFA}}
             <li class="nav-item {{if eq .CurrentURL .MFAURL}}active{{end}}">
                 <a class="nav-link" href="{{.MFAURL}}">