Skip to content

feat: add custom error message on signups disabled page #11959

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 17 commits into from
Feb 1, 2024
Merged

feat: add custom error message on signups disabled page #11959

merged 17 commits into from
Feb 1, 2024

Conversation

mtojek
Copy link
Member

@mtojek mtojek commented Jan 31, 2024
edited
Loading

Fixes: #11679

Once Coder administrators sets this custom error message:

export CODER_OIDC_SIGNUPS_DISABLED_TEXT='**Coder** is in early access mode. To request access, fill out this [form](https://internal.form.com).'

It will be rendered as follows:
Screenshot 2024-02-01 at 13 00 45

@mtojek mtojek self-assigned this Jan 31, 2024
@mtojek mtojek changed the title feat: custom error message on signups disabled page feat: add custom error message on signups disabled page Jan 31, 2024
@mtojek mtojek requested review from matifali and bpmct January 31, 2024 15:26
@mtojek mtojek marked this pull request as ready for review January 31, 2024 15:26
@matifali
Copy link
Member

Thanks @mtojek. I think having a minimal markdown that can render links or make them clickable should be done.

@mtojek
Copy link
Member Author

mtojek commented Feb 1, 2024

Alright, I'm going to expand it!

@mtojek
Copy link
Member Author

mtojek commented Feb 1, 2024
edited
Loading

@matifali Ok, please let me know your thoughts! Markdown can be rendered now.

@mtojek mtojek requested a review from johnstcn February 1, 2024 12:15
johnstcn
johnstcn reviewed Feb 1, 2024
View reviewed changes
Copy link
Member

@johnstcn johnstcn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The only possible concern here is a bad actor injecting malicious HTML into the page. However in order to do this they have to get access to modify Coder's deployment values, and if this is the case then the deployment should already be considered compromised.

However, it's no harm to add some tests to validate that basic code injection is handled properly.

@mtojek mtojek merged commit ad8e0db into main Feb 1, 2024
@mtojek mtojek deleted the 11679-custom-error-page branch February 1, 2024 17:01
@github-actions github-actions bot locked and limited conversation to collaborators Feb 1, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@johnstcn johnstcn johnstcn approved these changes

@matifali matifali matifali approved these changes

@bpmct bpmct Awaiting requested review from bpmct

Assignees

@mtojek mtojek

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Customizable error page, when OIDC signup is disabled.
3 participants
@mtojek @matifali @johnstcn