Fixes #4434 - Use third-party application name in automatic linking notifications.

app/models/authorization.rb

@@ -131,9 +131,32 @@ class Authorization < ApplicationModel
       user:     user,
       objects:  {
         user:     user,
-        provider: provider,
+        provider: provider_name(provider),
       }
     )
   end
 
+  def provider_name(provider)
+    return saml_display_name(provider) if provider == 'saml'
+
+    provider_title(provider)
+  end
+
+  # In case of SAML authentication provider, there is a separate display name setting that may be defined.
+  def saml_display_name(provider)
+    begin
+      Setting.get('auth_saml_credentials')['display_name']
+    rescue
+      provider_title(provider)
+    end
+  end
+
+  def provider_title(provider)
+    begin
+      Setting.find_by(name: "auth_#{provider}").preferences['title_i18n'].shift
+    rescue
+      provider
+    end
+  end
+
 end

app/views/mailer/user_auth_provider/de.html.erb

@@ -2,7 +2,7 @@
 
 <div>Hallo #{user.fullname},</div>
 <br>
-<div>es sieht aus, als ob Sie ihr Konto <b>mit einer Drittanbieter-Anwendung</b> "#{provider}" verknüpft haben.</div>
+<div>es sieht aus, als ob Sie ihr Konto <b>mit einer Drittanbieter-Anwendung</b> "#{t(provider)}" verknüpft haben.</div>
 <br>
 <div>Wenn dies nicht Sie waren, dann entfernen Sie bitte das verknüpfte Konto aus Ihrem Profil und ändern Ihr Passwort in der Drittanbieter-Anwendung. Jemand könnte unberechtigten Zugriff auf Ihr Konto in der Drittanbieter-Anwendung bekommen haben.</div>
 <br>

app/views/mailer/user_auth_provider/en.html.erb

@@ -2,7 +2,7 @@
 
 <div>Hi #{user.firstname},</div>
 <br>
-<div>It looks like you linked your account <b>with a third-party application</b> "#{provider}".</div>
+<div>It looks like you linked your account <b>with a third-party application</b> "#{t(provider)}".</div>
 <br>
 <div>If this wasn't you, please remove the linked account from your profile and change your third-party application password. Somebody might have gained unauthorized access to your account on the third-party service.</div>
 <br>

app/views/mailer/user_auth_provider/sr-latn-rs.html.erb

@@ -2,7 +2,7 @@
 
 <div>Zdravo #{user.firstname},</div>
 <br>
-<div>Izgleda da ste povezali vaš nalog <b>sa aplikacijom trećeg lica</b> „#{provider}”.</div>
+<div>Izgleda da ste povezali vaš nalog <b>sa aplikacijom trećeg lica</b> „#{t(provider)}”.</div>
 <br>
 <div>Ukoliko ovo niste bili vi, molimo uklonite povezani nalog iz vašeg profila i promenite vašu lozinku u aplikaciji trećeg lica. Postoji mogućnost da je neko neovlašćeno pristupio vašem nalogu na servisu trećeg lica.</div>
 <br>

app/views/mailer/user_auth_provider/sr.html.erb

@@ -2,7 +2,7 @@
 
 <div>Здраво #{user.firstname},</div>
 <br>
-<div>Изгледа да сте повезали ваш налог <b>са апликацијом трећег лица</b> „#{provider}”.</div>
+<div>Изгледа да сте повезали ваш налог <b>са апликацијом трећег лица</b> „#{t(provider)}”.</div>
 <br>
 <div>Уколико ово нисте били ви, молимо уклоните повезани налог из вашег профила и промените вашу лозинку у апликацији трећег лица. Постоји могућност да је неко неовлашћено приступио вашем налогу на сервису трећег лица.</div>
 <br>

db/migrate/20221220095750_issue_4434_github_rename.rb

@@ -0,0 +1,14 @@
+# Copyright (C) 2012-2022 Zammad Foundation, https://zammad-foundation.org/
+
+class Issue4434GitHubRename < ActiveRecord::Migration[6.1]
+  def change
+    # return if it's a new setup
+    return if !Setting.exists?(name: 'system_init_done')
+
+    setting = Setting.find_by name: 'auth_github'
+
+    setting.preferences[:title_i18n][0] = 'GitHub'
+    setting.preferences[:description_i18n][0] = 'GitHub'
+    setting.save!
+  end
+end

db/seeds/settings.rb

@@ -1185,8 +1185,8 @@ Setting.create_if_not_exists(
   area:        'Security::Authentication',
   description: __('Enables user authentication via %s.'),
   preferences: {
-    title_i18n:       ['internal database'],
-    description_i18n: ['internal database'],
+    title_i18n:       [__('internal database')],
+    description_i18n: [__('internal database')],
     permission:       ['admin.security'],
   },
   state:       {
@@ -1201,8 +1201,8 @@ Setting.create_if_not_exists(
   area:        'Security::Authentication',
   description: __('Enables user authentication via %s.'),
   preferences: {
-    title_i18n:       ['developer password'],
-    description_i18n: ['developer password'],
+    title_i18n:       [__('developer password')],
+    description_i18n: [__('developer password')],
     permission:       ['admin.security'],
   },
   state:       {
@@ -1217,8 +1217,8 @@ Setting.create_if_not_exists(
   area:        'Security::Authentication',
   description: __('Enables user authentication via %s.'),
   preferences: {
-    title_i18n:       ['LDAP'],
-    description_i18n: ['LDAP'],
+    title_i18n:       [__('LDAP')],
+    description_i18n: [__('LDAP')],
     permission:       ['admin.security'],
   },
   state:       {
@@ -1316,8 +1316,8 @@ Setting.create_if_not_exists(
   preferences: {
     controller:       'SettingsAreaSwitch',
     sub:              ['auth_twitter_credentials'],
-    title_i18n:       ['Twitter'],
-    description_i18n: ['Twitter', 'Twitter Developer Site', 'https://dev.twitter.com/apps'], # rubocop:disable Zammad/DetectTranslatableString
+    title_i18n:       [__('Twitter')],
+    description_i18n: [__('Twitter'), __('Twitter Developer Site'), 'https://dev.twitter.com/apps'],
     permission:       ['admin.security'],
   },
   state:       false,
@@ -1379,8 +1379,8 @@ Setting.create_if_not_exists(
   preferences: {
     controller:       'SettingsAreaSwitch',
     sub:              ['auth_facebook_credentials'],
-    title_i18n:       ['Facebook'],
-    description_i18n: ['Facebook', 'Facebook Developer Site', 'https://developers.facebook.com/apps/'], # rubocop:disable Zammad/DetectTranslatableString
+    title_i18n:       [__('Facebook')],
+    description_i18n: [__('Facebook'), __('Facebook Developer Site'), 'https://developers.facebook.com/apps/'],
     permission:       ['admin.security'],
   },
   state:       false,
@@ -1444,8 +1444,8 @@ Setting.create_if_not_exists(
   preferences: {
     controller:       'SettingsAreaSwitch',
     sub:              ['auth_google_oauth2_credentials'],
-    title_i18n:       ['Google'],
-    description_i18n: ['Google', 'Google API Console Site', 'https://console.cloud.google.com/apis/credentials'], # rubocop:disable Zammad/DetectTranslatableString
+    title_i18n:       [__('Google')],
+    description_i18n: [__('Google'), __('Google API Console Site'), 'https://console.cloud.google.com/apis/credentials'],
     permission:       ['admin.security'],
   },
   state:       false,
@@ -1508,8 +1508,8 @@ Setting.create_if_not_exists(
   preferences: {
     controller:       'SettingsAreaSwitch',
     sub:              ['auth_linkedin_credentials'],
-    title_i18n:       ['LinkedIn'],
-    description_i18n: ['LinkedIn', 'LinkedIn Developer Site', 'https://www.linkedin.com/developer/apps'], # rubocop:disable Zammad/DetectTranslatableString
+    title_i18n:       [__('LinkedIn')],
+    description_i18n: [__('LinkedIn'), __('LinkedIn Developer Site'), 'https://www.linkedin.com/developer/apps'],
     permission:       ['admin.security'],
   },
   state:       false,
@@ -1572,8 +1572,8 @@ Setting.create_if_not_exists(
   preferences: {
     controller:       'SettingsAreaSwitch',
     sub:              ['auth_github_credentials'],
-    title_i18n:       ['Github'],
-    description_i18n: ['Github', 'GitHub OAuth Applications', 'https://github.com/settings/applications'], # rubocop:disable Zammad/DetectTranslatableString
+    title_i18n:       [__('GitHub')],
+    description_i18n: [__('GitHub'), __('GitHub OAuth Applications'), 'https://github.com/settings/applications'],
     permission:       ['admin.security'],
   },
   state:       false,
@@ -1636,8 +1636,8 @@ Setting.create_if_not_exists(
   preferences: {
     controller:       'SettingsAreaSwitch',
     sub:              ['auth_gitlab_credentials'],
-    title_i18n:       ['GitLab'],
-    description_i18n: ['GitLab', 'GitLab Applications', 'https://your-gitlab-host/admin/applications'], # rubocop:disable Zammad/DetectTranslatableString
+    title_i18n:       [__('GitLab')],
+    description_i18n: [__('GitLab'), __('GitLab Applications'), 'https://your-gitlab-host/admin/applications'],
     permission:       ['admin.security'],
   },
   state:       false,
@@ -1707,8 +1707,8 @@ Setting.create_if_not_exists(
   preferences: {
     controller:       'SettingsAreaSwitch',
     sub:              ['auth_microsoft_office365_credentials'],
-    title_i18n:       ['Microsoft'],
-    description_i18n: ['Microsoft', __('Microsoft Application Registration Portal'), 'https://portal.azure.com'],
+    title_i18n:       [__('Microsoft')],
+    description_i18n: [__('Microsoft'), __('Microsoft Application Registration Portal'), 'https://portal.azure.com'],
     permission:       ['admin.security'],
   },
   state:       false,
@@ -1777,8 +1777,8 @@ Setting.create_if_not_exists(
   preferences: {
     controller:       'SettingsAreaSwitch',
     sub:              ['auth_weibo_credentials'],
-    title_i18n:       ['Weibo'],
-    description_i18n: ['Sina Weibo', 'Sina Weibo Open Portal', 'http://open.weibo.com'], # rubocop:disable Zammad/DetectTranslatableString
+    title_i18n:       [__('Weibo')],
+    description_i18n: [__('Sina Weibo'), __('Sina Weibo Open Portal'), 'http://open.weibo.com'],
     permission:       ['admin.security'],
   },
   state:       false,
@@ -1840,8 +1840,8 @@ Setting.create_if_not_exists(
   preferences: {
     controller:       'SettingsAreaSwitch',
     sub:              ['auth_saml_credentials'],
-    title_i18n:       ['SAML'],
-    description_i18n: ['SAML'],
+    title_i18n:       [__('SAML')],
+    description_i18n: [__('SAML')],
     permission:       ['admin.security'],
   },
   state:       false,
@@ -5082,8 +5082,8 @@ Setting.create_if_not_exists(
   preferences: {
     controller:       'SettingsAreaSwitch',
     sub:              {},
-    title_i18n:       ['SSO'],
-    description_i18n: ['SSO'],
+    title_i18n:       [__('SSO')],
+    description_i18n: [__('SSO')],
     permission:       ['admin.security'],
   },
   state:       false,

i18n/zammad.pot

@@ -83,7 +83,7 @@ msgstr ""
 #. This is the template file app/views/mailer/user_auth_provider/en.html.erb in ERB/HTML format.
 #. Please make sure to translate it to a valid corresponding output structure.
 #: app/views/mailer/user_auth_provider/en.html.erb
-msgid "#{config.product_name} account linked with a third-party application\n\n<div>Hi #{user.firstname},</div>\n<br>\n<div>It looks like you linked your account <b>with a third-party application</b> \"#{provider}\".</div>\n<br>\n<div>If this wasn't you, please remove the linked account from your profile and change your third-party application password. Somebody might have gained unauthorized access to your account on the third-party service.</div>\n<br>\n<div>Your #{config.product_name} Team</div>\n"
+msgid "#{config.product_name} account linked with a third-party application\n\n<div>Hi #{user.firstname},</div>\n<br>\n<div>It looks like you linked your account <b>with a third-party application</b> \"#{t(provider)}\".</div>\n<br>\n<div>If this wasn't you, please remove the linked account from your profile and change your third-party application password. Somebody might have gained unauthorized access to your account on the third-party service.</div>\n<br>\n<div>Your #{config.product_name} Team</div>\n"
 msgstr ""
 
 #. This is the template file app/views/mailer/user_device_new_location/en.html.erb in ERB/HTML format.
@@ -4546,6 +4546,7 @@ msgstr ""
 #: app/assets/javascripts/app/views/facebook/index.jst.eco
 #: app/assets/javascripts/app/views/facebook/list.jst.eco
 #: app/controllers/first_steps_controller.rb
+#: db/seeds/settings.rb
 msgid "Facebook"
 msgstr ""
 
@@ -4565,6 +4566,10 @@ msgstr ""
 msgid "Facebook App Secret"
 msgstr ""
 
+#: db/seeds/settings.rb
+msgid "Facebook Developer Site"
+msgstr ""
+
 #: app/assets/javascripts/app/views/data_privacy/index.jst.eco
 msgid "Failed Tasks"
 msgstr ""
@@ -4959,6 +4964,7 @@ msgstr ""
 
 #: app/assets/javascripts/app/controllers/_integration/github.coffee
 #: app/assets/javascripts/app/controllers/_profile/linked_accounts.coffee
+#: db/seeds/settings.rb
 msgid "GitHub"
 msgstr ""
 
@@ -4966,6 +4972,10 @@ msgstr ""
 msgid "GitHub App Credentials"
 msgstr ""
 
+#: db/seeds/settings.rb
+msgid "GitHub OAuth Applications"
+msgstr ""
+
 #: db/seeds/settings.rb
 msgid "GitHub config"
 msgstr ""
@@ -4980,6 +4990,7 @@ msgstr ""
 
 #: app/assets/javascripts/app/controllers/_integration/gitlab.coffee
 #: app/assets/javascripts/app/controllers/_profile/linked_accounts.coffee
+#: db/seeds/settings.rb
 msgid "GitLab"
 msgstr ""
 
@@ -4987,6 +4998,10 @@ msgstr ""
 msgid "GitLab App Credentials"
 msgstr ""
 
+#: db/seeds/settings.rb
+msgid "GitLab Applications"
+msgstr ""
+
 #: db/seeds/settings.rb
 msgid "GitLab config"
 msgstr ""
@@ -5033,9 +5048,14 @@ msgstr ""
 
 #: app/assets/javascripts/app/controllers/_channel/google.coffee
 #: app/assets/javascripts/app/controllers/_profile/linked_accounts.coffee
+#: db/seeds/settings.rb
 msgid "Google"
 msgstr ""
 
+#: db/seeds/settings.rb
+msgid "Google API Console Site"
+msgstr ""
+
 #: db/seeds/settings.rb
 msgid "Google App Credentials"
 msgstr ""
@@ -6012,6 +6032,7 @@ msgstr ""
 #: app/assets/javascripts/app/controllers/_integration/ldap.coffee
 #: app/assets/javascripts/app/views/integration/ldap.jst.eco
 #: app/assets/javascripts/app/views/integration/ldap_wizard.jst.eco
+#: db/seeds/settings.rb
 msgid "LDAP"
 msgstr ""
 
@@ -6207,6 +6228,7 @@ msgid "Linked Tickets"
 msgstr ""
 
 #: app/assets/javascripts/app/controllers/_profile/linked_accounts.coffee
+#: db/seeds/settings.rb
 msgid "LinkedIn"
 msgstr ""
 
@@ -6214,6 +6236,10 @@ msgstr ""
 msgid "LinkedIn App Credentials"
 msgstr ""
 
+#: db/seeds/settings.rb
+msgid "LinkedIn Developer Site"
+msgstr ""
+
 #: app/assets/javascripts/app/views/link/ticket/list.jst.eco
 msgid "Links"
 msgstr ""
@@ -6559,6 +6585,7 @@ msgid "Method (AJAX endpoint)"
 msgstr ""
 
 #: app/assets/javascripts/app/controllers/_profile/linked_accounts.coffee
+#: db/seeds/settings.rb
 msgid "Microsoft"
 msgstr ""
 
@@ -8707,6 +8734,7 @@ msgid "SSL/STARTTLS"
 msgstr ""
 
 #: app/assets/javascripts/app/controllers/_profile/linked_accounts.coffee
+#: db/seeds/settings.rb
 msgid "SSO"
 msgstr ""
 
@@ -9348,6 +9376,14 @@ msgstr ""
 msgid "Simple Line Icons"
 msgstr ""
 
+#: db/seeds/settings.rb
+msgid "Sina Weibo"
+msgstr ""
+
+#: db/seeds/settings.rb
+msgid "Sina Weibo Open Portal"
+msgstr ""
+
 #: public/assets/chat/views/customer_timeout.eco
 msgid "Since you didn't respond in the last %s minutes your conversation was closed."
 msgstr ""
@@ -11213,6 +11249,7 @@ msgstr ""
 #: app/assets/javascripts/app/views/twitter/index.jst.eco
 #: app/assets/javascripts/app/views/twitter/list.jst.eco
 #: app/controllers/first_steps_controller.rb
+#: db/seeds/settings.rb
 msgid "Twitter"
 msgstr ""
 
@@ -11256,6 +11293,10 @@ msgstr ""
 msgid "Twitter Dev environment label"
 msgstr ""
 
+#: db/seeds/settings.rb
+msgid "Twitter Developer Site"
+msgstr ""
+
 #: db/seeds/settings.rb
 msgid "Twitter Key"
 msgstr ""
@@ -11954,6 +11995,7 @@ msgid "Week(s)"
 msgstr ""
 
 #: app/assets/javascripts/app/controllers/_profile/linked_accounts.coffee
+#: db/seeds/settings.rb
 msgid "Weibo"
 msgstr ""
 
@@ -12630,6 +12672,10 @@ msgstr ""
 msgid "descending"
 msgstr ""
 
+#: db/seeds/settings.rb
+msgid "developer password"
+msgstr ""
+
 #: app/assets/javascripts/app/views/customer_chat/chat_window.jst.eco
 msgid "disconnect"
 msgstr ""
@@ -12895,6 +12941,10 @@ msgstr ""
 msgid "internal"
 msgstr ""
 
+#: db/seeds/settings.rb
+msgid "internal database"
+msgstr ""
+
 #: app/assets/javascripts/app/controllers/_ui_element/_application_selector.coffee
 #: app/assets/javascripts/app/controllers/_ui_element/core_workflow_condition.coffee
 msgid "is"

spec/models/authorization_spec.rb

@@ -15,9 +15,11 @@ RSpec.describe Authorization, type: :model do
   end
 
   describe 'Account linking notification', sends_notification_emails: true do
-    subject(:authorization) { create(:authorization, user: agent, provider: 'github') }
+    subject(:authorization) { create(:authorization, user: agent, provider: provider) }
 
-    let(:agent) { create(:agent) }
+    let(:agent)         { create(:agent) }
+    let(:provider)      { 'github' }
+    let(:provider_name) { 'GitHub' }
 
     shared_examples 'sending out email notification' do
       it 'sends out an email notification' do
@@ -27,7 +29,7 @@ RSpec.describe Authorization, type: :model do
           sent(
             template: 'user_auth_provider',
             user:     authorization.user,
-            objects:  hash_including({ user: authorization.user, provider: authorization.provider })
+            objects:  hash_including({ user: authorization.user, provider: provider_name })
           )
         end
       end
@@ -41,7 +43,7 @@ RSpec.describe Authorization, type: :model do
           not_sent(
             template: 'user_auth_provider',
             user:     authorization.user,
-            objects:  hash_including({ user: authorization.user, provider: authorization.provider })
+            objects:  hash_including({ user: authorization.user, provider: provider_name })
           )
         end
       end
@@ -67,6 +69,17 @@ RSpec.describe Authorization, type: :model do
 
         it_behaves_like 'not sending out email notification'
       end
+
+      context 'with SAML as the provider' do
+        let(:provider)      { 'saml' }
+        let(:provider_name) { 'Custom Provider' }
+
+        before do
+          Setting.set('auth_saml_credentials', { display_name: provider_name })
+        end
+
+        it_behaves_like 'sending out email notification'
+      end
     end
 
     context 'with setting turned off' do