feat(baserow): add one-time SSO warning JavaScript

- Introduced a generic sso_warning.js.j2 template under templates/roles/web-app/templates/javascripts/ - Included this template in web-app-baserow/templates/javascript.js.j2 - Added new variable js_application_name in roles/web-app-baserow/vars/main.yml to make the warning application-specific - Implemented cookie-based logic so the warning is only shown once per user (default: 365 days) Reference: https://chatgpt.com/share/68aecdae-82d0-800f-b05e-f2cb680664f1
2025-08-29 23:08:06 +02:00 · 2025-08-27 11:19:59 +02:00
parent 35206aaafd
commit d9980c0d8f
4 changed files with 45 additions and 8 deletions
--- a/roles/web-app-baserow/config/main.yml
+++ b/roles/web-app-baserow/config/main.yml
@@ -4,6 +4,7 @@ features:
  desktop:          true
  central_database: true
  logout:           true
+  javascript:       true
 docker:
  services:
    redis:
--- a/roles/web-app-baserow/templates/javascript.js.j2
+++ b/roles/web-app-baserow/templates/javascript.js.j2
@@ -0,0 +1 @@
+{% include 'templates/roles/web-app/templates/javascripts/sso_warning.js.j2' %}
--- a/roles/web-app-baserow/vars/main.yml
+++ b/roles/web-app-baserow/vars/main.yml
@@ -1,11 +1,12 @@
 # General
-application_id:     "web-app-baserow"
-database_password:  "{{ applications | get_app_conf(application_id, 'credentials.database_password') }}"
-database_type:      "postgres"
+application_id:       "web-app-baserow"
+database_password:    "{{ applications | get_app_conf(application_id, 'credentials.database_password') }}"
+database_type:        "postgres"
+js_application_name:  "Baserow"

 # Baserow
-BASEROW_PUBLIC_URL: "{{ domains | get_url(application_id, WEB_PROTOCOL) }}"
-BASEROW_VERSION:    "{{ applications | get_app_conf(application_id, 'docker.services.baserow.version') }}"
-BASEROW_IMAGE:      "{{ applications | get_app_conf(application_id, 'docker.services.baserow.image') }}"
-BASEROW_CONTAINER:  "{{ applications | get_app_conf(application_id, 'docker.services.baserow.name') }}"
-BASEROW_VOLUME:     "{{ applications | get_app_conf(application_id, 'docker.volumes.data') }}"
+BASEROW_PUBLIC_URL:   "{{ domains | get_url(application_id, WEB_PROTOCOL) }}"
+BASEROW_VERSION:      "{{ applications | get_app_conf(application_id, 'docker.services.baserow.version') }}"
+BASEROW_IMAGE:        "{{ applications | get_app_conf(application_id, 'docker.services.baserow.image') }}"
+BASEROW_CONTAINER:    "{{ applications | get_app_conf(application_id, 'docker.services.baserow.name') }}"
+BASEROW_VOLUME:       "{{ applications | get_app_conf(application_id, 'docker.volumes.data') }}"
--- a/templates/roles/web-app/templates/javascripts/sso_warning.js.j2
+++ b/templates/roles/web-app/templates/javascripts/sso_warning.js.j2
@@ -0,0 +1,34 @@
+// Jinja2 variable for the application name
+const appName = "{{ js_application_name }}";
+const cookieName = appName + "SSONoticeShown";
+
+// Function to set a cookie with expiration (in days)
+function setCookie(name, value, days) {
+    const d = new Date();
+    d.setTime(d.getTime() + (days*24*60*60*1000));
+    const expires = "expires="+ d.toUTCString();
+    document.cookie = name + "=" + value + ";" + expires + ";path=/";
+}
+
+// Function to read a cookie
+function getCookie(name) {
+    const cname = name + "=";
+    const decodedCookie = decodeURIComponent(document.cookie);
+    const ca = decodedCookie.split(';');
+    for(let i = 0; i < ca.length; i++) {
+        let c = ca[i].trim();
+        if (c.indexOf(cname) === 0) {
+            return c.substring(cname.length, c.length);
+        }
+    }
+    return "";
+}
+
+// Main logic: show notice only once
+window.addEventListener("DOMContentLoaded", function() {
+    if (!getCookie(cookieName)) {
+        alert("Notice: " + appName + " is not integrated into the SSO. Login is not possible.");
+        // Set cookie for 365 days
+        setCookie(cookieName, "true", 365);
+    }
+});
				`@@ -0,0 +1 @@`
				`{% include 'templates/roles/web-app/templates/javascripts/sso_warning.js.j2' %}`