Custom login base domain using GUI whitelabel themes#13412
Conversation
|
@blueorangutan package |
|
@hsato03 a [SL] Jenkins job has been kicked to build packages. It will be bundled with no SystemVM templates. I'll keep you posted as I make progress. |
Codecov Report❌ Patch coverage is Additional details and impacted files@@ Coverage Diff @@
## main #13412 +/- ##
============================================
- Coverage 18.94% 18.94% -0.01%
Complexity 18366 18366
============================================
Files 6192 6192
Lines 556361 556395 +34
Branches 67908 67909 +1
============================================
+ Hits 105407 105410 +3
- Misses 439383 439412 +29
- Partials 11571 11573 +2
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Harness. 🚀 New features to boost your workflow:
|
|
Packaging result [SF]: ✔️ el8 ✔️ el9 ✔️ el10 ✖️ debian ✔️ suse15. SL-JID 18245 |
|
This pull request has merge conflicts. Dear author, please fix the conflicts and sync your branch with the base branch. |
|
Packaging result [SF]: ✔️ el8 ✔️ el9 ✔️ el10 ✔️ debian ✔️ suse15. SL-JID 18407 |
|
@blueorangutan test |
|
@winterhazel @weizhouapache , is testing for this planned somehow, or should we postpone? |
|
@DaanHoogland I will test this one. We can include it in 4.23 |
winterhazel
left a comment
There was a problem hiding this comment.
The code looks good. Also tested manually:
- I created domains
d1andd1/d2 - I created a theme for
http://d1.local/withd1as theloginbasedomain(admin) 🐱 > create guitheme name=d1 css="@import url('http://192.168.10.1/test-theme.css')" loginbasedomain="d1" commonnames="d1.local" ispublic=true { "guiThemes": { "commonnames": "d1.local", "created": "2026-07-01T23:22:35-0300", "css": "@import url('http://192.168.10.1/test-theme.css')", "id": "b4be7e7b-1732-469d-bfb2-b12c1cecf10c", "ispublic": true, "loginbasedomain": "d1", "name": "d1", "recursivedomains": false } }
- I verified that, when accessing the portal through
http://d1.local/, I could log into accounts fromd1without having to enter the domain. - I verified that, when accessing the portal through http://d1.local/,, I could log into accounts from
d1/d2by enteringd2as the domain. - I verified that it was still possible to login in root and subdomains when accessing via a URL that does not have any associated theme.
Tonitzpp
left a comment
There was a problem hiding this comment.
CLGTM, tests that I made:
- I created 2 domains: d1 and d1/d1d1;
- I created a theme with d1 as the
loginbasedomain:
🐱 > create guitheme name=theme css="@import url('https://arquivos.scclouds.com.br/css-themes/scclouds-theme.css')" loginbasedomain="d1" commonnames="d1.local" ispublic=true
{
"guiThemes": {
"commonnames": "d1.local",
"created": "2026-07-02T11:31:51+0000",
"css": "@import url('https://arquivos.scclouds.com.br/css-themes/scclouds-theme.css')",
"id": "11dd27d7-41d0-4e60-9754-d57a8b2b891c",
"ispublic": true,
"loginbasedomain": "d1",
"name": "theme",
"recursivedomains": false
}
}
- I verified that, when accessing the GUI through
d1.local, I could log into accounts from d1 without having to enter the domain. - I verified that, when accessing the GUI through
d1.local, I could log into accounts from d1/d1d1 by entering d1d1 as the domain. - When accessing the GUI using the URL that does not have any associated theme, I verified that it was necessary to enter the domain to access a d1 account.
- When accessing the GUI using the URL that does not have any associated theme, I verified that it was still possible to login in root and subdomains.
Description
When logging in via the ACS GUI, if the user does not belong to the
ROOTdomain, its full domain path must be specified.With that, the GUI whitelabel runtime system has been extended with the
loginBaseDomainparameter, which allows administrators to specify a base domain for a theme, enabling users to log in without specifying the domain or by providing the domain relative path.For example, when creating a theme specifying the
/domain1/domain as the base, instead of the user typing/domain1/domain2when logging in, they will only need to providedomain2.Furthermore, the new parameter only works with the
commonNamesparameter.Types of changes
Feature/Enhancement Scale or Bug Severity
Feature/Enhancement Scale
Bug Severity
Screenshots (if appropriate):
How Has This Been Tested?
d1;loginBaseDomainbeingd1;d1.localURL, I verified that it was not necessary to specify the domain to access ad1account;d1account.How did you try to break this feature and the system with this change?