…idc users (#5127)
Currently we can only send a welcome email to oidc users who have
already logged in once. For manually provisionned oidc users, we can't.
This PR aims to solve this issue
---------
Co-authored-by: Antoine <antoinelabarussias@gmail.com>
- ~~Adds `fontawesome` icons to the portal and integrates them into the
existing `icon` component. Use just like the heroicons except prefixed
`fa-`.~~ Edit: removed these because I don't think it's worth the
increased bundle size. Just going to inline the icons we need instead.
- Fixes#3041
- Fixes#5072
As I was taking screenshots of the new policy conditions feature I
realized it would be quick and easy to add icons corresponding to the
titles to continue the theme of adding visual hints to break up the
text-heavy sections.
It also looks nice in the screenshots for the blog post and newsletter
posts.
<img width="669" alt="Screenshot 2024-06-21 at 10 00 14 AM"
src="https://github.com/firezone/firezone/assets/167144/61d5d61d-4d4c-4f6f-b325-dbcb81c2c9b7">
You still can generate a link that will inject a text as long as it has
`@` in it - there is no good ways to validate emails other than just
check for that. The only *reliable* ways to fix that is to either remove
that text (making users more confused) or only show it if identity was
found (leaking the fact of it's existence).
Fixes#5270
- Relaxes the `NOT NULL` constraint because in Clients we already
account for empty address descriptions (by showing the address in its
place if missing). We may want to simply hide the Resource altogether if
the description is missing (based on user feedback). With a blank field,
we can differentiate between not entered vs entered an address.
- Updates help text a bit
```[tasklist]
- [x] Update docs with examples
```
<img width="772" alt="Screenshot 2024-06-06 at 12 01 48 PM"
src="https://github.com/firezone/firezone/assets/167144/523aa0ff-f30d-44cb-bb3c-5d5cda7236e6">
---------
Signed-off-by: Jamil <jamilbk@users.noreply.github.com>
For oidc users, `provider_identifier` is an id and not the email of the
user.
Contributed by @Intuinewin
---------
Co-authored-by: Antoine <antoinelabarussias@gmail.com>
Why:
* JumpCloud directory sync was requested from customers. JumpCloud only
offers the ability to use it's API with an admin level access token that
is tied to a specific user within a given JumpCloud account. This would
require Firezone customers to give an access token with much more
permissions that needed for our directory sync. To avoid this, we've
decide to use WorkOS to provide SCIM support between JumpCloud and
WorkOS, which will allow Firezone to then easily and safely retrieve
JumpCloud directory info from WorkOS.
---------
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
- Fixes policy creation when `policy_conditions` is disabled
- Updates design so that items are a little more aligned and text has
more / consistent spacing around.
https://github.com/firezone/firezone/assets/167144/b9c29110-ae1c-4841-b999-a0da022f4a38
Test is failing though. Before sinking more time into this I wanted to
open this PR to get @AndrewDryga's input.
- Ensure IP address appears on newline always
- Dedicate 3/12 width for table columns that can contain IPv6 addresses
- Removes the `(IP)` parentheses because that makes it hard to
copy/paste the IP
Fixes#4992
Why:
* The new flow for creating an identity provider in Firezone allows the
user to not have to worry what features their plan has enabled. It will
allow the user to select which identity provider they use and will take
them to the appropriate form depending on the features they have enabled
on their plan.
## Screenshots
### Selecting an identity provider
<img width="937" alt="Screenshot 2024-05-14 at 11 53 17 AM"
src="https://github.com/firezone/firezone/assets/2646332/31337ad9-13c8-43a2-942c-adb0a951167c">
### New OIDC form when a custom provider is selected but IDP sync is not
enabled for account
<img width="903" alt="Screenshot 2024-05-14 at 11 54 58 AM"
src="https://github.com/firezone/firezone/assets/2646332/2e18d788-60c3-4fad-b749-351559a24aca">
Why:
I've been on two live support calls now where the user didn't realize
the simply clicking the "Add" button didn't save the Group memberships
form, so they were confused why their user wasn't in the group, and why
their client couldn't access the Resources they were trying to access.
- The color of the "Add/Remove" buttons are changed to make the Save
button at the bottom stand out a little more.
- Tidies up a couple other minor issues found while implementing this.
# Before
<img width="910" alt="Screenshot 2024-05-11 at 6 26 23 PM"
src="https://github.com/firezone/firezone/assets/167144/d2bdba74-6dba-4904-a13b-faeba3e0b0d0">
# After
<img width="902" alt="Screenshot 2024-05-11 at 6 25 15 PM"
src="https://github.com/firezone/firezone/assets/167144/2adf937c-4dd0-4d51-a7d3-a73e764e3493">
- Makes the group badges a little easier on the eyes, and reduces their
size to improve layout flow a bit. Allows to more quickly identity
provider adapters at-a-glance.
- Fix group badge wrapping so that long group names don't flow into the
next table cell
Fixes#4905
<img width="1209" alt="Screenshot 2024-05-10 at 7 24 59 AM"
src="https://github.com/firezone/firezone/assets/167144/fba4190a-af0a-464a-b3b1-9e98505c59fb">
- Updates buttons in tables to size `xs` so they are a bit easier on the
eyes and fixes#4938
- Makes "Save" button placement consistent
- Reduces count of Actors list in `Edit actors` for group page because
it pushes the `Save` button below the fold and it was confusing some
users because it wasn't obvious they needed to save the selection.
