Security feature toggle inconsistency for project-level shares when set to "required" in global settings
Description
Ensure that when a security feature is set to "required" in Global Settings, basic users creating shares at the project level cannot toggle this feature off.
Currently, the UI incorrectly allows users to attempt disabling the security feature, which causes confusion as the system appears to save the share without it, although the feature remains active.
Steps to reproduce
Set a specific security feature to "required" in Global Settings.
Log in as a basic user and attempt to create a share at the project level.
Observe that the security feature toggle appears available for the user to disable.
Save the share and check if the security feature remains active.
Expected behavior
The security feature toggle should be disabled for users when set to "required" in Global Settings.
Basic users should not have the option to disable the security feature.
The UI should clearly reflect the "required" status of the security feature, preventing user confusion.
@Mariusz Szymański
I do not see how we could fix password and expiration datetime.
But we can “fix” SSO and selected users.
1. SSO required on project config, SSO disabled on share → SSO enabled
2. SSO disabled on project config, SSO enabled on share → SSO disabled
3. Share with users required on project config, Share with users on on share is empty → Share with users required on project config
4. We ignore selected users/domains on share level that are not in project config.
@Krzysztof Bogdan
Password required - not set on share
Expiration required or Custom - not set on share
SSO required - not set on share
SSO disabled - set on share
Share with users required - not set on share
Share with users required - one or more emails or domains on share are outside of what is configured in parent config
@Mariusz Szymański
Yea. I am thinking about some documentation when we will “fix” share and when page will fail to render.
What are other cases when share wont work except password case?
@Krzysztof Bogdan For example, if password is required by parent config and share config does not have password set, the link will be invalid. That’s how we agreed this task.
@Mariusz Szymański Can you give example when security config is not aligned and share will show error page?
I think we should try to render page based on project-level config, ignoring share-level config.
From now on user may set any security config regardless of parent configuration. However, they will receive warning message if selected option is against the parent config. Shares with security config not align with parent open with error page.
Hello [~accountid:],
Task is ready for review.
@Mariusz Szymański please make sure reviewer
have easy access to contend to be reviewed.
If this is code change. Please make sure PR is created.
If this is new documentation, blogpost, etc. Please provide link to page.