Remove user controlled method execution from connected_accounts controller, add Okta unlinking functionality [SCI-9220] (#6135)

app/controllers/users/settings/account/connected_accounts_controller.rb

@@ -9,20 +9,15 @@ module Users
         end
 
         def destroy
-          settings = ApplicationSettings.instance
+          user_identity = current_user.user_identities.find_by(provider: params[:provider])
-          if settings.values['azure_ad_apps']&.find { |v| v['provider_name'] == params[:provider] }
+          if user_identity.blank?
-            provider = params[:provider]
+            flash.now[:error] = t('users.settings.account.connected_accounts.errors.not_found')
-          else
-            flash[:error] = t('users.settings.account.connected_accounts.errors.not_found')
             return
           end
-          ActiveRecord::Base.transaction do
+          user_identity.destroy!
-            __send__("#{provider}_pre_destroy".to_sym) if respond_to?("#{provider}_pre_destroy".to_sym, true)
+          flash.now[:success] = t('users.settings.account.connected_accounts.unlink_success')
-            current_user.user_identities.where(provider: provider).take&.destroy!
-          end
-          flash[:success] = t('users.settings.account.connected_accounts.unlink_success')
         rescue StandardError
-          flash[:error] ||= t('users.settings.account.connected_accounts.errors.generic')
+          flash.now[:error] ||= t('users.settings.account.connected_accounts.errors.generic')
         ensure
           @linked_accounts = current_user.user_identities.pluck(:provider)
           render :index

app/views/users/settings/account/connected_accounts/_okta.html.erb

@@ -0,0 +1,24 @@
+<div class="panel panel-default">
+  <div class="panel-body">
+    <div class="col-xs-8 col-sm-9 col-md-9 col-lg-9">
+      <strong><%= t('users.settings.account.connected_accounts.okta.title') %></strong> <br>
+        <p><%= t('users.settings.account.connected_accounts.okta.connect_hint') %></p>
+    </div>
+    <div class="pull-right">
+      <div>
+        <strong>
+          <%= t('users.settings.account.connected_accounts.okta.connected') %>
+          <span class="sn-icon sn-icon-check" aria-hidden="true"></span>
+        </strong>
+      </div>
+      <div>
+        <%= link_to t('users.settings.account.connected_accounts.okta.unlink_button'),
+                    '#unlinkOktaModal',
+                    class: 'btn btn-danger',
+                    data: { toggle: 'modal'} %>
+      </div>
+    </div>
+  </div>
+</div>
+
+<%= render partial: 'users/settings/account/connected_accounts/unlink_modals/okta_modal', locals: { provider: provider } %>

app/views/users/settings/account/connected_accounts/index.html.erb

@@ -10,13 +10,10 @@
         <h1 class="connected-accounts-title"><%= t('users.settings.account.connected_accounts.title') %></h1>
         <% if @linked_accounts.present? %>
           <% @linked_accounts.each do |provider| %>
-            <% settings = ApplicationSettings.instance %>
+            <% if lookup_context.exists?(provider, 'users/settings/account/connected_accounts', true) %>
-            <% if provider == 'giot_connect' || settings.values['azure_ad_apps']&.find { |v| v['provider_name'] == provider } %>
+              <%= render partial: provider, locals: { provider: provider } %>
-              <% if lookup_context.exists?(provider, 'users/settings/account/connected_accounts', true) %>
+            <% elsif ApplicationSettings.instance.values['azure_ad_apps']&.find { |v| v['provider_name'] == provider } %>
-                <%= render partial: provider %>
+              <%= render partial: 'azure_ad', locals: { provider: provider } %>
-              <% else %>
-                <%= render partial: 'azure_ad', locals: { provider: provider } %>
-              <% end %>
             <% end %>
           <% end %>
         <% else %>

app/views/users/settings/account/connected_accounts/unlink_modals/_okta_modal.html.erb

@@ -0,0 +1,23 @@
+<div class="modal fade" id="unlinkOktaModal" tabindex="-1" role="dialog">
+  <div class="modal-dialog" role="document">
+    <div class="modal-content">
+      <div class="modal-header">
+        <button type="button" class="close" data-dismiss="modal" aria-label="<%= t('general.close') %>">
+          <span aria-hidden="true">&times;</span>
+        </button>
+        <h4 class="modal-title" >
+          <%= t('users.settings.account.connected_accounts.okta.unlink_modal.title') %>
+        </h4>
+      </div>
+      <div class="modal-body">
+          <p><%= t('users.settings.account.connected_accounts.okta.unlink_modal.description_1') %></p>
+      </div>
+      <div class="modal-footer">
+        <%= form_tag(unlink_connected_account_path, method: :delete) do %>
+          <%= hidden_field_tag :provider, provider %>
+          <%= submit_tag t('users.settings.account.connected_accounts.okta.unlink_modal.submit_button'), class: 'btn btn-danger' %>
+        <% end %>
+      </div>
+    </div>
+  </div>
+</div>

config/locales/en.yml

@@ -2547,6 +2547,15 @@ en:
               title: "Unlink Azure AD account?"
               description_1: "Are you sure you would like unlink Azure AD and SciNote accounts?"
               submit_button: "Submit"
+          okta:
+            title: "Your Okta Account"
+            connect_hint: "Allows you to sign in with your Okta account."
+            connected: "Connected"
+            unlink_button: "Unlink"
+            unlink_modal:
+              title: "Unlink Okta account?"
+              description_1: "Are you sure you would like unlink Okta and SciNote accounts?"
+              submit_button: "Submit"
           errors:
             not_found: "You have no Connected accounts for this provider"
             generic: "Unable to unlink linked account"