Update the UPDATE_EMAIL feature to rely on the user profile configuration when rendering templates and validating the email
Closes #25704 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
This commit is contained in:
parent
c2e41b0eeb
commit
ceb085e7b8
12 changed files with 202 additions and 40 deletions
|
@ -79,6 +79,7 @@ on the user profile configuration set to a realm:
|
|||
|
||||
* `login-update-profile.ftl`
|
||||
* `register.ftl`
|
||||
* `update-email.ftl`
|
||||
|
||||
For more details, see link:{upgradingguide_link}[{upgradingguide_name}].
|
||||
|
||||
|
|
|
@ -78,9 +78,10 @@ on the user profile configuration set to a realm:
|
|||
|
||||
* `login-update-profile.ftl`
|
||||
* `register.ftl`
|
||||
* `update-email.ftl`
|
||||
|
||||
These templates are responsible for rendering both update profile (when the `Update Profile` required action is enabled to a user)
|
||||
and registration pages, respectively.
|
||||
These templates are responsible for rendering the update profile (when the `Update Profile` required action is enabled to a user),
|
||||
the registration, and the update email (when the `UPDATE_EMAIL` feature is enabled) pages, respectively.
|
||||
|
||||
If you use a custom theme to change these templates, they will function as expect because only the content is updated.
|
||||
However, we recommend you to take a look at how to configure a link:{adminguide_link}#user-profile[{declarative user profile}] and possibly avoid
|
||||
|
|
|
@ -20,10 +20,14 @@
|
|||
package org.keycloak.userprofile;
|
||||
|
||||
import java.util.Set;
|
||||
import java.util.function.Predicate;
|
||||
|
||||
import static org.keycloak.userprofile.UserProfileConstants.ROLE_ADMIN;
|
||||
import static org.keycloak.userprofile.UserProfileConstants.ROLE_USER;
|
||||
|
||||
import org.keycloak.models.UserModel;
|
||||
import org.keycloak.utils.StringUtil;
|
||||
|
||||
/**
|
||||
* <p>This interface represents the different contexts from where user profiles are managed. The core contexts are already
|
||||
* available here representing the different areas in Keycloak where user profiles are managed.
|
||||
|
@ -62,17 +66,24 @@ public enum UserProfileContext {
|
|||
|
||||
/**
|
||||
* In this context, a user profile is managed by themselves when updating their email through an application initiated action.
|
||||
* In this context, only the {@link UserModel#EMAIL} attribute is supported.
|
||||
*/
|
||||
UPDATE_EMAIL(false, true, false);
|
||||
UPDATE_EMAIL(false, true, false, Set.of(UserModel.EMAIL)::contains);
|
||||
|
||||
private final boolean resetEmailVerified;
|
||||
private final Predicate<String> attributeSelector;
|
||||
private final boolean adminContext;
|
||||
private final boolean authFlowContext;
|
||||
|
||||
UserProfileContext(boolean adminContext, boolean authFlowContext, boolean resetEmailVerified){
|
||||
UserProfileContext(boolean adminContext, boolean authFlowContext, boolean resetEmailVerified, Predicate<String> attributeSelector){
|
||||
this.adminContext = adminContext;
|
||||
this.authFlowContext = authFlowContext;
|
||||
this.resetEmailVerified = resetEmailVerified;
|
||||
this.attributeSelector = attributeSelector;
|
||||
}
|
||||
|
||||
UserProfileContext(boolean adminContext, boolean authFlowContext, boolean resetEmailVerified){
|
||||
this(adminContext, authFlowContext, resetEmailVerified, StringUtil::isNotBlank);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -112,4 +123,7 @@ public enum UserProfileContext {
|
|||
return isAdminContext() ? ROLE_ADMIN : ROLE_USER;
|
||||
}
|
||||
|
||||
public boolean isAttributeSupported(String name) {
|
||||
return attributeSelector.test(name);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -164,6 +164,8 @@ public class FreeMarkerLoginFormsProvider implements LoginFormsProvider {
|
|||
page = LoginFormsPages.LOGIN_UPDATE_PROFILE;
|
||||
break;
|
||||
case UPDATE_EMAIL:
|
||||
UpdateProfileContext updateEmailContext = new UserUpdateProfileContext(realm,user);
|
||||
attributes.put("user",new ProfileBean(updateEmailContext,formData));
|
||||
actionMessage = Messages.UPDATE_EMAIL;
|
||||
page = LoginFormsPages.UPDATE_EMAIL;
|
||||
break;
|
||||
|
@ -245,7 +247,10 @@ public class FreeMarkerLoginFormsProvider implements LoginFormsProvider {
|
|||
attributes.put("user", new ProfileBean(userCtx, formData));
|
||||
break;
|
||||
case UPDATE_EMAIL:
|
||||
attributes.put("email", new EmailBean(user, formData));
|
||||
EmailBean emailBean = new EmailBean(user, formData, session);
|
||||
attributes.put("profile", emailBean);
|
||||
// only for backward compatibility but should be removed once declarative user profile is supported
|
||||
attributes.put("email", emailBean);
|
||||
break;
|
||||
case LOGIN_IDP_LINK_CONFIRM:
|
||||
case LOGIN_IDP_LINK_EMAIL:
|
||||
|
|
|
@ -16,20 +16,40 @@
|
|||
*/
|
||||
package org.keycloak.forms.login.freemarker.model;
|
||||
|
||||
import jakarta.ws.rs.core.MultivaluedMap;
|
||||
import org.keycloak.models.UserModel;
|
||||
import java.util.stream.Stream;
|
||||
|
||||
public class EmailBean {
|
||||
import jakarta.ws.rs.core.MultivaluedMap;
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.models.UserModel;
|
||||
import org.keycloak.userprofile.UserProfile;
|
||||
import org.keycloak.userprofile.UserProfileContext;
|
||||
import org.keycloak.userprofile.UserProfileProvider;
|
||||
|
||||
public class EmailBean extends AbstractUserProfileBean {
|
||||
|
||||
private final UserModel user;
|
||||
private final MultivaluedMap<String, String> formData;
|
||||
|
||||
public EmailBean(UserModel user, MultivaluedMap<String, String> formData) {
|
||||
public EmailBean(UserModel user, MultivaluedMap<String, String> formData, KeycloakSession session) {
|
||||
super(formData);
|
||||
this.user = user;
|
||||
this.formData = formData;
|
||||
init(session, false);
|
||||
}
|
||||
|
||||
public String getValue() {
|
||||
return formData != null ? formData.getFirst("email") : user.getEmail();
|
||||
}
|
||||
|
||||
@Override
|
||||
protected UserProfile createUserProfile(UserProfileProvider provider) {
|
||||
return provider.create(UserProfileContext.UPDATE_EMAIL, user);
|
||||
}
|
||||
|
||||
@Override
|
||||
protected Stream<String> getAttributeDefaultValues(String name) {
|
||||
return user.getAttributeStream(name);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getContext() {
|
||||
return UserProfileContext.UPDATE_PROFILE.name();
|
||||
}
|
||||
}
|
||||
|
|
|
@ -137,7 +137,14 @@ public class DeclarativeUserProfileProvider implements UserProfileProvider {
|
|||
}
|
||||
|
||||
private UserProfile createUserProfile(UserProfileContext context, Map<String, ?> attributes, UserModel user) {
|
||||
UserProfileMetadata metadata = configureUserProfile(contextualMetadataRegistry.get(context), session);
|
||||
UserProfileMetadata defaultMetadata = contextualMetadataRegistry.get(context);
|
||||
|
||||
if (defaultMetadata == null) {
|
||||
// some contexts (and their metadata) are available enabled when the corresponding feature is enabled
|
||||
throw new RuntimeException("No metadata is bound to the " + context + " context");
|
||||
}
|
||||
|
||||
UserProfileMetadata metadata = configureUserProfile(defaultMetadata, session);
|
||||
Attributes profileAttributes = createAttributes(context, attributes, user, metadata);
|
||||
return new DefaultUserProfile(metadata, profileAttributes, createUserFactory(), user, session);
|
||||
}
|
||||
|
@ -266,10 +273,7 @@ public class DeclarativeUserProfileProvider implements UserProfileProvider {
|
|||
protected UserProfileMetadata decorateUserProfileForCache(UserProfileMetadata decoratedMetadata, UPConfig parsedConfig) {
|
||||
UserProfileContext context = decoratedMetadata.getContext();
|
||||
|
||||
// do not change config for UPDATE_EMAIL context, validations are already set and do not need including anything else from the configuration
|
||||
if (parsedConfig == null
|
||||
|| context == UserProfileContext.UPDATE_EMAIL
|
||||
) {
|
||||
if (parsedConfig == null) {
|
||||
return decoratedMetadata;
|
||||
}
|
||||
|
||||
|
@ -278,6 +282,13 @@ public class DeclarativeUserProfileProvider implements UserProfileProvider {
|
|||
|
||||
for (UPAttribute attrConfig : parsedConfig.getAttributes()) {
|
||||
String attributeName = attrConfig.getName();
|
||||
|
||||
if (!context.isAttributeSupported(attributeName)) {
|
||||
// attributes not supported by the context are ignored
|
||||
// for instance, only support email attribute when at the UPDATE_EMAIL context
|
||||
continue;
|
||||
}
|
||||
|
||||
List<AttributeValidatorMetadata> validators = new ArrayList<>();
|
||||
Map<String, Map<String, Object>> validationsConfig = attrConfig.getValidations();
|
||||
|
||||
|
|
|
@ -214,7 +214,7 @@ public class DeclarativeUserProfileProviderFactory implements UserProfileProvide
|
|||
addContextualProfileMetadata(configureUserProfile(createAccountProfile(ACCOUNT, readOnlyValidator)));
|
||||
addContextualProfileMetadata(configureUserProfile(createDefaultProfile(UPDATE_PROFILE, readOnlyValidator)));
|
||||
if (Profile.isFeatureEnabled(Profile.Feature.UPDATE_EMAIL)) {
|
||||
addContextualProfileMetadata(configureUserProfile(createDefaultProfile(UPDATE_EMAIL, readOnlyValidator)));
|
||||
addContextualProfileMetadata(configureUserProfile(createUpdateEmailProfile(UPDATE_EMAIL, readOnlyValidator)));
|
||||
}
|
||||
addContextualProfileMetadata(configureUserProfile(createRegistrationUserCreationProfile(readOnlyValidator)));
|
||||
addContextualProfileMetadata(configureUserProfile(createUserResourceValidation(config)));
|
||||
|
@ -400,6 +400,31 @@ public class DeclarativeUserProfileProviderFactory implements UserProfileProvide
|
|||
return metadata;
|
||||
}
|
||||
|
||||
private UserProfileMetadata createUpdateEmailProfile(UserProfileContext context, AttributeValidatorMetadata readOnlyValidator) {
|
||||
UserProfileMetadata metadata = new UserProfileMetadata(context);
|
||||
|
||||
metadata.addAttribute(UserModel.EMAIL, -1,
|
||||
DeclarativeUserProfileProviderFactory::editEmailCondition,
|
||||
DeclarativeUserProfileProviderFactory::readEmailCondition,
|
||||
new AttributeValidatorMetadata(BlankAttributeValidator.ID, BlankAttributeValidator.createConfig(Messages.MISSING_EMAIL, false)),
|
||||
new AttributeValidatorMetadata(DuplicateEmailValidator.ID),
|
||||
new AttributeValidatorMetadata(EmailExistsAsUsernameValidator.ID),
|
||||
new AttributeValidatorMetadata(EmailValidator.ID, ValidatorConfig.builder().config(EmailValidator.IGNORE_EMPTY_VALUE, true).build()))
|
||||
.setAttributeDisplayName("${email}");
|
||||
|
||||
List<AttributeValidatorMetadata> readonlyValidators = new ArrayList<>();
|
||||
|
||||
readonlyValidators.add(createReadOnlyAttributeUnchangedValidator(readOnlyAttributesPattern));
|
||||
|
||||
if (readOnlyValidator != null) {
|
||||
readonlyValidators.add(readOnlyValidator);
|
||||
}
|
||||
|
||||
metadata.addAttribute(READ_ONLY_ATTRIBUTE_KEY, 1000, readonlyValidators);
|
||||
|
||||
return metadata;
|
||||
}
|
||||
|
||||
private UserProfileMetadata createUserResourceValidation(Config.Scope config) {
|
||||
Pattern p = getRegexPatternString(config.getArray(CONFIG_ADMIN_READ_ONLY_ATTRIBUTES));
|
||||
UserProfileMetadata metadata = new UserProfileMetadata(USER_API);
|
||||
|
|
|
@ -128,7 +128,7 @@ public abstract class AbstractAppInitiatedActionUpdateEmailTest extends Abstract
|
|||
emailUpdatePage.changeEmail("");
|
||||
emailUpdatePage.assertCurrent();
|
||||
|
||||
Assert.assertEquals("Please specify email.", emailUpdatePage.getEmailError());
|
||||
Assert.assertTrue(emailUpdatePage.getEmailError().contains("Please specify email."));
|
||||
|
||||
UserRepresentation user = ActionUtil.findUserWithAdminClient(adminClient, "test-user@localhost");
|
||||
Assert.assertEquals("test-user@localhost", user.getEmail());
|
||||
|
|
|
@ -132,7 +132,7 @@ public abstract class AbstractRequiredActionUpdateEmailTest extends AbstractTest
|
|||
// assert that form holds submitted values during validation error
|
||||
Assert.assertEquals("", updateEmailPage.getEmail());
|
||||
|
||||
Assert.assertEquals("Please specify email.", updateEmailPage.getEmailInputError());
|
||||
Assert.assertTrue(updateEmailPage.getEmailInputError().contains("Please specify email."));
|
||||
|
||||
events.assertEmpty();
|
||||
}
|
||||
|
|
|
@ -16,10 +16,27 @@
|
|||
*/
|
||||
package org.keycloak.testsuite.actions;
|
||||
|
||||
import static org.junit.Assert.assertFalse;
|
||||
import static org.junit.Assert.assertTrue;
|
||||
import static org.keycloak.userprofile.UserProfileConstants.ROLE_USER;
|
||||
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import org.junit.Test;
|
||||
import org.keycloak.admin.client.resource.UserProfileResource;
|
||||
import org.keycloak.common.Profile;
|
||||
import org.keycloak.events.Details;
|
||||
import org.keycloak.events.EventType;
|
||||
import org.keycloak.models.UserModel;
|
||||
import org.keycloak.representations.idm.RealmRepresentation;
|
||||
import org.keycloak.representations.userprofile.config.UPAttribute;
|
||||
import org.keycloak.representations.userprofile.config.UPAttributePermissions;
|
||||
import org.keycloak.representations.userprofile.config.UPAttributeRequired;
|
||||
import org.keycloak.representations.userprofile.config.UPConfig;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.forms.VerifyProfileTest;
|
||||
import org.keycloak.validate.validators.LengthValidator;
|
||||
|
||||
@EnableFeature(Profile.Feature.DECLARATIVE_USER_PROFILE)
|
||||
public class AppInitiatedActionUpdateEmailUserProfileTest extends AppInitiatedActionUpdateEmailTest {
|
||||
|
@ -29,4 +46,44 @@ public class AppInitiatedActionUpdateEmailUserProfileTest extends AppInitiatedAc
|
|||
super.configureTestRealm(testRealm);
|
||||
VerifyProfileTest.enableDynamicUserProfile(testRealm);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testCustomEmailValidator() throws Exception {
|
||||
UserProfileResource userProfile = testRealm().users().userProfile();
|
||||
UPConfig upConfig = userProfile.getConfiguration();
|
||||
UPAttribute emailConfig = upConfig.getAttribute(UserModel.EMAIL);
|
||||
emailConfig.addValidation(LengthValidator.ID, Map.of("min", "1", "max", "1"));
|
||||
getCleanup().addCleanup(() -> {
|
||||
emailConfig.getValidations().remove(LengthValidator.ID);
|
||||
userProfile.update(upConfig);
|
||||
});
|
||||
userProfile.update(upConfig);
|
||||
|
||||
changeEmailUsingAIA("new@email.com");
|
||||
assertTrue(emailUpdatePage.getEmailError().contains("Length must be between 1 and 1."));
|
||||
|
||||
emailConfig.getValidations().remove(LengthValidator.ID);
|
||||
userProfile.update(upConfig);
|
||||
changeEmailUsingAIA("new@email.com");
|
||||
events.expect(EventType.UPDATE_EMAIL).detail(Details.PREVIOUS_EMAIL, "test-user@localhost")
|
||||
.detail(Details.UPDATED_EMAIL, "new@email.com").assertEvent();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testOnlyEmailSupportedInContext() throws Exception {
|
||||
UserProfileResource userProfile = testRealm().users().userProfile();
|
||||
UPConfig upConfig = userProfile.getConfiguration();
|
||||
String unexpectedAttributeName = "unexpectedAttribute";
|
||||
upConfig.addOrReplaceAttribute(new UPAttribute(unexpectedAttributeName, new UPAttributePermissions(Set.of(), Set.of(ROLE_USER)), new UPAttributeRequired(Set.of(ROLE_USER), Set.of())));
|
||||
getCleanup().addCleanup(() -> {
|
||||
upConfig.removeAttribute(unexpectedAttributeName);
|
||||
userProfile.update(upConfig);
|
||||
});
|
||||
userProfile.update(upConfig);
|
||||
|
||||
assertFalse(driver.getPageSource().contains(unexpectedAttributeName));
|
||||
changeEmailUsingAIA("new@email.com");
|
||||
events.expect(EventType.UPDATE_EMAIL).detail(Details.PREVIOUS_EMAIL, "test-user@localhost")
|
||||
.detail(Details.UPDATED_EMAIL, "new@email.com").assertEvent();
|
||||
}
|
||||
}
|
||||
|
|
|
@ -47,6 +47,7 @@ import org.junit.Assert;
|
|||
import org.junit.ClassRule;
|
||||
import org.junit.Test;
|
||||
import org.keycloak.admin.client.resource.RealmResource;
|
||||
import org.keycloak.common.Profile.Feature;
|
||||
import org.keycloak.component.ComponentModel;
|
||||
import org.keycloak.component.ComponentValidationException;
|
||||
import org.keycloak.models.Constants;
|
||||
|
@ -61,6 +62,7 @@ import org.keycloak.representations.idm.UserRepresentation;
|
|||
import org.keycloak.representations.userprofile.config.UPConfig.UnmanagedAttributePolicy;
|
||||
import org.keycloak.representations.userprofile.config.UPGroup;
|
||||
import org.keycloak.services.messages.Messages;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
|
||||
import org.keycloak.testsuite.arquillian.annotation.ModelTest;
|
||||
import org.keycloak.testsuite.runonserver.RunOnServer;
|
||||
import org.keycloak.testsuite.util.LDAPRule;
|
||||
|
@ -75,6 +77,7 @@ import org.keycloak.testsuite.util.ClientScopeBuilder;
|
|||
import org.keycloak.testsuite.util.KeycloakModelUtils;
|
||||
import org.keycloak.userprofile.Attributes;
|
||||
import org.keycloak.userprofile.UserProfile;
|
||||
import org.keycloak.userprofile.UserProfileConstants;
|
||||
import org.keycloak.userprofile.UserProfileContext;
|
||||
import org.keycloak.userprofile.UserProfileProvider;
|
||||
import org.keycloak.userprofile.ValidationException;
|
||||
|
@ -1860,4 +1863,44 @@ public class UserProfileTest extends AbstractUserProfileTest {
|
|||
assertEquals(attributes.get(UserModel.USERNAME).toLowerCase(), profileAttributes.getFirst(UserModel.USERNAME));
|
||||
assertEquals(attributes.get(UserModel.EMAIL).toLowerCase(), profileAttributes.getFirst(UserModel.EMAIL));
|
||||
}
|
||||
|
||||
@EnableFeature(Feature.UPDATE_EMAIL)
|
||||
@Test
|
||||
public void testEmailAttributeInUpdateEmailContext() {
|
||||
getTestingClient().server(TEST_REALM_NAME).run((RunOnServer) UserProfileTest::testEmailAttributeInUpdateEmailContext);
|
||||
}
|
||||
|
||||
private static void testEmailAttributeInUpdateEmailContext(KeycloakSession session) {
|
||||
UserProfileProvider provider = getUserProfileProvider(session);
|
||||
String userName = org.keycloak.models.utils.KeycloakModelUtils.generateId();
|
||||
Map<String, String> attributes = new HashMap<>();
|
||||
|
||||
attributes.put(UserModel.USERNAME, userName);
|
||||
attributes.put(UserModel.EMAIL, userName + "@keycloak.org");
|
||||
attributes.put(UserModel.FIRST_NAME, "Joe");
|
||||
attributes.put(UserModel.LAST_NAME, "Doe");
|
||||
|
||||
UserProfile profile = provider.create(UserProfileContext.USER_API, attributes);
|
||||
UserModel user = profile.create();
|
||||
|
||||
profile = provider.create(UserProfileContext.UPDATE_EMAIL, user);
|
||||
containsInAnyOrder(profile.getAttributes().nameSet(), UserModel.EMAIL);
|
||||
|
||||
UPConfig upConfig = provider.getConfiguration();
|
||||
upConfig.addOrReplaceAttribute(new UPAttribute("foo", new UPAttributePermissions(Set.of(), Set.of(UserProfileConstants.ROLE_USER)), new UPAttributeRequired(Set.of(UserProfileConstants.ROLE_USER), Set.of())));
|
||||
provider.setConfiguration(upConfig);
|
||||
profile = provider.create(UserProfileContext.UPDATE_EMAIL, attributes, user);
|
||||
profile.update();
|
||||
|
||||
upConfig = provider.getConfiguration();
|
||||
upConfig.getAttribute(UserModel.EMAIL).getValidations().put(LengthValidator.ID, Map.of("min", "1", "max", "2"));
|
||||
provider.setConfiguration(upConfig);
|
||||
profile = provider.create(UserProfileContext.UPDATE_EMAIL, attributes, user);
|
||||
try {
|
||||
profile.update();
|
||||
} catch (ValidationException ve) {
|
||||
assertTrue(ve.isAttributeOnError(UserModel.EMAIL));
|
||||
assertTrue(ve.hasError(LengthValidator.MESSAGE_INVALID_LENGTH));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,27 +1,12 @@
|
|||
<#import "template.ftl" as layout>
|
||||
<#import "password-commons.ftl" as passwordCommons>
|
||||
<@layout.registrationLayout displayMessage=!messagesPerField.existsError('email'); section>
|
||||
<#import "user-profile-commons.ftl" as userProfileCommons>
|
||||
<@layout.registrationLayout displayMessage=messagesPerField.exists('global') displayRequiredFields=true; section>
|
||||
<#if section = "header">
|
||||
${msg("updateEmailTitle")}
|
||||
<#elseif section = "form">
|
||||
<form id="kc-update-email-form" class="${properties.kcFormClass!}" action="${url.loginAction}" method="post">
|
||||
<div class="${properties.kcFormGroupClass!}">
|
||||
<div class="${properties.kcLabelWrapperClass!}">
|
||||
<label for="email" class="${properties.kcLabelClass!}">${msg("email")}</label>
|
||||
</div>
|
||||
<div class="${properties.kcInputWrapperClass!}">
|
||||
<input type="text" id="email" name="email" value="${(email.value!'')}"
|
||||
class="${properties.kcInputClass!}"
|
||||
aria-invalid="<#if messagesPerField.existsError('email')>true</#if>"
|
||||
/>
|
||||
|
||||
<#if messagesPerField.existsError('email')>
|
||||
<span id="input-error-email" class="${properties.kcInputErrorMessageClass!}" aria-live="polite">
|
||||
${kcSanitize(messagesPerField.get('email'))?no_esc}
|
||||
</span>
|
||||
</#if>
|
||||
</div>
|
||||
</div>
|
||||
<@userProfileCommons.userProfileFormFields/>
|
||||
|
||||
<div class="${properties.kcFormGroupClass!}">
|
||||
<div id="kc-form-options" class="${properties.kcFormOptionsClass!}">
|
||||
|
|
Loading…
Reference in a new issue