implement validation

src/server/routes/admin.js

@@ -1100,6 +1100,8 @@ module.exports = function(crowi, app) {
   actions.api.securityPassportSamlSetting = async(req, res) => {
     const form = req.form.settingForm;
 
+    crowi.passportService.validateSAMLSettingForm(req.form);
+
     if (!req.form.isValid) {
       return res.json({status: false, message: req.form.errors.join('\n')});
     }

src/server/service/passport.js

@@ -53,6 +53,15 @@ class PassportService {
      * the flag whether serializer/deserializer are set up successfully
      */
     this.isSerializerSetup = false;
+
+    this.requiredSAMLConfigKeys = [
+      'security:passport-saml:isEnabled',
+      'security:passport-saml:entryPoint',
+      'security:passport-saml:issuer',
+      'security:passport-saml:attrMapId',
+      'security:passport-saml:attrMapUsername',
+      'security:passport-saml:attrMapMail'
+    ];
   }
 
   /**
@@ -467,6 +476,25 @@ class PassportService {
     this.isSamlStrategySetup = false;
   }
 
+  getSAMLMissingRequiredConfigs() {
+    const missingRequireds = [];
+    for (const key of this.requiredSAMLConfigKeys) {
+      if (this.crowi.configManager.getConfig('crowi', key) === null) {
+        missingRequireds.push(key);
+      }
+    }
+    return missingRequireds;
+  }
+
+  validateSAMLSettingForm(form) {
+    for (const key of this.requiredSAMLConfigKeys) {
+      const formValue = form.settingForm[key];
+      if (this.crowi.configManager.getConfigFromEnvVars('crowi', key) === null && formValue === '') {
+        form.errors.push(`${key} is required`);
+      }
+    }
+  }
+
   /**
    * setup serializer and deserializer
    *

src/server/util/swigFunctions.js

@@ -114,6 +114,10 @@ module.exports = function(crowi, app, req, locals) {
     return locals.isEnabledPassport() && config.crowi['security:passport-saml:isEnabled'];
   };
 
+  locals.getSAMLMissingRequireds = function() {
+    return crowi.passportService.getSAMLMissingRequiredConfigs();
+  };
+
   locals.googleLoginEnabled = function() {
     // return false if Passport is enabled
     // because official crowi mechanism is not used.

src/server/views/admin/widget/passport/saml.html

@@ -52,6 +52,18 @@
 
   <fieldset id="passport-saml-hide-when-disabled" {%if !isSamlEnabled %}style="display: none;"{% endif %}>
 
+    {% set missingRequiredConfigs = getSAMLMissingRequireds() %}
+    {% if isSamlEnabled && missingRequiredConfigs.length !== 0 %}
+    <div class="alert alert-danger">
+      Currently, the following mandatory items are not set in either database nor environment variables.
+      <ul>
+        {% for missingRequiredConfig in missingRequiredConfigs %}
+        <li>{{ missingRequiredConfig }}</li>
+        {% endfor %}
+      </ul>
+    </div>
+    {% endif %}
+
     <h4>Basic Settings</h4>
     <table class="table authentication-settings-table {% if useOnlyEnvVars %}use-only-env-vars{% endif %}">
       <colgroup>