feat: storage provider's domain initial value bug (#2303)

https://github.com/Selflocking/linkchecker/actions/runs/6058177987

controllers/application.go

@@ -62,13 +62,13 @@ func (c *ApiController) GetApplications() {
 		}
 
 		paginator := pagination.SetPaginator(c.Ctx, limit, count)
-		app, err := object.GetPaginationApplications(owner, paginator.Offset(), limit, field, value, sortField, sortOrder)
+		application, err := object.GetPaginationApplications(owner, paginator.Offset(), limit, field, value, sortField, sortOrder)
 		if err != nil {
 			c.ResponseError(err.Error())
 			return
 		}
 
-		applications := object.GetMaskedApplications(app, userId)
+		applications := object.GetMaskedApplications(application, userId)
 		c.ResponseOk(applications, paginator.Nums())
 	}
 }
@@ -84,13 +84,23 @@ func (c *ApiController) GetApplication() {
 	userId := c.GetSessionUsername()
 	id := c.Input().Get("id")
 
-	app, err := object.GetApplication(id)
+	application, err := object.GetApplication(id)
 	if err != nil {
 		c.ResponseError(err.Error())
 		return
 	}
 
-	c.ResponseOk(object.GetMaskedApplication(app, userId))
+	if c.Input().Get("withKey") != "" && application.Cert != "" {
+		cert, err := object.GetCert(util.GetId(application.Owner, application.Cert))
+		if err != nil {
+			c.ResponseError(err.Error())
+			return
+		}
+
+		application.CertPublicKey = cert.Certificate
+	}
+
+	c.ResponseOk(object.GetMaskedApplication(application, userId))
 }
 
 // GetUserApplication
@@ -164,13 +174,13 @@ func (c *ApiController) GetOrganizationApplications() {
 		}
 
 		paginator := pagination.SetPaginator(c.Ctx, limit, count)
-		app, err := object.GetPaginationOrganizationApplications(owner, organization, paginator.Offset(), limit, field, value, sortField, sortOrder)
+		application, err := object.GetPaginationOrganizationApplications(owner, organization, paginator.Offset(), limit, field, value, sortField, sortOrder)
 		if err != nil {
 			c.ResponseError(err.Error())
 			return
 		}
 
-		applications := object.GetMaskedApplications(app, userId)
+		applications := object.GetMaskedApplications(application, userId)
 		c.ResponseOk(applications, paginator.Nums())
 	}
 }

controllers/cas.go

@@ -35,6 +35,11 @@ const (
 	UnauthorizedService      string = "UNAUTHORIZED_SERVICE"
 )
 
+func queryUnescape(service string) string {
+	s, _ := url.QueryUnescape(service)
+	return s
+}
+
 func (c *RootController) CasValidate() {
 	ticket := c.Input().Get("ticket")
 	service := c.Input().Get("service")
@@ -60,24 +65,25 @@ func (c *RootController) CasServiceValidate() {
 	if !strings.HasPrefix(ticket, "ST") {
 		c.sendCasAuthenticationResponseErr(InvalidTicket, fmt.Sprintf("Ticket %s not recognized", ticket), format)
 	}
-	c.CasP3ServiceAndProxyValidate()
+	c.CasP3ProxyValidate()
 }
 
 func (c *RootController) CasProxyValidate() {
+	// https://apereo.github.io/cas/6.6.x/protocol/CAS-Protocol-Specification.html#26-proxyvalidate-cas-20
+	// "/proxyValidate" should accept both service tickets and proxy tickets.
+	c.CasP3ProxyValidate()
+}
+
+func (c *RootController) CasP3ServiceValidate() {
 	ticket := c.Input().Get("ticket")
 	format := c.Input().Get("format")
-	if !strings.HasPrefix(ticket, "PT") {
+	if !strings.HasPrefix(ticket, "ST") {
 		c.sendCasAuthenticationResponseErr(InvalidTicket, fmt.Sprintf("Ticket %s not recognized", ticket), format)
 	}
-	c.CasP3ServiceAndProxyValidate()
+	c.CasP3ProxyValidate()
 }
 
-func queryUnescape(service string) string {
-	s, _ := url.QueryUnescape(service)
-	return s
-}
-
-func (c *RootController) CasP3ServiceAndProxyValidate() {
+func (c *RootController) CasP3ProxyValidate() {
 	ticket := c.Input().Get("ticket")
 	format := c.Input().Get("format")
 	service := c.Input().Get("service")
@@ -115,15 +121,17 @@ func (c *RootController) CasP3ServiceAndProxyValidate() {
 		pgtiou := serviceResponse.Success.ProxyGrantingTicket
 		// todo: check whether it is https
 		pgtUrlObj, err := url.Parse(pgtUrl)
+		if err != nil {
+			c.sendCasAuthenticationResponseErr(InvalidProxyCallback, err.Error(), format)
+			return
+		}
+
 		if pgtUrlObj.Scheme != "https" {
 			c.sendCasAuthenticationResponseErr(InvalidProxyCallback, "callback is not https", format)
 			return
 		}
+
 		// make a request to pgturl passing pgt and pgtiou
-		if err != nil {
-			c.sendCasAuthenticationResponseErr(InternalError, err.Error(), format)
-			return
-		}
 		param := pgtUrlObj.Query()
 		param.Add("pgtId", pgt)
 		param.Add("pgtIou", pgtiou)
@@ -263,7 +271,6 @@ func (c *RootController) sendCasAuthenticationResponseErr(code, msg, format stri
 			Message: msg,
 		},
 	}
-
 	if format == "json" {
 		c.Data["json"] = serviceResponse
 		c.ServeJSON()

controllers/enforcer.go

@@ -83,7 +83,7 @@ func (c *ApiController) GetEnforcer() {
 		return
 	}
 
-	if loadModelCfg == "true" {
+	if loadModelCfg == "true" && enforcer.Model != "" {
 		err := enforcer.LoadModelCfg()
 		if err != nil {
 			return

controllers/plan.go

@@ -114,7 +114,7 @@ func (c *ApiController) GetPlan() {
 // @router /update-plan [post]
 func (c *ApiController) UpdatePlan() {
 	id := c.Input().Get("id")
-
+	owner := util.GetOwnerFromId(id)
 	var plan object.Plan
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &plan)
 	if err != nil {
@@ -122,19 +122,21 @@ func (c *ApiController) UpdatePlan() {
 		return
 	}
 	if plan.Product != "" {
-		planId := util.GetId(plan.Owner, plan.Product)
-		product, err := object.GetProduct(planId)
+		productId := util.GetId(owner, plan.Product)
+		product, err := object.GetProduct(productId)
 		if err != nil {
 			c.ResponseError(err.Error())
 			return
 		}
+		if product != nil {
 			object.UpdateProductForPlan(&plan, product)
-		_, err = object.UpdateProduct(planId, product)
+			_, err = object.UpdateProduct(productId, product)
 			if err != nil {
 				c.ResponseError(err.Error())
 				return
 			}
 		}
+	}
 	c.Data["json"] = wrapActionResponse(object.UpdatePlan(id, &plan))
 	c.ServeJSON()
 }

controllers/user.go

@@ -258,6 +258,13 @@ func (c *ApiController) UpdateUser() {
 		return
 	}
 
+	if c.Input().Get("allowEmpty") == "" {
+		if user.DisplayName == "" {
+			c.ResponseError(c.T("user:Display name cannot be empty"))
+			return
+		}
+	}
+
 	if msg := object.CheckUpdateUser(oldUser, &user, c.GetAcceptLanguage()); msg != "" {
 		c.ResponseError(msg)
 		return
@@ -441,6 +448,10 @@ func (c *ApiController) SetPassword() {
 	}
 
 	targetUser, err := object.GetUser(userId)
+	if targetUser == nil {
+		c.ResponseError(fmt.Sprintf(c.T("general:The user: %s doesn't exist"), userId))
+		return
+	}
 	if err != nil {
 		c.ResponseError(err.Error())
 		return

i18n/generate_test.go

@@ -38,7 +38,13 @@ func TestGenerateI18nFrontend(t *testing.T) {
 	applyToOtherLanguage("frontend", "tr", data)
 	applyToOtherLanguage("frontend", "ar", data)
 	applyToOtherLanguage("frontend", "he", data)
+	applyToOtherLanguage("frontend", "nl", data)
+	applyToOtherLanguage("frontend", "pl", data)
 	applyToOtherLanguage("frontend", "fi", data)
+	applyToOtherLanguage("frontend", "sv", data)
+	applyToOtherLanguage("frontend", "uk", data)
+	applyToOtherLanguage("frontend", "kk", data)
+	applyToOtherLanguage("frontend", "fa", data)
 }
 
 func TestGenerateI18nBackend(t *testing.T) {
@@ -60,5 +66,11 @@ func TestGenerateI18nBackend(t *testing.T) {
 	applyToOtherLanguage("backend", "tr", data)
 	applyToOtherLanguage("backend", "ar", data)
 	applyToOtherLanguage("backend", "he", data)
+	applyToOtherLanguage("backend", "nl", data)
+	applyToOtherLanguage("backend", "pl", data)
 	applyToOtherLanguage("backend", "fi", data)
+	applyToOtherLanguage("backend", "sv", data)
+	applyToOtherLanguage("backend", "uk", data)
+	applyToOtherLanguage("backend", "kk", data)
+	applyToOtherLanguage("backend", "fa", data)
 }

i18n/locales/fa/data.json

@@ -0,0 +1,142 @@
+{
+  "account": {
+    "Failed to add user": "Failed to add user",
+    "Get init score failed, error: %w": "Get init score failed, error: %w",
+    "Please sign out first": "Please sign out first",
+    "The application does not allow to sign up new account": "The application does not allow to sign up new account"
+  },
+  "auth": {
+    "Challenge method should be S256": "Challenge method should be S256",
+    "Failed to create user, user information is invalid: %s": "Failed to create user, user information is invalid: %s",
+    "Failed to login in: %s": "Failed to login in: %s",
+    "Invalid token": "Invalid token",
+    "State expected: %s, but got: %s": "State expected: %s, but got: %s",
+    "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account via %%s, please use another way to sign up": "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account via %%s, please use another way to sign up",
+    "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support": "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support",
+    "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)": "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)",
+    "The application: %s does not exist": "The application: %s does not exist",
+    "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
+    "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
+    "Unauthorized operation": "Unauthorized operation",
+    "Unknown authentication type (not password or provider), form = %s": "Unknown authentication type (not password or provider), form = %s",
+    "User's tag: %s is not listed in the application's tags": "User's tag: %s is not listed in the application's tags"
+  },
+  "cas": {
+    "Service %s and %s do not match": "Service %s and %s do not match"
+  },
+  "check": {
+    "Affiliation cannot be blank": "Affiliation cannot be blank",
+    "DisplayName cannot be blank": "DisplayName cannot be blank",
+    "DisplayName is not valid real name": "DisplayName is not valid real name",
+    "Email already exists": "Email already exists",
+    "Email cannot be empty": "Email cannot be empty",
+    "Email is invalid": "Email is invalid",
+    "Empty username.": "Empty username.",
+    "FirstName cannot be blank": "FirstName cannot be blank",
+    "LDAP user name or password incorrect": "LDAP user name or password incorrect",
+    "LastName cannot be blank": "LastName cannot be blank",
+    "Multiple accounts with same uid, please check your ldap server": "Multiple accounts with same uid, please check your ldap server",
+    "Organization does not exist": "Organization does not exist",
+    "Password must have at least 6 characters": "Password must have at least 6 characters",
+    "Phone already exists": "Phone already exists",
+    "Phone cannot be empty": "Phone cannot be empty",
+    "Phone number is invalid": "Phone number is invalid",
+    "Session outdated, please login again": "Session outdated, please login again",
+    "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
+    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
+    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "Username already exists": "Username already exists",
+    "Username cannot be an email address": "Username cannot be an email address",
+    "Username cannot contain white spaces": "Username cannot contain white spaces",
+    "Username cannot start with a digit": "Username cannot start with a digit",
+    "Username is too long (maximum is 39 characters).": "Username is too long (maximum is 39 characters).",
+    "Username must have at least 2 characters": "Username must have at least 2 characters",
+    "You have entered the wrong password or code too many times, please wait for %d minutes and try again": "You have entered the wrong password or code too many times, please wait for %d minutes and try again",
+    "Your region is not allow to signup by phone": "Your region is not allow to signup by phone",
+    "password or code is incorrect": "password or code is incorrect",
+    "password or code is incorrect, you have %d remaining chances": "password or code is incorrect, you have %d remaining chances",
+    "unsupported password type: %s": "unsupported password type: %s"
+  },
+  "general": {
+    "Missing parameter": "Missing parameter",
+    "Please login first": "Please login first",
+    "The user: %s doesn't exist": "The user: %s doesn't exist",
+    "don't support captchaProvider: ": "don't support captchaProvider: ",
+    "this operation is not allowed in demo mode": "this operation is not allowed in demo mode"
+  },
+  "ldap": {
+    "Ldap server exist": "Ldap server exist"
+  },
+  "link": {
+    "Please link first": "Please link first",
+    "This application has no providers": "This application has no providers",
+    "This application has no providers of type": "This application has no providers of type",
+    "This provider can't be unlinked": "This provider can't be unlinked",
+    "You are not the global admin, you can't unlink other users": "You are not the global admin, you can't unlink other users",
+    "You can't unlink yourself, you are not a member of any application": "You can't unlink yourself, you are not a member of any application"
+  },
+  "organization": {
+    "Only admin can modify the %s.": "Only admin can modify the %s.",
+    "The %s is immutable.": "The %s is immutable.",
+    "Unknown modify rule %s.": "Unknown modify rule %s."
+  },
+  "provider": {
+    "Invalid application id": "Invalid application id",
+    "the provider: %s does not exist": "the provider: %s does not exist"
+  },
+  "resource": {
+    "User is nil for tag: avatar": "User is nil for tag: avatar",
+    "Username or fullFilePath is empty: username = %s, fullFilePath = %s": "Username or fullFilePath is empty: username = %s, fullFilePath = %s"
+  },
+  "saml": {
+    "Application %s not found": "Application %s not found"
+  },
+  "saml_sp": {
+    "provider %s's category is not SAML": "provider %s's category is not SAML"
+  },
+  "service": {
+    "Empty parameters for emailForm: %v": "Empty parameters for emailForm: %v",
+    "Invalid Email receivers: %s": "Invalid Email receivers: %s",
+    "Invalid phone receivers: %s": "Invalid phone receivers: %s"
+  },
+  "storage": {
+    "The objectKey: %s is not allowed": "The objectKey: %s is not allowed",
+    "The provider type: %s is not supported": "The provider type: %s is not supported"
+  },
+  "token": {
+    "Empty clientId or clientSecret": "Empty clientId or clientSecret",
+    "Grant_type: %s is not supported in this application": "Grant_type: %s is not supported in this application",
+    "Invalid application or wrong clientSecret": "Invalid application or wrong clientSecret",
+    "Invalid client_id": "Invalid client_id",
+    "Redirect URI: %s doesn't exist in the allowed Redirect URI list": "Redirect URI: %s doesn't exist in the allowed Redirect URI list",
+    "Token not found, invalid accessToken": "Token not found, invalid accessToken"
+  },
+  "user": {
+    "Display name cannot be empty": "Display name cannot be empty",
+    "New password cannot contain blank space.": "New password cannot contain blank space."
+  },
+  "user_upload": {
+    "Failed to import users": "Failed to import users"
+  },
+  "util": {
+    "No application is found for userId: %s": "No application is found for userId: %s",
+    "No provider for category: %s is found for application: %s": "No provider for category: %s is found for application: %s",
+    "The provider: %s is not found": "The provider: %s is not found"
+  },
+  "verification": {
+    "Code has not been sent yet!": "Code has not been sent yet!",
+    "Invalid captcha provider.": "Invalid captcha provider.",
+    "Phone number is invalid in your region %s": "Phone number is invalid in your region %s",
+    "Turing test failed.": "Turing test failed.",
+    "Unable to get the email modify rule.": "Unable to get the email modify rule.",
+    "Unable to get the phone modify rule.": "Unable to get the phone modify rule.",
+    "Unknown type": "Unknown type",
+    "Wrong verification code!": "Wrong verification code!",
+    "You should verify your code in %d min!": "You should verify your code in %d min!",
+    "the user does not exist, please sign up first": "the user does not exist, please sign up first"
+  },
+  "webauthn": {
+    "Found no credentials for this user": "Found no credentials for this user",
+    "Please call WebAuthnSigninBegin first": "Please call WebAuthnSigninBegin first"
+  }
+}

i18n/locales/kk/data.json

@@ -0,0 +1,142 @@
+{
+  "account": {
+    "Failed to add user": "Failed to add user",
+    "Get init score failed, error: %w": "Get init score failed, error: %w",
+    "Please sign out first": "Please sign out first",
+    "The application does not allow to sign up new account": "The application does not allow to sign up new account"
+  },
+  "auth": {
+    "Challenge method should be S256": "Challenge method should be S256",
+    "Failed to create user, user information is invalid: %s": "Failed to create user, user information is invalid: %s",
+    "Failed to login in: %s": "Failed to login in: %s",
+    "Invalid token": "Invalid token",
+    "State expected: %s, but got: %s": "State expected: %s, but got: %s",
+    "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account via %%s, please use another way to sign up": "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account via %%s, please use another way to sign up",
+    "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support": "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support",
+    "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)": "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)",
+    "The application: %s does not exist": "The application: %s does not exist",
+    "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
+    "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
+    "Unauthorized operation": "Unauthorized operation",
+    "Unknown authentication type (not password or provider), form = %s": "Unknown authentication type (not password or provider), form = %s",
+    "User's tag: %s is not listed in the application's tags": "User's tag: %s is not listed in the application's tags"
+  },
+  "cas": {
+    "Service %s and %s do not match": "Service %s and %s do not match"
+  },
+  "check": {
+    "Affiliation cannot be blank": "Affiliation cannot be blank",
+    "DisplayName cannot be blank": "DisplayName cannot be blank",
+    "DisplayName is not valid real name": "DisplayName is not valid real name",
+    "Email already exists": "Email already exists",
+    "Email cannot be empty": "Email cannot be empty",
+    "Email is invalid": "Email is invalid",
+    "Empty username.": "Empty username.",
+    "FirstName cannot be blank": "FirstName cannot be blank",
+    "LDAP user name or password incorrect": "LDAP user name or password incorrect",
+    "LastName cannot be blank": "LastName cannot be blank",
+    "Multiple accounts with same uid, please check your ldap server": "Multiple accounts with same uid, please check your ldap server",
+    "Organization does not exist": "Organization does not exist",
+    "Password must have at least 6 characters": "Password must have at least 6 characters",
+    "Phone already exists": "Phone already exists",
+    "Phone cannot be empty": "Phone cannot be empty",
+    "Phone number is invalid": "Phone number is invalid",
+    "Session outdated, please login again": "Session outdated, please login again",
+    "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
+    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
+    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "Username already exists": "Username already exists",
+    "Username cannot be an email address": "Username cannot be an email address",
+    "Username cannot contain white spaces": "Username cannot contain white spaces",
+    "Username cannot start with a digit": "Username cannot start with a digit",
+    "Username is too long (maximum is 39 characters).": "Username is too long (maximum is 39 characters).",
+    "Username must have at least 2 characters": "Username must have at least 2 characters",
+    "You have entered the wrong password or code too many times, please wait for %d minutes and try again": "You have entered the wrong password or code too many times, please wait for %d minutes and try again",
+    "Your region is not allow to signup by phone": "Your region is not allow to signup by phone",
+    "password or code is incorrect": "password or code is incorrect",
+    "password or code is incorrect, you have %d remaining chances": "password or code is incorrect, you have %d remaining chances",
+    "unsupported password type: %s": "unsupported password type: %s"
+  },
+  "general": {
+    "Missing parameter": "Missing parameter",
+    "Please login first": "Please login first",
+    "The user: %s doesn't exist": "The user: %s doesn't exist",
+    "don't support captchaProvider: ": "don't support captchaProvider: ",
+    "this operation is not allowed in demo mode": "this operation is not allowed in demo mode"
+  },
+  "ldap": {
+    "Ldap server exist": "Ldap server exist"
+  },
+  "link": {
+    "Please link first": "Please link first",
+    "This application has no providers": "This application has no providers",
+    "This application has no providers of type": "This application has no providers of type",
+    "This provider can't be unlinked": "This provider can't be unlinked",
+    "You are not the global admin, you can't unlink other users": "You are not the global admin, you can't unlink other users",
+    "You can't unlink yourself, you are not a member of any application": "You can't unlink yourself, you are not a member of any application"
+  },
+  "organization": {
+    "Only admin can modify the %s.": "Only admin can modify the %s.",
+    "The %s is immutable.": "The %s is immutable.",
+    "Unknown modify rule %s.": "Unknown modify rule %s."
+  },
+  "provider": {
+    "Invalid application id": "Invalid application id",
+    "the provider: %s does not exist": "the provider: %s does not exist"
+  },
+  "resource": {
+    "User is nil for tag: avatar": "User is nil for tag: avatar",
+    "Username or fullFilePath is empty: username = %s, fullFilePath = %s": "Username or fullFilePath is empty: username = %s, fullFilePath = %s"
+  },
+  "saml": {
+    "Application %s not found": "Application %s not found"
+  },
+  "saml_sp": {
+    "provider %s's category is not SAML": "provider %s's category is not SAML"
+  },
+  "service": {
+    "Empty parameters for emailForm: %v": "Empty parameters for emailForm: %v",
+    "Invalid Email receivers: %s": "Invalid Email receivers: %s",
+    "Invalid phone receivers: %s": "Invalid phone receivers: %s"
+  },
+  "storage": {
+    "The objectKey: %s is not allowed": "The objectKey: %s is not allowed",
+    "The provider type: %s is not supported": "The provider type: %s is not supported"
+  },
+  "token": {
+    "Empty clientId or clientSecret": "Empty clientId or clientSecret",
+    "Grant_type: %s is not supported in this application": "Grant_type: %s is not supported in this application",
+    "Invalid application or wrong clientSecret": "Invalid application or wrong clientSecret",
+    "Invalid client_id": "Invalid client_id",
+    "Redirect URI: %s doesn't exist in the allowed Redirect URI list": "Redirect URI: %s doesn't exist in the allowed Redirect URI list",
+    "Token not found, invalid accessToken": "Token not found, invalid accessToken"
+  },
+  "user": {
+    "Display name cannot be empty": "Display name cannot be empty",
+    "New password cannot contain blank space.": "New password cannot contain blank space."
+  },
+  "user_upload": {
+    "Failed to import users": "Failed to import users"
+  },
+  "util": {
+    "No application is found for userId: %s": "No application is found for userId: %s",
+    "No provider for category: %s is found for application: %s": "No provider for category: %s is found for application: %s",
+    "The provider: %s is not found": "The provider: %s is not found"
+  },
+  "verification": {
+    "Code has not been sent yet!": "Code has not been sent yet!",
+    "Invalid captcha provider.": "Invalid captcha provider.",
+    "Phone number is invalid in your region %s": "Phone number is invalid in your region %s",
+    "Turing test failed.": "Turing test failed.",
+    "Unable to get the email modify rule.": "Unable to get the email modify rule.",
+    "Unable to get the phone modify rule.": "Unable to get the phone modify rule.",
+    "Unknown type": "Unknown type",
+    "Wrong verification code!": "Wrong verification code!",
+    "You should verify your code in %d min!": "You should verify your code in %d min!",
+    "the user does not exist, please sign up first": "the user does not exist, please sign up first"
+  },
+  "webauthn": {
+    "Found no credentials for this user": "Found no credentials for this user",
+    "Please call WebAuthnSigninBegin first": "Please call WebAuthnSigninBegin first"
+  }
+}

i18n/locales/nl/data.json

@@ -0,0 +1,142 @@
+{
+  "account": {
+    "Failed to add user": "Failed to add user",
+    "Get init score failed, error: %w": "Get init score failed, error: %w",
+    "Please sign out first": "Please sign out first",
+    "The application does not allow to sign up new account": "The application does not allow to sign up new account"
+  },
+  "auth": {
+    "Challenge method should be S256": "Challenge method should be S256",
+    "Failed to create user, user information is invalid: %s": "Failed to create user, user information is invalid: %s",
+    "Failed to login in: %s": "Failed to login in: %s",
+    "Invalid token": "Invalid token",
+    "State expected: %s, but got: %s": "State expected: %s, but got: %s",
+    "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account via %%s, please use another way to sign up": "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account via %%s, please use another way to sign up",
+    "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support": "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support",
+    "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)": "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)",
+    "The application: %s does not exist": "The application: %s does not exist",
+    "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
+    "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
+    "Unauthorized operation": "Unauthorized operation",
+    "Unknown authentication type (not password or provider), form = %s": "Unknown authentication type (not password or provider), form = %s",
+    "User's tag: %s is not listed in the application's tags": "User's tag: %s is not listed in the application's tags"
+  },
+  "cas": {
+    "Service %s and %s do not match": "Service %s and %s do not match"
+  },
+  "check": {
+    "Affiliation cannot be blank": "Affiliation cannot be blank",
+    "DisplayName cannot be blank": "DisplayName cannot be blank",
+    "DisplayName is not valid real name": "DisplayName is not valid real name",
+    "Email already exists": "Email already exists",
+    "Email cannot be empty": "Email cannot be empty",
+    "Email is invalid": "Email is invalid",
+    "Empty username.": "Empty username.",
+    "FirstName cannot be blank": "FirstName cannot be blank",
+    "LDAP user name or password incorrect": "LDAP user name or password incorrect",
+    "LastName cannot be blank": "LastName cannot be blank",
+    "Multiple accounts with same uid, please check your ldap server": "Multiple accounts with same uid, please check your ldap server",
+    "Organization does not exist": "Organization does not exist",
+    "Password must have at least 6 characters": "Password must have at least 6 characters",
+    "Phone already exists": "Phone already exists",
+    "Phone cannot be empty": "Phone cannot be empty",
+    "Phone number is invalid": "Phone number is invalid",
+    "Session outdated, please login again": "Session outdated, please login again",
+    "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
+    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
+    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "Username already exists": "Username already exists",
+    "Username cannot be an email address": "Username cannot be an email address",
+    "Username cannot contain white spaces": "Username cannot contain white spaces",
+    "Username cannot start with a digit": "Username cannot start with a digit",
+    "Username is too long (maximum is 39 characters).": "Username is too long (maximum is 39 characters).",
+    "Username must have at least 2 characters": "Username must have at least 2 characters",
+    "You have entered the wrong password or code too many times, please wait for %d minutes and try again": "You have entered the wrong password or code too many times, please wait for %d minutes and try again",
+    "Your region is not allow to signup by phone": "Your region is not allow to signup by phone",
+    "password or code is incorrect": "password or code is incorrect",
+    "password or code is incorrect, you have %d remaining chances": "password or code is incorrect, you have %d remaining chances",
+    "unsupported password type: %s": "unsupported password type: %s"
+  },
+  "general": {
+    "Missing parameter": "Missing parameter",
+    "Please login first": "Please login first",
+    "The user: %s doesn't exist": "The user: %s doesn't exist",
+    "don't support captchaProvider: ": "don't support captchaProvider: ",
+    "this operation is not allowed in demo mode": "this operation is not allowed in demo mode"
+  },
+  "ldap": {
+    "Ldap server exist": "Ldap server exist"
+  },
+  "link": {
+    "Please link first": "Please link first",
+    "This application has no providers": "This application has no providers",
+    "This application has no providers of type": "This application has no providers of type",
+    "This provider can't be unlinked": "This provider can't be unlinked",
+    "You are not the global admin, you can't unlink other users": "You are not the global admin, you can't unlink other users",
+    "You can't unlink yourself, you are not a member of any application": "You can't unlink yourself, you are not a member of any application"
+  },
+  "organization": {
+    "Only admin can modify the %s.": "Only admin can modify the %s.",
+    "The %s is immutable.": "The %s is immutable.",
+    "Unknown modify rule %s.": "Unknown modify rule %s."
+  },
+  "provider": {
+    "Invalid application id": "Invalid application id",
+    "the provider: %s does not exist": "the provider: %s does not exist"
+  },
+  "resource": {
+    "User is nil for tag: avatar": "User is nil for tag: avatar",
+    "Username or fullFilePath is empty: username = %s, fullFilePath = %s": "Username or fullFilePath is empty: username = %s, fullFilePath = %s"
+  },
+  "saml": {
+    "Application %s not found": "Application %s not found"
+  },
+  "saml_sp": {
+    "provider %s's category is not SAML": "provider %s's category is not SAML"
+  },
+  "service": {
+    "Empty parameters for emailForm: %v": "Empty parameters for emailForm: %v",
+    "Invalid Email receivers: %s": "Invalid Email receivers: %s",
+    "Invalid phone receivers: %s": "Invalid phone receivers: %s"
+  },
+  "storage": {
+    "The objectKey: %s is not allowed": "The objectKey: %s is not allowed",
+    "The provider type: %s is not supported": "The provider type: %s is not supported"
+  },
+  "token": {
+    "Empty clientId or clientSecret": "Empty clientId or clientSecret",
+    "Grant_type: %s is not supported in this application": "Grant_type: %s is not supported in this application",
+    "Invalid application or wrong clientSecret": "Invalid application or wrong clientSecret",
+    "Invalid client_id": "Invalid client_id",
+    "Redirect URI: %s doesn't exist in the allowed Redirect URI list": "Redirect URI: %s doesn't exist in the allowed Redirect URI list",
+    "Token not found, invalid accessToken": "Token not found, invalid accessToken"
+  },
+  "user": {
+    "Display name cannot be empty": "Display name cannot be empty",
+    "New password cannot contain blank space.": "New password cannot contain blank space."
+  },
+  "user_upload": {
+    "Failed to import users": "Failed to import users"
+  },
+  "util": {
+    "No application is found for userId: %s": "No application is found for userId: %s",
+    "No provider for category: %s is found for application: %s": "No provider for category: %s is found for application: %s",
+    "The provider: %s is not found": "The provider: %s is not found"
+  },
+  "verification": {
+    "Code has not been sent yet!": "Code has not been sent yet!",
+    "Invalid captcha provider.": "Invalid captcha provider.",
+    "Phone number is invalid in your region %s": "Phone number is invalid in your region %s",
+    "Turing test failed.": "Turing test failed.",
+    "Unable to get the email modify rule.": "Unable to get the email modify rule.",
+    "Unable to get the phone modify rule.": "Unable to get the phone modify rule.",
+    "Unknown type": "Unknown type",
+    "Wrong verification code!": "Wrong verification code!",
+    "You should verify your code in %d min!": "You should verify your code in %d min!",
+    "the user does not exist, please sign up first": "the user does not exist, please sign up first"
+  },
+  "webauthn": {
+    "Found no credentials for this user": "Found no credentials for this user",
+    "Please call WebAuthnSigninBegin first": "Please call WebAuthnSigninBegin first"
+  }
+}

i18n/locales/pl/data.json

@@ -0,0 +1,142 @@
+{
+  "account": {
+    "Failed to add user": "Failed to add user",
+    "Get init score failed, error: %w": "Get init score failed, error: %w",
+    "Please sign out first": "Please sign out first",
+    "The application does not allow to sign up new account": "The application does not allow to sign up new account"
+  },
+  "auth": {
+    "Challenge method should be S256": "Challenge method should be S256",
+    "Failed to create user, user information is invalid: %s": "Failed to create user, user information is invalid: %s",
+    "Failed to login in: %s": "Failed to login in: %s",
+    "Invalid token": "Invalid token",
+    "State expected: %s, but got: %s": "State expected: %s, but got: %s",
+    "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account via %%s, please use another way to sign up": "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account via %%s, please use another way to sign up",
+    "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support": "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support",
+    "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)": "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)",
+    "The application: %s does not exist": "The application: %s does not exist",
+    "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
+    "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
+    "Unauthorized operation": "Unauthorized operation",
+    "Unknown authentication type (not password or provider), form = %s": "Unknown authentication type (not password or provider), form = %s",
+    "User's tag: %s is not listed in the application's tags": "User's tag: %s is not listed in the application's tags"
+  },
+  "cas": {
+    "Service %s and %s do not match": "Service %s and %s do not match"
+  },
+  "check": {
+    "Affiliation cannot be blank": "Affiliation cannot be blank",
+    "DisplayName cannot be blank": "DisplayName cannot be blank",
+    "DisplayName is not valid real name": "DisplayName is not valid real name",
+    "Email already exists": "Email already exists",
+    "Email cannot be empty": "Email cannot be empty",
+    "Email is invalid": "Email is invalid",
+    "Empty username.": "Empty username.",
+    "FirstName cannot be blank": "FirstName cannot be blank",
+    "LDAP user name or password incorrect": "LDAP user name or password incorrect",
+    "LastName cannot be blank": "LastName cannot be blank",
+    "Multiple accounts with same uid, please check your ldap server": "Multiple accounts with same uid, please check your ldap server",
+    "Organization does not exist": "Organization does not exist",
+    "Password must have at least 6 characters": "Password must have at least 6 characters",
+    "Phone already exists": "Phone already exists",
+    "Phone cannot be empty": "Phone cannot be empty",
+    "Phone number is invalid": "Phone number is invalid",
+    "Session outdated, please login again": "Session outdated, please login again",
+    "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
+    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
+    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "Username already exists": "Username already exists",
+    "Username cannot be an email address": "Username cannot be an email address",
+    "Username cannot contain white spaces": "Username cannot contain white spaces",
+    "Username cannot start with a digit": "Username cannot start with a digit",
+    "Username is too long (maximum is 39 characters).": "Username is too long (maximum is 39 characters).",
+    "Username must have at least 2 characters": "Username must have at least 2 characters",
+    "You have entered the wrong password or code too many times, please wait for %d minutes and try again": "You have entered the wrong password or code too many times, please wait for %d minutes and try again",
+    "Your region is not allow to signup by phone": "Your region is not allow to signup by phone",
+    "password or code is incorrect": "password or code is incorrect",
+    "password or code is incorrect, you have %d remaining chances": "password or code is incorrect, you have %d remaining chances",
+    "unsupported password type: %s": "unsupported password type: %s"
+  },
+  "general": {
+    "Missing parameter": "Missing parameter",
+    "Please login first": "Please login first",
+    "The user: %s doesn't exist": "The user: %s doesn't exist",
+    "don't support captchaProvider: ": "don't support captchaProvider: ",
+    "this operation is not allowed in demo mode": "this operation is not allowed in demo mode"
+  },
+  "ldap": {
+    "Ldap server exist": "Ldap server exist"
+  },
+  "link": {
+    "Please link first": "Please link first",
+    "This application has no providers": "This application has no providers",
+    "This application has no providers of type": "This application has no providers of type",
+    "This provider can't be unlinked": "This provider can't be unlinked",
+    "You are not the global admin, you can't unlink other users": "You are not the global admin, you can't unlink other users",
+    "You can't unlink yourself, you are not a member of any application": "You can't unlink yourself, you are not a member of any application"
+  },
+  "organization": {
+    "Only admin can modify the %s.": "Only admin can modify the %s.",
+    "The %s is immutable.": "The %s is immutable.",
+    "Unknown modify rule %s.": "Unknown modify rule %s."
+  },
+  "provider": {
+    "Invalid application id": "Invalid application id",
+    "the provider: %s does not exist": "the provider: %s does not exist"
+  },
+  "resource": {
+    "User is nil for tag: avatar": "User is nil for tag: avatar",
+    "Username or fullFilePath is empty: username = %s, fullFilePath = %s": "Username or fullFilePath is empty: username = %s, fullFilePath = %s"
+  },
+  "saml": {
+    "Application %s not found": "Application %s not found"
+  },
+  "saml_sp": {
+    "provider %s's category is not SAML": "provider %s's category is not SAML"
+  },
+  "service": {
+    "Empty parameters for emailForm: %v": "Empty parameters for emailForm: %v",
+    "Invalid Email receivers: %s": "Invalid Email receivers: %s",
+    "Invalid phone receivers: %s": "Invalid phone receivers: %s"
+  },
+  "storage": {
+    "The objectKey: %s is not allowed": "The objectKey: %s is not allowed",
+    "The provider type: %s is not supported": "The provider type: %s is not supported"
+  },
+  "token": {
+    "Empty clientId or clientSecret": "Empty clientId or clientSecret",
+    "Grant_type: %s is not supported in this application": "Grant_type: %s is not supported in this application",
+    "Invalid application or wrong clientSecret": "Invalid application or wrong clientSecret",
+    "Invalid client_id": "Invalid client_id",
+    "Redirect URI: %s doesn't exist in the allowed Redirect URI list": "Redirect URI: %s doesn't exist in the allowed Redirect URI list",
+    "Token not found, invalid accessToken": "Token not found, invalid accessToken"
+  },
+  "user": {
+    "Display name cannot be empty": "Display name cannot be empty",
+    "New password cannot contain blank space.": "New password cannot contain blank space."
+  },
+  "user_upload": {
+    "Failed to import users": "Failed to import users"
+  },
+  "util": {
+    "No application is found for userId: %s": "No application is found for userId: %s",
+    "No provider for category: %s is found for application: %s": "No provider for category: %s is found for application: %s",
+    "The provider: %s is not found": "The provider: %s is not found"
+  },
+  "verification": {
+    "Code has not been sent yet!": "Code has not been sent yet!",
+    "Invalid captcha provider.": "Invalid captcha provider.",
+    "Phone number is invalid in your region %s": "Phone number is invalid in your region %s",
+    "Turing test failed.": "Turing test failed.",
+    "Unable to get the email modify rule.": "Unable to get the email modify rule.",
+    "Unable to get the phone modify rule.": "Unable to get the phone modify rule.",
+    "Unknown type": "Unknown type",
+    "Wrong verification code!": "Wrong verification code!",
+    "You should verify your code in %d min!": "You should verify your code in %d min!",
+    "the user does not exist, please sign up first": "the user does not exist, please sign up first"
+  },
+  "webauthn": {
+    "Found no credentials for this user": "Found no credentials for this user",
+    "Please call WebAuthnSigninBegin first": "Please call WebAuthnSigninBegin first"
+  }
+}

i18n/locales/sv/data.json

@@ -0,0 +1,142 @@
+{
+  "account": {
+    "Failed to add user": "Failed to add user",
+    "Get init score failed, error: %w": "Get init score failed, error: %w",
+    "Please sign out first": "Please sign out first",
+    "The application does not allow to sign up new account": "The application does not allow to sign up new account"
+  },
+  "auth": {
+    "Challenge method should be S256": "Challenge method should be S256",
+    "Failed to create user, user information is invalid: %s": "Failed to create user, user information is invalid: %s",
+    "Failed to login in: %s": "Failed to login in: %s",
+    "Invalid token": "Invalid token",
+    "State expected: %s, but got: %s": "State expected: %s, but got: %s",
+    "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account via %%s, please use another way to sign up": "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account via %%s, please use another way to sign up",
+    "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support": "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support",
+    "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)": "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)",
+    "The application: %s does not exist": "The application: %s does not exist",
+    "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
+    "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
+    "Unauthorized operation": "Unauthorized operation",
+    "Unknown authentication type (not password or provider), form = %s": "Unknown authentication type (not password or provider), form = %s",
+    "User's tag: %s is not listed in the application's tags": "User's tag: %s is not listed in the application's tags"
+  },
+  "cas": {
+    "Service %s and %s do not match": "Service %s and %s do not match"
+  },
+  "check": {
+    "Affiliation cannot be blank": "Affiliation cannot be blank",
+    "DisplayName cannot be blank": "DisplayName cannot be blank",
+    "DisplayName is not valid real name": "DisplayName is not valid real name",
+    "Email already exists": "Email already exists",
+    "Email cannot be empty": "Email cannot be empty",
+    "Email is invalid": "Email is invalid",
+    "Empty username.": "Empty username.",
+    "FirstName cannot be blank": "FirstName cannot be blank",
+    "LDAP user name or password incorrect": "LDAP user name or password incorrect",
+    "LastName cannot be blank": "LastName cannot be blank",
+    "Multiple accounts with same uid, please check your ldap server": "Multiple accounts with same uid, please check your ldap server",
+    "Organization does not exist": "Organization does not exist",
+    "Password must have at least 6 characters": "Password must have at least 6 characters",
+    "Phone already exists": "Phone already exists",
+    "Phone cannot be empty": "Phone cannot be empty",
+    "Phone number is invalid": "Phone number is invalid",
+    "Session outdated, please login again": "Session outdated, please login again",
+    "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
+    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
+    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "Username already exists": "Username already exists",
+    "Username cannot be an email address": "Username cannot be an email address",
+    "Username cannot contain white spaces": "Username cannot contain white spaces",
+    "Username cannot start with a digit": "Username cannot start with a digit",
+    "Username is too long (maximum is 39 characters).": "Username is too long (maximum is 39 characters).",
+    "Username must have at least 2 characters": "Username must have at least 2 characters",
+    "You have entered the wrong password or code too many times, please wait for %d minutes and try again": "You have entered the wrong password or code too many times, please wait for %d minutes and try again",
+    "Your region is not allow to signup by phone": "Your region is not allow to signup by phone",
+    "password or code is incorrect": "password or code is incorrect",
+    "password or code is incorrect, you have %d remaining chances": "password or code is incorrect, you have %d remaining chances",
+    "unsupported password type: %s": "unsupported password type: %s"
+  },
+  "general": {
+    "Missing parameter": "Missing parameter",
+    "Please login first": "Please login first",
+    "The user: %s doesn't exist": "The user: %s doesn't exist",
+    "don't support captchaProvider: ": "don't support captchaProvider: ",
+    "this operation is not allowed in demo mode": "this operation is not allowed in demo mode"
+  },
+  "ldap": {
+    "Ldap server exist": "Ldap server exist"
+  },
+  "link": {
+    "Please link first": "Please link first",
+    "This application has no providers": "This application has no providers",
+    "This application has no providers of type": "This application has no providers of type",
+    "This provider can't be unlinked": "This provider can't be unlinked",
+    "You are not the global admin, you can't unlink other users": "You are not the global admin, you can't unlink other users",
+    "You can't unlink yourself, you are not a member of any application": "You can't unlink yourself, you are not a member of any application"
+  },
+  "organization": {
+    "Only admin can modify the %s.": "Only admin can modify the %s.",
+    "The %s is immutable.": "The %s is immutable.",
+    "Unknown modify rule %s.": "Unknown modify rule %s."
+  },
+  "provider": {
+    "Invalid application id": "Invalid application id",
+    "the provider: %s does not exist": "the provider: %s does not exist"
+  },
+  "resource": {
+    "User is nil for tag: avatar": "User is nil for tag: avatar",
+    "Username or fullFilePath is empty: username = %s, fullFilePath = %s": "Username or fullFilePath is empty: username = %s, fullFilePath = %s"
+  },
+  "saml": {
+    "Application %s not found": "Application %s not found"
+  },
+  "saml_sp": {
+    "provider %s's category is not SAML": "provider %s's category is not SAML"
+  },
+  "service": {
+    "Empty parameters for emailForm: %v": "Empty parameters for emailForm: %v",
+    "Invalid Email receivers: %s": "Invalid Email receivers: %s",
+    "Invalid phone receivers: %s": "Invalid phone receivers: %s"
+  },
+  "storage": {
+    "The objectKey: %s is not allowed": "The objectKey: %s is not allowed",
+    "The provider type: %s is not supported": "The provider type: %s is not supported"
+  },
+  "token": {
+    "Empty clientId or clientSecret": "Empty clientId or clientSecret",
+    "Grant_type: %s is not supported in this application": "Grant_type: %s is not supported in this application",
+    "Invalid application or wrong clientSecret": "Invalid application or wrong clientSecret",
+    "Invalid client_id": "Invalid client_id",
+    "Redirect URI: %s doesn't exist in the allowed Redirect URI list": "Redirect URI: %s doesn't exist in the allowed Redirect URI list",
+    "Token not found, invalid accessToken": "Token not found, invalid accessToken"
+  },
+  "user": {
+    "Display name cannot be empty": "Display name cannot be empty",
+    "New password cannot contain blank space.": "New password cannot contain blank space."
+  },
+  "user_upload": {
+    "Failed to import users": "Failed to import users"
+  },
+  "util": {
+    "No application is found for userId: %s": "No application is found for userId: %s",
+    "No provider for category: %s is found for application: %s": "No provider for category: %s is found for application: %s",
+    "The provider: %s is not found": "The provider: %s is not found"
+  },
+  "verification": {
+    "Code has not been sent yet!": "Code has not been sent yet!",
+    "Invalid captcha provider.": "Invalid captcha provider.",
+    "Phone number is invalid in your region %s": "Phone number is invalid in your region %s",
+    "Turing test failed.": "Turing test failed.",
+    "Unable to get the email modify rule.": "Unable to get the email modify rule.",
+    "Unable to get the phone modify rule.": "Unable to get the phone modify rule.",
+    "Unknown type": "Unknown type",
+    "Wrong verification code!": "Wrong verification code!",
+    "You should verify your code in %d min!": "You should verify your code in %d min!",
+    "the user does not exist, please sign up first": "the user does not exist, please sign up first"
+  },
+  "webauthn": {
+    "Found no credentials for this user": "Found no credentials for this user",
+    "Please call WebAuthnSigninBegin first": "Please call WebAuthnSigninBegin first"
+  }
+}

i18n/locales/uk/data.json

@@ -0,0 +1,142 @@
+{
+  "account": {
+    "Failed to add user": "Failed to add user",
+    "Get init score failed, error: %w": "Get init score failed, error: %w",
+    "Please sign out first": "Please sign out first",
+    "The application does not allow to sign up new account": "The application does not allow to sign up new account"
+  },
+  "auth": {
+    "Challenge method should be S256": "Challenge method should be S256",
+    "Failed to create user, user information is invalid: %s": "Failed to create user, user information is invalid: %s",
+    "Failed to login in: %s": "Failed to login in: %s",
+    "Invalid token": "Invalid token",
+    "State expected: %s, but got: %s": "State expected: %s, but got: %s",
+    "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account via %%s, please use another way to sign up": "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account via %%s, please use another way to sign up",
+    "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support": "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support",
+    "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)": "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)",
+    "The application: %s does not exist": "The application: %s does not exist",
+    "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
+    "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
+    "Unauthorized operation": "Unauthorized operation",
+    "Unknown authentication type (not password or provider), form = %s": "Unknown authentication type (not password or provider), form = %s",
+    "User's tag: %s is not listed in the application's tags": "User's tag: %s is not listed in the application's tags"
+  },
+  "cas": {
+    "Service %s and %s do not match": "Service %s and %s do not match"
+  },
+  "check": {
+    "Affiliation cannot be blank": "Affiliation cannot be blank",
+    "DisplayName cannot be blank": "DisplayName cannot be blank",
+    "DisplayName is not valid real name": "DisplayName is not valid real name",
+    "Email already exists": "Email already exists",
+    "Email cannot be empty": "Email cannot be empty",
+    "Email is invalid": "Email is invalid",
+    "Empty username.": "Empty username.",
+    "FirstName cannot be blank": "FirstName cannot be blank",
+    "LDAP user name or password incorrect": "LDAP user name or password incorrect",
+    "LastName cannot be blank": "LastName cannot be blank",
+    "Multiple accounts with same uid, please check your ldap server": "Multiple accounts with same uid, please check your ldap server",
+    "Organization does not exist": "Organization does not exist",
+    "Password must have at least 6 characters": "Password must have at least 6 characters",
+    "Phone already exists": "Phone already exists",
+    "Phone cannot be empty": "Phone cannot be empty",
+    "Phone number is invalid": "Phone number is invalid",
+    "Session outdated, please login again": "Session outdated, please login again",
+    "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
+    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
+    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "Username already exists": "Username already exists",
+    "Username cannot be an email address": "Username cannot be an email address",
+    "Username cannot contain white spaces": "Username cannot contain white spaces",
+    "Username cannot start with a digit": "Username cannot start with a digit",
+    "Username is too long (maximum is 39 characters).": "Username is too long (maximum is 39 characters).",
+    "Username must have at least 2 characters": "Username must have at least 2 characters",
+    "You have entered the wrong password or code too many times, please wait for %d minutes and try again": "You have entered the wrong password or code too many times, please wait for %d minutes and try again",
+    "Your region is not allow to signup by phone": "Your region is not allow to signup by phone",
+    "password or code is incorrect": "password or code is incorrect",
+    "password or code is incorrect, you have %d remaining chances": "password or code is incorrect, you have %d remaining chances",
+    "unsupported password type: %s": "unsupported password type: %s"
+  },
+  "general": {
+    "Missing parameter": "Missing parameter",
+    "Please login first": "Please login first",
+    "The user: %s doesn't exist": "The user: %s doesn't exist",
+    "don't support captchaProvider: ": "don't support captchaProvider: ",
+    "this operation is not allowed in demo mode": "this operation is not allowed in demo mode"
+  },
+  "ldap": {
+    "Ldap server exist": "Ldap server exist"
+  },
+  "link": {
+    "Please link first": "Please link first",
+    "This application has no providers": "This application has no providers",
+    "This application has no providers of type": "This application has no providers of type",
+    "This provider can't be unlinked": "This provider can't be unlinked",
+    "You are not the global admin, you can't unlink other users": "You are not the global admin, you can't unlink other users",
+    "You can't unlink yourself, you are not a member of any application": "You can't unlink yourself, you are not a member of any application"
+  },
+  "organization": {
+    "Only admin can modify the %s.": "Only admin can modify the %s.",
+    "The %s is immutable.": "The %s is immutable.",
+    "Unknown modify rule %s.": "Unknown modify rule %s."
+  },
+  "provider": {
+    "Invalid application id": "Invalid application id",
+    "the provider: %s does not exist": "the provider: %s does not exist"
+  },
+  "resource": {
+    "User is nil for tag: avatar": "User is nil for tag: avatar",
+    "Username or fullFilePath is empty: username = %s, fullFilePath = %s": "Username or fullFilePath is empty: username = %s, fullFilePath = %s"
+  },
+  "saml": {
+    "Application %s not found": "Application %s not found"
+  },
+  "saml_sp": {
+    "provider %s's category is not SAML": "provider %s's category is not SAML"
+  },
+  "service": {
+    "Empty parameters for emailForm: %v": "Empty parameters for emailForm: %v",
+    "Invalid Email receivers: %s": "Invalid Email receivers: %s",
+    "Invalid phone receivers: %s": "Invalid phone receivers: %s"
+  },
+  "storage": {
+    "The objectKey: %s is not allowed": "The objectKey: %s is not allowed",
+    "The provider type: %s is not supported": "The provider type: %s is not supported"
+  },
+  "token": {
+    "Empty clientId or clientSecret": "Empty clientId or clientSecret",
+    "Grant_type: %s is not supported in this application": "Grant_type: %s is not supported in this application",
+    "Invalid application or wrong clientSecret": "Invalid application or wrong clientSecret",
+    "Invalid client_id": "Invalid client_id",
+    "Redirect URI: %s doesn't exist in the allowed Redirect URI list": "Redirect URI: %s doesn't exist in the allowed Redirect URI list",
+    "Token not found, invalid accessToken": "Token not found, invalid accessToken"
+  },
+  "user": {
+    "Display name cannot be empty": "Display name cannot be empty",
+    "New password cannot contain blank space.": "New password cannot contain blank space."
+  },
+  "user_upload": {
+    "Failed to import users": "Failed to import users"
+  },
+  "util": {
+    "No application is found for userId: %s": "No application is found for userId: %s",
+    "No provider for category: %s is found for application: %s": "No provider for category: %s is found for application: %s",
+    "The provider: %s is not found": "The provider: %s is not found"
+  },
+  "verification": {
+    "Code has not been sent yet!": "Code has not been sent yet!",
+    "Invalid captcha provider.": "Invalid captcha provider.",
+    "Phone number is invalid in your region %s": "Phone number is invalid in your region %s",
+    "Turing test failed.": "Turing test failed.",
+    "Unable to get the email modify rule.": "Unable to get the email modify rule.",
+    "Unable to get the phone modify rule.": "Unable to get the phone modify rule.",
+    "Unknown type": "Unknown type",
+    "Wrong verification code!": "Wrong verification code!",
+    "You should verify your code in %d min!": "You should verify your code in %d min!",
+    "the user does not exist, please sign up first": "the user does not exist, please sign up first"
+  },
+  "webauthn": {
+    "Found no credentials for this user": "Found no credentials for this user",
+    "Please call WebAuthnSigninBegin first": "Please call WebAuthnSigninBegin first"
+  }
+}

idp/facebook.go

@@ -72,13 +72,13 @@ type FacebookCheckToken struct {
 }
 
 // FacebookCheckTokenData
-// Get more detail via: https://developers.facebook.com/docs/facebook-login/manually-build-a-login-flow#checktoken
+// Get more detail via: https://developers.facebook.com/docs/facebook-login/guides/advanced/manual-flow#checktoken
 type FacebookCheckTokenData struct {
 	UserId string `json:"user_id"`
 }
 
 // GetToken use code get access_token (*operation of getting code ought to be done in front)
-// get more detail via: https://developers.facebook.com/docs/facebook-login/manually-build-a-login-flow#confirm
+// get more detail via: https://developers.facebook.com/docs/facebook-login/guides/advanced/manual-flow#confirm
 func (idp *FacebookIdProvider) GetToken(code string) (*oauth2.Token, error) {
 	params := url.Values{}
 	params.Add("client_id", idp.Config.ClientID)

init_data.json.template

@@ -9,11 +9,11 @@
       "passwordType": "plain",
       "passwordSalt": "",
       "passwordOptions": ["AtLeast6"],
-      "countryCodes": ["US", "ES", "CN", "FR", "DE", "GB", "JP", "KR", "VN", "ID", "SG", "IN", "IT", "MY", "TR", "DZ", "IL", "PH"],
+      "countryCodes": ["US", "GB", "ES", "FR", "DE", "CN", "JP", "KR", "VN", "ID", "SG", "IN", "IT", "MY", "TR", "DZ", "IL", "PH", "NL", "PL", "FI", "SE", "UA", "KZ"],
       "defaultAvatar": "",
       "defaultApplication": "",
       "tags": [],
-      "languages": ["en", "zh", "es", "fr", "de", "id", "ja", "ko", "ru", "vi", "it", "ms", "tr","ar", "he", "fi"],
+      "languages": ["en", "zh", "es", "fr", "de", "id", "ja", "ko", "ru", "vi", "it", "ms", "tr","ar", "he", "nl", "pl", "fi", "sv", "uk", "kk", "fa"],
       "masterPassword": "",
       "initScore": 2000,
       "enableSoftDeletion": false,

object/adapter.go

@@ -151,7 +151,7 @@ func (adapter *Adapter) InitAdapter() error {
 	if adapter.Adapter == nil {
 		var dataSourceName string
 
-		if adapter.builtInAdapter() {
+		if adapter.isBuiltIn() {
 			dataSourceName = conf.GetConfigString("dataSourceName")
 			if adapter.DatabaseType == "mysql" {
 				dataSourceName = dataSourceName + adapter.Database
@@ -183,6 +183,14 @@ func (adapter *Adapter) InitAdapter() error {
 
 		var err error
 		engine, err := xorm.NewEngine(adapter.DatabaseType, dataSourceName)
+
+		if adapter.isBuiltIn() && adapter.DatabaseType == "postgres" {
+			schema := util.GetValueFromDataSourceName("search_path", dataSourceName)
+			if schema != "" {
+				engine.SetSchema(schema)
+			}
+		}
+
 		adapter.Adapter, err = xormadapter.NewAdapterByEngineWithTableName(engine, adapter.getTable(), adapter.TableNamePrefix)
 		if err != nil {
 			return err
@@ -211,7 +219,7 @@ func adapterChangeTrigger(oldName string, newName string) error {
 	return session.Commit()
 }
 
-func (adapter *Adapter) builtInAdapter() bool {
+func (adapter *Adapter) isBuiltIn() bool {
 	if adapter.Owner != "built-in" {
 		return false
 	}

object/application.go

@@ -57,6 +57,7 @@ type Application struct {
 	SignupItems         []*SignupItem   `xorm:"varchar(1000)" json:"signupItems"`
 	GrantTypes          []string        `xorm:"varchar(1000)" json:"grantTypes"`
 	OrganizationObj     *Organization   `xorm:"-" json:"organizationObj"`
+	CertPublicKey       string          `xorm:"-" json:"certPublicKey"`
 	Tags                []string        `xorm:"mediumtext" json:"tags"`
 	InvitationCodes     []string        `xorm:"varchar(200)" json:"invitationCodes"`
 

object/check.go

@@ -406,10 +406,6 @@ func CheckUsername(username string, lang string) string {
 }
 
 func CheckUpdateUser(oldUser, user *User, lang string) string {
-	if user.DisplayName == "" {
-		return i18n.Translate(lang, "user:Display name cannot be empty")
-	}
-
 	if oldUser.Name != user.Name {
 		if msg := CheckUsername(user.Name, lang); msg != "" {
 			return msg
@@ -419,7 +415,7 @@ func CheckUpdateUser(oldUser, user *User, lang string) string {
 		}
 	}
 	if oldUser.Email != user.Email {
-		if HasUserByField(user.Name, "email", user.Email) {
+		if HasUserByField(user.Owner, "email", user.Email) {
 			return i18n.Translate(lang, "check:Email already exists")
 		}
 	}

object/mfa_totp.go

@@ -81,12 +81,15 @@ func (mfa *TotpMfa) SetupVerify(ctx *context.Context, passcode string) error {
 		return errors.New("totp secret is missing")
 	}
 
-	result, _ := totp.ValidateCustom(passcode, secret.(string), time.Now().UTC(), totp.ValidateOpts{
+	result, err := totp.ValidateCustom(passcode, secret.(string), time.Now().UTC(), totp.ValidateOpts{
 		Period:    MfaTotpPeriodInSeconds,
 		Skew:      1,
 		Digits:    otp.DigitsSix,
 		Algorithm: otp.AlgorithmSHA1,
 	})
+	if err != nil {
+		return err
+	}
 
 	if result {
 		return nil
@@ -125,7 +128,15 @@ func (mfa *TotpMfa) Enable(ctx *context.Context, user *User) error {
 }
 
 func (mfa *TotpMfa) Verify(passcode string) error {
-	result := totp.Validate(passcode, mfa.Config.Secret)
+	result, err := totp.ValidateCustom(passcode, mfa.Config.Secret, time.Now().UTC(), totp.ValidateOpts{
+		Period:    MfaTotpPeriodInSeconds,
+		Skew:      1,
+		Digits:    otp.DigitsSix,
+		Algorithm: otp.AlgorithmSHA1,
+	})
+	if err != nil {
+		return err
+	}
 
 	if result {
 		return nil

object/ormer.go

@@ -18,11 +18,14 @@ import (
 	"database/sql"
 	"flag"
 	"fmt"
+	"os"
+	"regexp"
 	"runtime"
 	"strings"
 
 	"github.com/beego/beego"
 	"github.com/casdoor/casdoor/conf"
+	"github.com/casdoor/casdoor/util"
 	xormadapter "github.com/casdoor/xorm-adapter/v3"
 	_ "github.com/denisenkom/go-mssqldb" // db = mssql
 	_ "github.com/go-sql-driver/mysql"   // db = mysql
@@ -65,6 +68,17 @@ func InitConfig() {
 }
 
 func InitAdapter() {
+	if conf.GetConfigString("driverName") == "" {
+		if !util.FileExist("conf/app.conf") {
+			dir, err := os.Getwd()
+			if err != nil {
+				panic(err)
+			}
+			dir = strings.ReplaceAll(dir, "\\", "/")
+			panic(fmt.Sprintf("The Casdoor config file: \"app.conf\" was not found, it should be placed at: \"%s/conf/app.conf\"", dir))
+		}
+	}
+
 	if createDatabase {
 		err := createDatabaseForPostgres(conf.GetConfigString("driverName"), conf.GetConfigDataSourceName(), conf.GetConfigString("dbName"))
 		if err != nil {
@@ -122,9 +136,14 @@ func NewAdapter(driverName string, dataSourceName string, dbName string) *Ormer
 	return a
 }
 
+func refineDataSourceNameForPostgres(dataSourceName string) string {
+	reg := regexp.MustCompile(`dbname=[^ ]+\s*`)
+	return reg.ReplaceAllString(dataSourceName, "")
+}
+
 func createDatabaseForPostgres(driverName string, dataSourceName string, dbName string) error {
 	if driverName == "postgres" {
-		db, err := sql.Open(driverName, dataSourceName)
+		db, err := sql.Open(driverName, refineDataSourceNameForPostgres(dataSourceName))
 		if err != nil {
 			return err
 		}
@@ -136,6 +155,21 @@ func createDatabaseForPostgres(driverName string, dataSourceName string, dbName
 				return err
 			}
 		}
+		schema := util.GetValueFromDataSourceName("search_path", dataSourceName)
+		if schema != "" {
+			db, err = sql.Open(driverName, dataSourceName)
+			if err != nil {
+				return err
+			}
+			defer db.Close()
+
+			_, err = db.Exec(fmt.Sprintf("CREATE SCHEMA %s;", schema))
+			if err != nil {
+				if !strings.Contains(err.Error(), "already exists") {
+					return err
+				}
+			}
+		}
 
 		return nil
 	} else {
@@ -168,6 +202,12 @@ func (a *Ormer) open() {
 	if err != nil {
 		panic(err)
 	}
+	if a.driverName == "postgres" {
+		schema := util.GetValueFromDataSourceName("search_path", dataSourceName)
+		if schema != "" {
+			engine.SetSchema(schema)
+		}
+	}
 
 	a.Engine = engine
 }

object/permission_enforcer.go

@@ -79,9 +79,7 @@ func (p *Permission) setEnforcerAdapter(enforcer *casbin.Enforcer) error {
 		}
 	}
 	tableNamePrefix := conf.GetConfigString("tableNamePrefix")
-	driverName := conf.GetConfigString("driverName")
-	dataSourceName := conf.GetConfigRealDataSourceName(driverName)
-	adapter, err := xormadapter.NewAdapterWithTableName(driverName, dataSourceName, tableName, tableNamePrefix, true)
+	adapter, err := xormadapter.NewAdapterByEngineWithTableName(ormer.Engine, tableName, tableNamePrefix)
 	if err != nil {
 		return err
 	}

object/plan.go

@@ -16,6 +16,7 @@ package object
 
 import (
 	"fmt"
+	"time"
 
 	"github.com/casdoor/casdoor/util"
 	"github.com/xorm-io/core"
@@ -28,10 +29,10 @@ type Plan struct {
 	DisplayName string `xorm:"varchar(100)" json:"displayName"`
 	Description string `xorm:"varchar(100)" json:"description"`
 
-	PricePerMonth    float64  `json:"pricePerMonth"`
-	PricePerYear     float64  `json:"pricePerYear"`
+	Price            float64  `json:"price"`
 	Currency         string   `xorm:"varchar(100)" json:"currency"`
-	Product          string   `json:"product"`                              // related product id
+	Period           string   `xorm:"varchar(100)" json:"period"`
+	Product          string   `xorm:"varchar(100)" json:"product"`
 	PaymentProviders []string `xorm:"varchar(100)" json:"paymentProviders"` // payment providers for related product
 	IsEnabled        bool     `json:"isEnabled"`
 
@@ -39,10 +40,28 @@ type Plan struct {
 	Options []string `xorm:"-" json:"options"`
 }
 
+const (
+	PeriodMonthly = "Monthly"
+	PeriodYearly  = "Yearly"
+)
+
 func (plan *Plan) GetId() string {
 	return fmt.Sprintf("%s/%s", plan.Owner, plan.Name)
 }
 
+func GetDuration(period string) (startTime time.Time, endTime time.Time) {
+	if period == PeriodYearly {
+		startTime = time.Now()
+		endTime = startTime.AddDate(1, 0, 0)
+	} else if period == PeriodMonthly {
+		startTime = time.Now()
+		endTime = startTime.AddDate(0, 1, 0)
+	} else {
+		panic(fmt.Sprintf("invalid period: %s", period))
+	}
+	return
+}
+
 func GetPlanCount(owner, field, value string) (int64, error) {
 	session := GetSession(owner, -1, -1, field, value, "", "")
 	return session.Count(&Plan{})

object/pricing.go

@@ -32,12 +32,6 @@ type Pricing struct {
 	IsEnabled     bool     `json:"isEnabled"`
 	TrialDuration int      `json:"trialDuration"`
 	Application   string   `xorm:"varchar(100)" json:"application"`
-
-	Submitter   string `xorm:"varchar(100)" json:"submitter"`
-	Approver    string `xorm:"varchar(100)" json:"approver"`
-	ApproveTime string `xorm:"varchar(100)" json:"approveTime"`
-
-	State string `xorm:"varchar(100)" json:"state"`
 }
 
 func (pricing *Pricing) GetId() string {

object/product.go

@@ -190,8 +190,15 @@ func BuyProduct(id string, user *User, providerName, pricingName, planName, host
 	if user.Type == "paid-user" {
 		// Create a subscription for `paid-user`
 		if pricingName != "" && planName != "" {
-			sub := NewSubscription(owner, user.Name, pricingName, planName, paymentName)
-			_, err := AddSubscription(sub)
+			plan, err := GetPlan(util.GetId(owner, planName))
+			if err != nil {
+				return "", "", err
+			}
+			if plan == nil {
+				return "", "", fmt.Errorf("the plan: %s does not exist", planName)
+			}
+			sub := NewSubscription(owner, user.Name, plan.Name, paymentName, plan.Period)
+			_, err = AddSubscription(sub)
 			if err != nil {
 				return "", "", err
 			}
@@ -267,14 +274,14 @@ func CreateProductForPlan(plan *Plan) *Product {
 	product := &Product{
 		Owner:       plan.Owner,
 		Name:        fmt.Sprintf("product_%v", util.GetRandomName()),
-		DisplayName: fmt.Sprintf("Auto Created Product for Plan %v(%v)", plan.GetId(), plan.DisplayName),
+		DisplayName: fmt.Sprintf("Product for Plan %v/%v/%v", plan.Name, plan.DisplayName, plan.Period),
 		CreatedTime: plan.CreatedTime,
 
 		Image:       "https://cdn.casbin.org/img/casdoor-logo_1185x256.png", // TODO
-		Detail:      fmt.Sprintf("This Product was auto created for Plan %v(%v)", plan.GetId(), plan.DisplayName),
+		Detail:      fmt.Sprintf("This product was auto created for plan %v(%v), subscription period is %v", plan.Name, plan.DisplayName, plan.Period),
 		Description: plan.Description,
 		Tag:         "auto_created_product_for_plan",
-		Price:       plan.PricePerMonth, // TODO
+		Price:       plan.Price,
 		Currency:    plan.Currency,
 
 		Quantity: 999,
@@ -290,9 +297,10 @@ func CreateProductForPlan(plan *Plan) *Product {
 }
 
 func UpdateProductForPlan(plan *Plan, product *Product) {
-	product.DisplayName = fmt.Sprintf("Auto Created Product for Plan %v(%v)", plan.GetId(), plan.DisplayName)
-	product.Detail = fmt.Sprintf("This Product was auto created for Plan %v(%v)", plan.GetId(), plan.DisplayName)
-	product.Price = plan.PricePerMonth // TODO
-	product.Providers = plan.PaymentProviders
+	product.Owner = plan.Owner
+	product.DisplayName = fmt.Sprintf("Product for Plan %v/%v/%v", plan.Name, plan.DisplayName, plan.Period)
+	product.Detail = fmt.Sprintf("This product was auto created for plan %v(%v), subscription period is %v", plan.Name, plan.DisplayName, plan.Period)
+	product.Price = plan.Price
 	product.Currency = plan.Currency
+	product.Providers = plan.PaymentProviders
 }

object/subscription.go

@@ -50,7 +50,7 @@ type Subscription struct {
 
 	StartTime time.Time         `json:"startTime"`
 	EndTime   time.Time         `json:"endTime"`
-	Duration  int               `json:"duration"`
+	Period    string            `xorm:"varchar(100)" json:"period"`
 	State     SubscriptionState `xorm:"varchar(100)" json:"state"`
 }
 
@@ -103,7 +103,8 @@ func (sub *Subscription) UpdateState() error {
 	return nil
 }
 
-func NewSubscription(owner, userName, pricingName, planName, paymentName string) *Subscription {
+func NewSubscription(owner, userName, planName, paymentName, period string) *Subscription {
+	startTime, endTime := GetDuration(period)
 	id := util.GenerateId()[:6]
 	return &Subscription{
 		Owner:       owner,
@@ -112,13 +113,12 @@ func NewSubscription(owner, userName, pricingName, planName, paymentName string)
 		CreatedTime: util.GetCurrentTime(),
 
 		User:    userName,
-		Pricing: pricingName,
 		Plan:    planName,
 		Payment: paymentName,
 
-		StartTime: time.Now(),
-		EndTime:   time.Now().AddDate(0, 0, 30),
-		Duration:  30,              // TODO
+		StartTime: startTime,
+		EndTime:   endTime,
+		Period:    period,
 		State:     SubStatePending, // waiting for payment complete
 	}
 }

object/syncer_sync.go

@@ -148,6 +148,6 @@ func (syncer *Syncer) syncUsers() error {
 func (syncer *Syncer) syncUsersNoError() {
 	err := syncer.syncUsers()
 	if err != nil {
-		panic(err)
+		fmt.Printf("syncUsersNoError() error: %s\n", err.Error())
 	}
 }

object/user.go

@@ -627,11 +627,9 @@ func AddUser(user *User) (bool, error) {
 		return false, nil
 	}
 
-	if user.PasswordType == "" && organization.PasswordType != "" {
-		user.PasswordType = organization.PasswordType
-	}
-
+	if user.PasswordType == "" || user.PasswordType == "plain" {
 		user.UpdateUserPassword(organization)
+	}
 
 	err = user.UpdateUserHash()
 	if err != nil {

pp/dummy.go

@@ -14,10 +14,7 @@
 
 package pp
 
-import (
-	"fmt"
-	"net/http"
-)
+import "net/http"
 
 type DummyPaymentProvider struct{}
 
@@ -27,8 +24,7 @@ func NewDummyPaymentProvider() (*DummyPaymentProvider, error) {
 }
 
 func (pp *DummyPaymentProvider) Pay(providerName string, productName string, payerName string, paymentName string, productDisplayName string, price float64, currency string, returnUrl string, notifyUrl string) (string, string, error) {
-	payUrl := fmt.Sprintf("/payments/%s/result", paymentName)
-	return payUrl, "", nil
+	return returnUrl, "", nil
 }
 
 func (pp *DummyPaymentProvider) Notify(request *http.Request, body []byte, authorityPublicKey string, orderId string) (*NotifyResult, error) {

pp/provider.go

@@ -14,9 +14,7 @@
 
 package pp
 
-import (
-	"net/http"
-)
+import "net/http"
 
 type PaymentState string
 

routers/router.go

@@ -273,7 +273,7 @@ func initAPI() {
 	beego.Router("/cas/:organization/:application/proxy", &controllers.RootController{}, "GET:CasProxy")
 	beego.Router("/cas/:organization/:application/validate", &controllers.RootController{}, "GET:CasValidate")
 
-	beego.Router("/cas/:organization/:application/p3/serviceValidate", &controllers.RootController{}, "GET:CasP3ServiceAndProxyValidate")
-	beego.Router("/cas/:organization/:application/p3/proxyValidate", &controllers.RootController{}, "GET:CasP3ServiceAndProxyValidate")
+	beego.Router("/cas/:organization/:application/p3/serviceValidate", &controllers.RootController{}, "GET:CasP3ServiceValidate")
+	beego.Router("/cas/:organization/:application/p3/proxyValidate", &controllers.RootController{}, "GET:CasP3ProxyValidate")
 	beego.Router("/cas/:organization/:application/samlValidate", &controllers.RootController{}, "POST:SamlValidate")
 }

routers/static_filter.go

@@ -16,6 +16,7 @@ package routers
 
 import (
 	"compress/gzip"
+	"fmt"
 	"io"
 	"net/http"
 	"os"
@@ -59,6 +60,13 @@ func StaticFilter(ctx *context.Context) {
 		path = "web/build/index.html"
 	}
 	if !util.FileExist(path) {
+		dir, err := os.Getwd()
+		if err != nil {
+			panic(err)
+		}
+		dir = strings.ReplaceAll(dir, "\\", "/")
+		errorText := fmt.Sprintf("The Casdoor frontend HTML file: \"index.html\" was not found, it should be placed at: \"%s/web/build/index.html\". For more information, see: https://casdoor.org/docs/basic/server-installation/#frontend-1", dir)
+		http.ServeContent(ctx.ResponseWriter, ctx.Request, "Casdoor frontend has encountered error...", time.Now(), strings.NewReader(errorText))
 		return
 	}
 

util/string.go

@@ -23,6 +23,7 @@ import (
 	"math/rand"
 	"os"
 	"path/filepath"
+	"regexp"
 	"strconv"
 	"strings"
 	"time"
@@ -315,3 +316,13 @@ func ParseIdToString(input interface{}) (string, error) {
 		return "", fmt.Errorf("unsupported id type: %T", input)
 	}
 }
+
+func GetValueFromDataSourceName(key string, dataSourceName string) string {
+	reg := regexp.MustCompile(key + "=([^ ]+)")
+	matches := reg.FindStringSubmatch(dataSourceName)
+	if len(matches) >= 2 {
+		return matches[1]
+	}
+
+	return ""
+}

web/src/PaymentListPage.js

@@ -101,6 +101,21 @@ class PaymentListPage extends BaseListPage {
           );
         },
       },
+      {
+        title: i18next.t("general:Organization"),
+        dataIndex: "owner",
+        key: "owner",
+        width: "120px",
+        sorter: true,
+        ...this.getColumnSearchProps("owner"),
+        render: (text, record, index) => {
+          return (
+            <Link to={`/organizations/${text}`}>
+              {text}
+            </Link>
+          );
+        },
+      },
       {
         title: i18next.t("general:Provider"),
         dataIndex: "provider",
@@ -117,21 +132,6 @@ class PaymentListPage extends BaseListPage {
           );
         },
       },
-      {
-        title: i18next.t("general:Organization"),
-        dataIndex: "owner",
-        key: "owner",
-        width: "120px",
-        sorter: true,
-        ...this.getColumnSearchProps("owner"),
-        render: (text, record, index) => {
-          return (
-            <Link to={`/organizations/${text}`}>
-              {text}
-            </Link>
-          );
-        },
-      },
       {
         title: i18next.t("general:User"),
         dataIndex: "user",
@@ -264,7 +264,7 @@ class PaymentListPage extends BaseListPage {
       value = params.type;
     }
     this.setState({loading: true});
-    PaymentBackend.getPayments(Setting.getRequestOrganization(this.props.account), Setting.isDefaultOrganizationSelected(this.props.account) ? "" : Setting.getRequestOrganization(this.props.account), params.pagination.current, params.pagination.pageSize, field, value, sortField, sortOrder)
+    PaymentBackend.getPayments(Setting.isDefaultOrganizationSelected(this.props.account) ? "" : Setting.getRequestOrganization(this.props.account), params.pagination.current, params.pagination.pageSize, field, value, sortField, sortOrder)
       .then((res) => {
         this.setState({
           loading: false,

web/src/PlanEditPage.js

@@ -197,22 +197,27 @@ class PlanEditPage extends React.Component {
         </Row>
         <Row style={{marginTop: "20px"}} >
           <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
-            {Setting.getLabel(i18next.t("plan:Price per month"), i18next.t("plan:Price per month - Tooltip"))} :
+            {Setting.getLabel(i18next.t("plan:Price"), i18next.t("plan:Price - Tooltip"))} :
           </Col>
           <Col span={22} >
-            <InputNumber value={this.state.plan.pricePerMonth} onChange={value => {
-              this.updatePlanField("pricePerMonth", value);
+            <InputNumber value={this.state.plan.price} onChange={value => {
+              this.updatePlanField("price", value);
             }} />
           </Col>
         </Row>
         <Row style={{marginTop: "20px"}} >
           <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
-            {Setting.getLabel(i18next.t("plan:Price per year"), i18next.t("plan:Price per year - Tooltip"))} :
+            {Setting.getLabel(i18next.t("plan:Period"), i18next.t("plan:Period - Tooltip"))} :
           </Col>
           <Col span={22} >
-            <InputNumber value={this.state.plan.pricePerYear} onChange={value => {
-              this.updatePlanField("pricePerYear", value);
-            }} />
+            <Select virtual={false} style={{width: "100%"}} value={this.state.plan.period} onChange={value => {
+              this.updatePlanField("period", value);
+            }}
+            options={[
+              {value: "Monthly", label: "Monthly"},
+              {value: "Yearly", label: "Yearly"},
+            ]}
+            />
           </Col>
         </Row>
         <Row style={{marginTop: "20px"}} >

web/src/PlanListPage.js

@@ -32,9 +32,9 @@ class PlanListPage extends BaseListPage {
       createdTime: moment().format(),
       displayName: `New Plan - ${randomName}`,
       description: "",
-      pricePerMonth: 10,
-      pricePerYear: 100,
+      price: 10,
       currency: "USD",
+      period: "Monthly",
       isEnabled: true,
       paymentProviders: [],
       role: "",
@@ -136,18 +136,18 @@ class PlanListPage extends BaseListPage {
         ...this.getColumnSearchProps("currency"),
       },
       {
-        title: i18next.t("plan:Price per month"),
-        dataIndex: "pricePerMonth",
-        key: "pricePerMonth",
+        title: i18next.t("plan:Price"),
+        dataIndex: "price",
+        key: "price",
         width: "130px",
-        ...this.getColumnSearchProps("pricePerMonth"),
+        ...this.getColumnSearchProps("price"),
       },
       {
-        title: i18next.t("plan:Price per year"),
-        dataIndex: "pricePerYear",
-        key: "pricePerYear",
+        title: i18next.t("plan:Period"),
+        dataIndex: "period",
+        key: "period",
         width: "130px",
-        ...this.getColumnSearchProps("pricePerYear"),
+        ...this.getColumnSearchProps("period"),
       },
       {
         title: i18next.t("general:Role"),

web/src/ProductBuyPage.js

@@ -76,11 +76,10 @@ class ProductBuyPage extends React.Component {
           throw new Error(res.msg);
         }
         const plan = res.data;
-        const productName = plan.product;
         await this.setStateAsync({
           pricing: pricing,
           plan: plan,
-          productName: productName,
+          productName: plan.product,
         });
         this.onUpdatePricing(pricing);
       }

web/src/ProductEditPage.js

@@ -98,6 +98,7 @@ class ProductEditPage extends React.Component {
   }
 
   renderProduct() {
+    const isCreatedByPlan = this.state.product.tag === "auto_created_product_for_plan";
     return (
       <Card size="small" title={
         <div>
@@ -107,12 +108,24 @@ class ProductEditPage extends React.Component {
           {this.state.mode === "add" ? <Button style={{marginLeft: "20px"}} onClick={() => this.deleteProduct()}>{i18next.t("general:Cancel")}</Button> : null}
         </div>
       } style={(Setting.isMobile()) ? {margin: "5px"} : {}} type="inner">
+        <Row style={{marginTop: "10px"}} >
+          <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
+            {Setting.getLabel(i18next.t("general:Organization"), i18next.t("general:Organization - Tooltip"))} :
+          </Col>
+          <Col span={22} >
+            <Select virtual={false} style={{width: "100%"}} disabled={!Setting.isAdminUser(this.props.account) || isCreatedByPlan} value={this.state.product.owner} onChange={(value => {this.updateProductField("owner", value);})}>
+              {
+                this.state.organizations.map((organization, index) => <Option key={index} value={organization.name}>{organization.name}</Option>)
+              }
+            </Select>
+          </Col>
+        </Row>
         <Row style={{marginTop: "20px"}} >
           <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
             {Setting.getLabel(i18next.t("general:Name"), i18next.t("general:Name - Tooltip"))} :
           </Col>
           <Col span={22} >
-            <Input value={this.state.product.name} onChange={e => {
+            <Input value={this.state.product.name} disabled={isCreatedByPlan} onChange={e => {
               this.updateProductField("name", e.target.value);
             }} />
           </Col>
@@ -127,18 +140,6 @@ class ProductEditPage extends React.Component {
             }} />
           </Col>
         </Row>
-        <Row style={{marginTop: "20px"}} >
-          <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
-            {Setting.getLabel(i18next.t("general:Organization"), i18next.t("general:Organization - Tooltip"))} :
-          </Col>
-          <Col span={22} >
-            <Select virtual={false} style={{width: "100%"}} disabled={!Setting.isAdminUser(this.props.account)} value={this.state.product.owner} onChange={(value => {this.updateProductField("owner", value);})}>
-              {
-                this.state.organizations.map((organization, index) => <Option key={index} value={organization.name}>{organization.name}</Option>)
-              }
-            </Select>
-          </Col>
-        </Row>
         <Row style={{marginTop: "20px"}} >
           <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
             {Setting.getLabel(i18next.t("product:Image"), i18next.t("product:Image - Tooltip"))} :
@@ -171,7 +172,7 @@ class ProductEditPage extends React.Component {
             {Setting.getLabel(i18next.t("user:Tag"), i18next.t("product:Tag - Tooltip"))} :
           </Col>
           <Col span={22} >
-            <Input value={this.state.product.tag} onChange={e => {
+            <Input value={this.state.product.tag} disabled={isCreatedByPlan} onChange={e => {
               this.updateProductField("tag", e.target.value);
             }} />
           </Col>
@@ -201,7 +202,7 @@ class ProductEditPage extends React.Component {
             {Setting.getLabel(i18next.t("payment:Currency"), i18next.t("payment:Currency - Tooltip"))} :
           </Col>
           <Col span={22} >
-            <Select virtual={false} style={{width: "100%"}} value={this.state.product.currency} onChange={(value => {
+            <Select virtual={false} style={{width: "100%"}} value={this.state.product.currency} disabled={isCreatedByPlan} onChange={(value => {
               this.updateProductField("currency", value);
             })}>
               {
@@ -218,7 +219,7 @@ class ProductEditPage extends React.Component {
             {Setting.getLabel(i18next.t("product:Price"), i18next.t("product:Price - Tooltip"))} :
           </Col>
           <Col span={22} >
-            <InputNumber value={this.state.product.price} onChange={value => {
+            <InputNumber value={this.state.product.price} disabled={isCreatedByPlan} onChange={value => {
               this.updateProductField("price", value);
             }} />
           </Col>
@@ -228,7 +229,7 @@ class ProductEditPage extends React.Component {
             {Setting.getLabel(i18next.t("product:Quantity"), i18next.t("product:Quantity - Tooltip"))} :
           </Col>
           <Col span={22} >
-            <InputNumber value={this.state.product.quantity} onChange={value => {
+            <InputNumber value={this.state.product.quantity} disabled={isCreatedByPlan} onChange={value => {
               this.updateProductField("quantity", value);
             }} />
           </Col>
@@ -238,7 +239,7 @@ class ProductEditPage extends React.Component {
             {Setting.getLabel(i18next.t("product:Sold"), i18next.t("product:Sold - Tooltip"))} :
           </Col>
           <Col span={22} >
-            <InputNumber value={this.state.product.sold} onChange={value => {
+            <InputNumber value={this.state.product.sold} disabled={isCreatedByPlan} onChange={value => {
               this.updateProductField("sold", value);
             }} />
           </Col>
@@ -248,7 +249,7 @@ class ProductEditPage extends React.Component {
             {Setting.getLabel(i18next.t("product:Payment providers"), i18next.t("product:Payment providers - Tooltip"))} :
           </Col>
           <Col span={22} >
-            <Select virtual={false} mode="multiple" style={{width: "100%"}} value={this.state.product.providers} onChange={(value => {this.updateProductField("providers", value);})}>
+            <Select virtual={false} mode="multiple" style={{width: "100%"}} disabled={isCreatedByPlan} value={this.state.product.providers} onChange={(value => {this.updateProductField("providers", value);})}>
               {
                 this.state.providers.map((provider, index) => <Option key={index} value={provider.name}>{provider.name}</Option>)
               }
@@ -312,7 +313,7 @@ class ProductEditPage extends React.Component {
 
   submitProductEdit(willExist) {
     const product = Setting.deepCopy(this.state.product);
-    ProductBackend.updateProduct(this.state.product.owner, this.state.productName, product)
+    ProductBackend.updateProduct(this.state.organizationName, this.state.productName, product)
       .then((res) => {
         if (res.status === "ok") {
           Setting.showMessage("success", i18next.t("general:Successfully saved"));

web/src/ProductListPage.js

@@ -253,11 +253,13 @@ class ProductListPage extends BaseListPage {
         width: "230px",
         fixed: (Setting.isMobile()) ? "false" : "right",
         render: (text, record, index) => {
+          const isCreatedByPlan = record.tag === "auto_created_product_for_plan";
           return (
             <div>
               <Button style={{marginTop: "10px", marginBottom: "10px", marginRight: "10px"}} onClick={() => this.props.history.push(`/products/${record.owner}/${record.name}/buy`)}>{i18next.t("product:Buy")}</Button>
               <Button style={{marginTop: "10px", marginBottom: "10px", marginRight: "10px"}} type="primary" onClick={() => this.props.history.push(`/products/${record.owner}/${record.name}`)}>{i18next.t("general:Edit")}</Button>
               <PopconfirmModal
+                disabled={isCreatedByPlan}
                 title={i18next.t("general:Sure to delete") + `: ${record.name} ?`}
                 onConfirm={() => this.deleteProduct(index)}
               >

web/src/ProviderEditPage.js

@@ -406,7 +406,6 @@ class ProviderEditPage extends React.Component {
                 this.updateProviderField("type", "Twilio SMS");
               } else if (value === "Storage") {
                 this.updateProviderField("type", "AWS S3");
-                this.updateProviderField("domain", Setting.getFullServerUrl());
               } else if (value === "SAML") {
                 this.updateProviderField("type", "Keycloak");
               } else if (value === "Payment") {

web/src/Setting.js

@@ -32,7 +32,8 @@ export const ServerUrl = "";
 
 export const StaticBaseUrl = "https://cdn.casbin.org";
 
-export const Countries = [{label: "English", key: "en", country: "US", alt: "English"},
+export const Countries = [
+  {label: "English", key: "en", country: "US", alt: "English"},
   {label: "Español", key: "es", country: "ES", alt: "Español"},
   {label: "Français", key: "fr", country: "FR", alt: "Français"},
   {label: "Deutsch", key: "de", country: "DE", alt: "Deutsch"},
@@ -42,13 +43,19 @@ export const Countries = [{label: "English", key: "en", country: "US", alt: "Eng
   {label: "한국어", key: "ko", country: "KR", alt: "한국어"},
   {label: "Русский", key: "ru", country: "RU", alt: "Русский"},
   {label: "TiếngViệt", key: "vi", country: "VN", alt: "TiếngViệt"},
-  {label: "Português", key: "pt", country: "BR", alt: "Português"},
-  {label: "Itariano", key: "it", country: "IT", alt: "Itariano"},
-  {label: "Marley", key: "ms", country: "MY", alt: "Marley"},
-  {label: "Tkiš", key: "tr", country: "TR", alt: "Tkiš"},
-  {label: "لغة عربية", key: "ar", country: "DZ", alt: "لغة عربية"},
+  {label: "Português", key: "pt", country: "PT", alt: "Português"},
+  {label: "Italiano", key: "it", country: "IT", alt: "Italiano"},
+  {label: "Malay", key: "ms", country: "MY", alt: "Malay"},
+  {label: "Türkçe", key: "tr", country: "TR", alt: "Türkçe"},
+  {label: "لغة عربية", key: "ar", country: "SA", alt: "لغة عربية"},
   {label: "עִבְרִית", key: "he", country: "IL", alt: "עִבְרִית"},
-  {label: "Filipino", key: "fi", country: "PH", alt: "Filipino"},
+  {label: "Nederlands", key: "nl", country: "NL", alt: "Nederlands"},
+  {label: "Polski", key: "pl", country: "PL", alt: "Polski"},
+  {label: "Suomi", key: "fi", country: "FI", alt: "Suomi"},
+  {label: "Svenska", key: "sv", country: "SE", alt: "Svenska"},
+  {label: "Українська", key: "uk", country: "UA", alt: "Українська"},
+  {label: "Қазақ", key: "kk", country: "KZ", alt: "Қазақ"},
+  {label: "فارسی", key: "fa", country: "IR", alt: "فارسی"},
 ];
 
 export function getThemeData(organization, application) {

web/src/SubscriptionEditPage.js

@@ -14,7 +14,7 @@
 
 import moment from "moment";
 import React from "react";
-import {Button, Card, Col, DatePicker, Input, InputNumber, Row, Select} from "antd";
+import {Button, Card, Col, DatePicker, Input, Row, Select} from "antd";
 import * as OrganizationBackend from "./backend/OrganizationBackend";
 import * as PricingBackend from "./backend/PricingBackend";
 import * as PlanBackend from "./backend/PlanBackend";
@@ -171,16 +171,6 @@ class SubscriptionEditPage extends React.Component {
             }} />
           </Col>
         </Row>
-        <Row style={{marginTop: "20px"}} >
-          <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
-            {Setting.getLabel(i18next.t("subscription:Duration"), i18next.t("subscription:Duration - Tooltip"))}
-          </Col>
-          <Col span={22} >
-            <InputNumber value={this.state.subscription.duration} onChange={value => {
-              this.updateSubscriptionField("duration", value);
-            }} />
-          </Col>
-        </Row>
         <Row style={{marginTop: "20px"}} >
           <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
             {Setting.getLabel(i18next.t("subscription:Start time"), i18next.t("subscription:Start time - Tooltip"))}
@@ -201,6 +191,23 @@ class SubscriptionEditPage extends React.Component {
             }} />
           </Col>
         </Row>
+        <Row style={{marginTop: "20px"}} >
+          <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
+            {Setting.getLabel(i18next.t("plan:Period"), i18next.t("plan:Period - Tooltip"))} :
+          </Col>
+          <Col span={22} >
+            <Select
+              defaultValue={this.state.subscription.period === "" ? "Monthly" : this.state.subscription.period}
+              onChange={value => {
+                this.updateSubscriptionField("period", value);
+              }}
+              options={[
+                {value: "Monthly", label: "Monthly"},
+                {value: "Yearly", label: "Yearly"},
+              ]}
+            />
+          </Col>
+        </Row>
         <Row style={{marginTop: "20px"}} >
           <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
             {Setting.getLabel(i18next.t("general:User"), i18next.t("general:User - Tooltip"))} :

web/src/SubscriptionListPage.js

@@ -27,7 +27,6 @@ class SubscriptionListPage extends BaseListPage {
   newSubscription() {
     const randomName = Setting.getRandomName();
     const owner = Setting.getRequestOrganization(this.props.account);
-    const defaultDuration = 30;
 
     return {
       owner: owner,
@@ -35,8 +34,8 @@ class SubscriptionListPage extends BaseListPage {
       createdTime: moment().format(),
       displayName: `New Subscription - ${randomName}`,
       startTime: moment().format(),
-      endTime: moment().add(defaultDuration, "d").format(),
-      duration: defaultDuration,
+      endTime: moment().add(30, "d").format(),
+      period: "Monthly",
       description: "",
       user: "",
       plan: "",
@@ -130,11 +129,11 @@ class SubscriptionListPage extends BaseListPage {
         ...this.getColumnSearchProps("displayName"),
       },
       {
-        title: i18next.t("subscription:Duration"),
-        dataIndex: "duration",
-        key: "duration",
+        title: i18next.t("subscription:Period"),
+        dataIndex: "period",
+        key: "period",
         width: "140px",
-        ...this.getColumnSearchProps("duration"),
+        ...this.getColumnSearchProps("period"),
       },
       {
         title: i18next.t("subscription:Start time"),
@@ -150,20 +149,6 @@ class SubscriptionListPage extends BaseListPage {
         width: "140px",
         ...this.getColumnSearchProps("endTime"),
       },
-      {
-        title: i18next.t("general:Pricing"),
-        dataIndex: "pricing",
-        key: "pricing",
-        width: "140px",
-        ...this.getColumnSearchProps("pricing"),
-        render: (text, record, index) => {
-          return (
-            <Link to={`/pricings/${record.owner}/${text}`}>
-              {text}
-            </Link>
-          );
-        },
-      },
       {
         title: i18next.t("general:Plan"),
         dataIndex: "plan",

web/src/TourConfig.js

@@ -218,6 +218,12 @@ export function getNextButtonChild(nextPathName) {
     : "Finish";
 }
 
-export function getSteps(pathName = window.location.pathname) {
-  return TourObj[(pathName.replace("/", ""))];
+export function getSteps() {
+  const path = window.location.pathname.replace("/", "");
+  const res = TourObj[path];
+  if (res === undefined) {
+    return [];
+  } else {
+    return res;
+  }
 }

web/src/UserEditPage.js

@@ -402,7 +402,7 @@ class UserEditPage extends React.Component {
             {Setting.getLabel(i18next.t("general:Password"), i18next.t("general:Password - Tooltip"))} :
           </Col>
           <Col span={22} >
-            <PasswordModal user={this.state.user} organization={this.getUserOrganization()} account={this.props.account} disabled={disabled} />
+            <PasswordModal user={this.state.user} userName={this.state.userName} organization={this.getUserOrganization()} account={this.props.account} disabled={disabled} />
           </Col>
         </Row>
       );

web/src/auth/SignupPage.js

@@ -179,7 +179,6 @@ class SignupPage extends React.Component {
     const params = new URLSearchParams(window.location.search);
     values.plan = params.get("plan");
     values.pricing = params.get("pricing");
-
     AuthBackend.signup(values)
       .then((res) => {
         if (res.status === "ok") {

web/src/auth/Web3Auth.js

@@ -303,7 +303,7 @@ export function initWeb3Onboard(application, provider) {
     description: "Connect a wallet using Casdoor",
     recommendedInjectedWallets: [
       {name: "MetaMask", url: "https://metamask.io"},
-      {name: "Coinbase", url: "https://wallet.coinbase.com/"},
+      {name: "Coinbase", url: "https://www.coinbase.com/wallet"},
     ],
   };
 

web/src/backend/PaymentBackend.js

@@ -14,8 +14,8 @@
 
 import * as Setting from "../Setting";
 
-export function getPayments(owner, organization, page = "", pageSize = "", field = "", value = "", sortField = "", sortOrder = "") {
-  return fetch(`${Setting.ServerUrl}/api/get-payments?owner=${owner}&organization=${organization}&p=${page}&pageSize=${pageSize}&field=${field}&value=${value}&sortField=${sortField}&sortOrder=${sortOrder}`, {
+export function getPayments(owner, page = "", pageSize = "", field = "", value = "", sortField = "", sortOrder = "") {
+  return fetch(`${Setting.ServerUrl}/api/get-payments?owner=${owner}&p=${page}&pageSize=${pageSize}&field=${field}&value=${value}&sortField=${sortField}&sortOrder=${sortOrder}`, {
     method: "GET",
     credentials: "include",
     headers: {

web/src/common/OpenTour.js

@@ -26,13 +26,23 @@ class OpenTour extends React.Component {
     };
   }
 
+  canTour = () => {
+    const path = window.location.pathname.replace("/", "");
+    return TourConfig.TourUrlList.indexOf(path) !== -1 || path === "";
+  };
+
   render() {
     return (
-      <Tooltip title="Click to enable the help wizard">
+      this.canTour() ?
+        <Tooltip title="Click to enable the help wizard.">
           <div className="select-box" style={{display: Setting.isMobile() ? "none" : null, ...this.props.style}} onClick={() => TourConfig.setIsTourVisible(true)} >
             <QuestionCircleOutlined style={{fontSize: "24px", color: "#4d4d4d"}} />
           </div>
         </Tooltip>
+        :
+        <div className="select-box" style={{display: Setting.isMobile() ? "none" : null, cursor: "not-allowed", ...this.props.style}} >
+          <QuestionCircleOutlined style={{fontSize: "24px", color: "#adadad"}} />
+        </div>
     );
   }
 }

web/src/common/modal/PasswordModal.js

@@ -26,6 +26,7 @@ export const PasswordModal = (props) => {
   const [newPassword, setNewPassword] = React.useState("");
   const [rePassword, setRePassword] = React.useState("");
   const {user} = props;
+  const {userName} = props;
   const {organization} = props;
   const {account} = props;
 
@@ -90,7 +91,7 @@ export const PasswordModal = (props) => {
       return;
     }
 
-    UserBackend.setPassword(user.owner, user.name, oldPassword, newPassword)
+    UserBackend.setPassword(user.owner, userName, oldPassword, newPassword)
       .then((res) => {
         if (res.status === "ok") {
           Setting.showMessage("success", i18next.t("user:Password set successfully"));

web/src/i18n.js

@@ -29,7 +29,13 @@ import ms from "./locales/ms/data.json";
 import tr from "./locales/tr/data.json";
 import ar from "./locales/ar/data.json";
 import he from "./locales/he/data.json";
+import nl from "./locales/nl/data.json";
+import pl from "./locales/pl/data.json";
 import fi from "./locales/fi/data.json";
+import sv from "./locales/sv/data.json";
+import uk from "./locales/uk/data.json";
+import kk from "./locales/kk/data.json";
+import fa from "./locales/fa/data.json";
 import * as Conf from "./Conf";
 import {initReactI18next} from "react-i18next";
 
@@ -50,7 +56,13 @@ const resources = {
   tr: tr,
   ar: ar,
   he: he,
+  nl: nl,
+  pl: pl,
   fi: fi,
+  sv: sv,
+  uk: uk,
+  kk: kk,
+  fa: fa,
 };
 
 function initLanguage() {
@@ -115,9 +127,27 @@ function initLanguage() {
       case "he":
         language = "he";
         break;
+      case "nl":
+        language = "nl";
+        break;
+      case "pl":
+        language = "pl";
+        break;
       case "fi":
         language = "fi";
         break;
+      case "sv":
+        language = "sv";
+        break;
+      case "uk":
+        language = "uk";
+        break;
+      case "kk":
+        language = "kk";
+        break;
+      case "fa":
+        language = "fa";
+        break;
       default:
         language = Conf.DefaultLanguage;
       }

web/src/pricing/PricingPage.js

@@ -13,7 +13,7 @@
 // limitations under the License.
 
 import React from "react";
-import {Card, Col, Row} from "antd";
+import {Card, Col, Radio, Row} from "antd";
 import * as PricingBackend from "../backend/PricingBackend";
 import * as PlanBackend from "../backend/PlanBackend";
 import CustomGithubCorner from "../common/CustomGithubCorner";
@@ -33,6 +33,8 @@ class PricingPage extends React.Component {
       userName: params.get("user"),
       pricing: props.pricing,
       plans: null,
+      periods: null,
+      selectedPeriod: null,
       loading: false,
     };
   }
@@ -73,8 +75,12 @@ class PricingPage extends React.Component {
           Setting.showMessage("error", i18next.t("pricing:Failed to get plans"));
           return;
         }
+        const plans = results.map(result => result.data);
+        const periods = [... new Set(plans.map(plan => plan.period).filter(period => period !== ""))];
         this.setState({
-          plans: results.map(result => result.data),
+          plans: plans,
+          periods: periods,
+          selectedPeriod: periods?.[0],
           loading: false,
         });
       })
@@ -84,10 +90,9 @@ class PricingPage extends React.Component {
   }
 
   loadPricing(pricingName) {
-    if (pricingName === undefined) {
+    if (!pricingName) {
       return;
     }
-
     PricingBackend.getPricing(this.state.owner, pricingName)
       .then((res) => {
         if (res.status === "error") {
@@ -106,8 +111,31 @@ class PricingPage extends React.Component {
     this.props.onUpdatePricing(pricing);
   }
 
-  renderCards() {
+  renderSelectPeriod() {
+    if (!this.state.periods || this.state.periods.length <= 1) {
+      return null;
+    }
+    return (
+      <Radio.Group
+        value={this.state.selectedPeriod}
+        size="large"
+        buttonStyle="solid"
+        onChange={e => {
+          this.setState({selectedPeriod: e.target.value});
+        }}
+      >
+        {
+          this.state.periods.map(period => {
+            return (
+              <Radio.Button key={period} value={period}>{period}</Radio.Button>
+            );
+          })
+        }
+      </Radio.Group>
+    );
+  }
 
+  renderCards() {
     const getUrlByPlan = (planName) => {
       const pricing = this.state.pricing;
       let signUpUrl = `/signup/${pricing.application}?plan=${planName}&pricing=${pricing.name}`;
@@ -122,9 +150,9 @@ class PricingPage extends React.Component {
         <Card style={{border: "none"}} bodyStyle={{padding: 0}}>
           {
             this.state.plans.map(item => {
-              return (
+              return item.period === this.state.selectedPeriod ? (
                 <SingleCard link={getUrlByPlan(item.name)} key={item.name} plan={item} isSingle={this.state.plans.length === 1} />
-              );
+              ) : null;
             })
           }
         </Card>
@@ -135,9 +163,9 @@ class PricingPage extends React.Component {
           <Row style={{justifyContent: "center"}} gutter={24}>
             {
               this.state.plans.map(item => {
-                return (
+                return item.period === this.state.selectedPeriod ? (
                   <SingleCard style={{marginRight: "5px", marginLeft: "5px"}} link={getUrlByPlan(item.name)} key={item.name} plan={item} isSingle={this.state.plans.length === 1} />
-                );
+                ) : null;
               })
             }
           </Row>
@@ -161,6 +189,13 @@ class PricingPage extends React.Component {
             <div className="login-form">
               <h1 style={{fontSize: "48px", marginTop: "0px", marginBottom: "15px"}}>{pricing.displayName}</h1>
               <span style={{fontSize: "20px"}}>{pricing.description}</span>
+              <Row style={{width: "100%", marginTop: "40px"}}>
+                <Col span={24} style={{display: "flex", justifyContent: "center"}} >
+                  {
+                    this.renderSelectPeriod()
+                  }
+                </Col>
+              </Row>
               <Row style={{width: "100%", marginTop: "40px"}}>
                 <Col span={24} style={{display: "flex", justifyContent: "center"}} >
                   {

web/src/pricing/SingleCard.js

@@ -14,7 +14,7 @@
 
 import i18next from "i18next";
 import React from "react";
-import {Button, Card, Col} from "antd";
+import {Button, Card, Col, Row} from "antd";
 import * as Setting from "../Setting";
 import {withRouter} from "react-router-dom";
 
@@ -37,17 +37,21 @@ class SingleCard extends React.Component {
           style={isSingle ? {width: "320px", height: "100%"} : {width: "100%", height: "100%", paddingTop: "0px"}}
           title={<h2>{plan.displayName}</h2>}
         >
+          <Col>
+            <Row>
               <div style={{textAlign: "left"}} className="px-10 mt-5">
-            <span style={{fontSize: "40px", fontWeight: 700}}>{Setting.getCurrencySymbol(plan.currency)} {plan.pricePerMonth}</span>
-            <span style={{fontSize: "18px", fontWeight: 600, color: "gray"}}>  {i18next.t("plan:per month")}</span>
+                <span style={{fontSize: "40px", fontWeight: 700}}>{Setting.getCurrencySymbol(plan.currency)} {plan.price}</span>
+                <span style={{fontSize: "18px", fontWeight: 600, color: "gray"}}> {plan.period === "Yearly" ? i18next.t("plan:per year") : i18next.t("plan:per month")}</span>
               </div>
+            </Row>
 
-          <br />
+            <Row style={{height: "90px", paddingTop: "15px"}}>
               <div style={{textAlign: "left", fontSize: "18px"}}>
                 <Meta description={plan.description} />
               </div>
-          <br />
-          <ul style={{listStyleType: "none", paddingLeft: "0px", textAlign: "left"}}>
+            </Row>
+
+            {/* <ul style={{listStyleType: "none", paddingLeft: "0px", textAlign: "left"}}>
               {(plan.options ?? []).map((option) => {
               // eslint-disable-next-line react/jsx-key
                 return <li>
@@ -58,15 +62,16 @@ class SingleCard extends React.Component {
                   <span style={{fontSize: "16px"}}>{option}</span>
                 </li>;
               })}
-          </ul>
-          <div style={{minHeight: "60px"}}>
+            </ul> */}
 
-          </div>
-          <Button style={{width: "100%", position: "absolute", height: "50px", borderRadius: "0px", bottom: "0", left: "0"}} type="primary" key="subscribe" onClick={() => window.location.href = link}>
+            <Row style={{paddingTop: "15px"}}>
+              <Button style={{width: "100%", height: "50px", borderRadius: "0px", bottom: "0", left: "0"}} type="primary" key="subscribe" onClick={() => window.location.href = link}>
                 {
                   i18next.t("pricing:Getting started")
                 }
               </Button>
+            </Row>
+          </Col>
         </Card>
       </Col>
     );

web/src/table/PolicyTable.js

@@ -41,7 +41,7 @@ class PolicyTable extends React.Component {
   }
 
   UNSAFE_componentWillMount() {
-    if (this.props.mode === "edit") {
+    if (this.props.mode === "edit" && this.props.enforcer.adapter !== "") {
       this.getPolicies();
     }
   }
@@ -105,7 +105,7 @@ class PolicyTable extends React.Component {
     AdapterBackend.getPolicies(this.props.enforcer.owner, this.props.enforcer.name)
       .then((res) => {
         if (res.status === "ok") {
-          Setting.showMessage("success", i18next.t("adapter:Sync policies successfully"));
+          // Setting.showMessage("success", i18next.t("adapter:Sync policies successfully"));
 
           const policyList = res.data;
           policyList.map((policy, index) => {
@@ -175,7 +175,7 @@ class PolicyTable extends React.Component {
         render: (text, record, index) => {
           const editing = this.isEditing(index);
           return (
-            editing ?
+            (editing && this.props.modelCfg) ?
               <Select size={"small"} style={{width: "60px"}} options={Object.keys(this.props.modelCfg).reverse().map(item => Setting.getOption(item, item))} value={text} onChange={value => {
                 this.updateField(table, index, "Ptype", value);
               }} />
@@ -186,7 +186,7 @@ class PolicyTable extends React.Component {
     ];
 
     const columnKeys = ["V0", "V1", "V2", "V3", "V4", "V5"];
-    const columnTitles = this.props.modelCfg["p"].split(",");
+    const columnTitles = this.props.modelCfg ? this.props.modelCfg["p"].split(",") : columnKeys;
     columnTitles.forEach((title, i) => {
       columns.push({
         title: title,
@@ -209,7 +209,7 @@ class PolicyTable extends React.Component {
       title: i18next.t("general:Action"),
       dataIndex: "",
       key: "op",
-      width: "130px",
+      width: "150px",
       render: (text, record, index) => {
         const editable = this.isEditing(index);
         return editable ? (
@@ -247,7 +247,7 @@ class PolicyTable extends React.Component {
         loading={this.state.loading}
         title={() => (
           <div>
-            <Button disabled={this.state.editingIndex !== "" || Setting.builtInObject(this.props.enforcer)} style={{marginRight: "5px"}} type="primary" size="small" onClick={() => this.addRow(table)}>{i18next.t("general:Add")}</Button>
+            <Button disabled={this.state.editingIndex !== "" || this.props.enforcer.model === "" || this.props.enforcer.adapter === "" || Setting.builtInObject(this.props.enforcer)} style={{marginRight: "5px"}} type="primary" size="small" onClick={() => this.addRow(table)}>{i18next.t("general:Add")}</Button>
           </div>
         )}
       />
@@ -257,7 +257,7 @@ class PolicyTable extends React.Component {
   render() {
     return (
       <React.Fragment>
-        <Button style={{marginBottom: "10px", width: "150px"}} type="primary" disabled={this.state.editingIndex !== ""} onClick={() => {this.getPolicies();}}>
+        <Button disabled={this.state.editingIndex !== "" || this.props.enforcer.model === "" || this.props.enforcer.adapter === ""} style={{marginBottom: "10px", width: "150px"}} type="primary" onClick={() => {this.getPolicies();}}>
           {i18next.t("general:Sync")}
         </Button>
         {