Inviting staged users on a site with SSO enabled?

(Tobias Eigen) #1

I have a handful of staged users who got deleted (don’t ask) and now am seeking to bring them back. I created them originally by addressing new PMs to them, and thought I could bring them back by inviting them to their message again.

As it turns out, this is not possible now - the invite to message modal only allows entering usernames, not email addresses. I could imagine the ability to invite staged users to a message or topic being a very handy feature to add.

(Jeff Atwood) #2

Pretty sure that’s incorrect, we added the ability to invite email addresses a while back.

Specify email address in PM to field

is listed in the #releases notes for the 1.9 release.

(Tobias Eigen) #3

Thanks, Jeff. Looks like you are right! I guess I just didn’t wait that fraction of a second it takes for that blue select to pop up. The language maybe could be updated to reflect that email addresses can be entered into this field.

(Jeff Atwood) #4

Hmm yes perhaps we can change the copy there to add

Enter the username or email of the person you’d like to invite to this topic

But I am not sure under what conditions email can be added, this text might be used elsewhere, or email-as-target-of-PM might be conditional to trust level… I can’t remember … can you add this to your plate @jomaxro?

(Joshua Rosenfeld) #6

@tobiaseigen, I’m having some trouble reproducing this. Looking at the client.en.yml inviting a user to a private message should use the following text, not what you shared a screenshot of.

Invitee’s Email or Username

Any chance you customized the invite_private.email_or_username key? Here’s what I see here on Meta:

(Tobias Eigen) #7

maybe this has already been fixed on meta and try? on my site it still looks like my screenshot.

(Joshua Rosenfeld) #8

What version of Discourse are you running? Can you confirm that the text is the default (not customized) in /admin/customize/site_texts?q=invite_private.email_or_username

(Tobias Eigen) #9

it is the default - so far I have never changed the default text of discourse.

this is the version according to the dashboard: v2.0.0.beta10 +5


(Joshua Rosenfeld) #10

And you were definitely inviting a user to a PM, not a topic? Does your site use SSO?

(Tobias Eigen) #11

yes, our site uses SSO. and we are indeed inviting a user to a PM.

(Joshua Rosenfeld) #12

Ah! You cannot invite a user via email with SSO enabled. That would allow the invited user to bypass SSO.

(Tobias Eigen) #13

hmm… but I am doing it already. :slight_smile: it works.

(Joshua Rosenfeld) #14

Now I’m even more confused…

…when you invite these users to PMs, they can only participate as a staged user, right? They can’t actually log into the site?

(Joshua Rosenfeld) #15

Given that, I’m going to have to defer to @gerhard here. We’re getting into the complexities of SSO and staged users, and I don’t have a SSO-enabled site to test with.

(Tobias Eigen) #17

I did some more testing here on my own site and see that the message on the screen is actually correct. It is not possible to invite an email address even if it is (incorrectly) offered in the blue select popup.

But given that we have staged users now I think it should be possible to do this even on SSO sites, the same way it is possible to start a new message to a staged user.

(Tobias Eigen) #18

I just came across this issue again now, and had a thought. It’s occurring to me that it’s correct that you cannot invite an email address and create a staged user using the “invite to message” modal. It makes more sense to create the staged user by starting a separate PM to the email address. That way you can give the person some context.

Also, by default it doesn’t make sense to then invite staged user to a message or topic because they are not yet users and so can’t click to accept the invitation. So really this is working as expected.

However, as staff, I often miss the ability to simply add users (staged or not) to existing messages. A staff option on this modal to directly add users to the message, bypassing the invite message and acceptance step, would be handy.