Page Comparison

We are looking at this feature as the first candidate to leverage the new ‘properties’ concept that Joram Wilander has been working on.

Figma Design - Figma Prototype - Loom Demo Video

Configuring custom user properties

In the system console, a new view is proposed under Site Configuration > System properties. This will house configuration for customizing properties for users, messages, and cards.

To start, we’ll focus on user properties. Below is the view for configuring these properties.

User Property Types

Locked
- Locked properties can not be:
  - Renamed
  - Reordered
  - Deleted
  - changed in Visibility
- Everything other option remains the same as in default properties.
Unlocked
- User can reorder, delete, and rename these properties.

Property Options

Image Added

Rename:Sets focus on the name cell
Edit property type: Sets focus on the type cell and shows the type menu
Visibility: Choose whether the property shows in user profiles. Available options are:
- Always show
- Always hide
  - This hides the property from the profile popovers for all users.
- Hide when empty (default)
  - This hides the property when its empty from the profile popovers.
Duplicate property: Creates a copy of the property with the same configuration and adds to the bottom of the table. Appends ‘2’ to the end of the property name.
Delete property: Removes the property from the list.

Locked user properties

Every Mattermost server has as set of standard user properties. These properties cannot be removed.

Profile Image (no visibility options)
Full Name (visibility default: Always show)
Username (visibility default: Always show)
Email (visibility default: Hide when empty)
ID (visibility default: Always hide)

The following configuration can be changed available for standard user properties

Visibility - admins can hide/show the property from user profiles (see below)Link/unlink SAML or ADLDAP (if setup)

Unlocked user properties

Default unlocked user properties

By default, the following optional properties ship with user profiles. These properties can be removed or edited as needed. Additional properties can also be added here (see ‘Adding a new property’ below).

Nickname
Position

Adding a new user property

Users can click the + Add property button to add a new property to the system.

Re-ordering unlocked properties

Each row in the custom properties table can be dragged to re-order. Re-ordering here will change the order properties are displayed in the user profile.

Note
NOTE: Standard properties cannot be re-ordered.

Editing a property
Editing property name
Clicking on the property name in the table enables users to edit the name inline.
Note
Note: User property names must be unique.
Editing property type
Custom properties can be clicked to open up the types menu to change the property type. This menu is searchable.
Image Removed
.
We only provide the option to have 3 property types in the MVP:
Text
Phone
Email
If its easy to provide email and image since they are already used, we can consider them in the MVP.
Image Added
Editing property options
Admins can set predefined options for a property with Select, and Multi-Select property types. Admins can add and remove options directly in this configuration table.
More settings and actions
Image Removed
Rename:Sets focus on the name cell
Edit property type: Sets focus on the type cell and shows the type menu
Visibility: Choose whether the property shows in user profiles. Available options are:
Always show
Always hide
Hide when empty (default)
Allow new options: Choose whether end users can add new options for the property. This is only available for Select or Multi-Select property types.
Duplicate property: Creates a copy of the property with the same configuration and adds to the bottom of the table. Appends ‘2’ to the end of the property name.
Link to SAML or AD/LDAP: If SAML or ADLDAP are configured on the server, this option will be available and user properties can be linked.
Linking a property to SAML or AD/LDAP attribute
If the server is already configured with AD/LDAP or SAML sync, then the menu option to link a property becomes available.
Image Removed
LDAP and SAML can both be configured on the system and on properties. If so, we will show both options.
Image Removed
If “Enable Synchronizing SAML Accounts With AD/LDAP:” is turned on, we will still show both options, but those who are signing in with SAML will have their values inherited from AD/LDAP.
Here’s how the properties would behave depending on the various options turned on.
AD/LDAP SAML Table
AD/LDAP Enabled
SAML Enabled
Enable Synchronizing SAML Accounts With AD/LDAP
User login
Value State
Result
Yes
No
No
Via AD/LDAP
Attribute found in AD/LDAP
Values comes from AD/LDAP
Yes
Yes
No
Via AD/LDAP
Attribute found in AD/LDAP
Values comes from AD/LDAP
Yes
Yes
No
Via SAML
Attribute found in SAML
Value comes from SAML
Yes
Yes
Yes
Via SAML
Attribute found in SAML, and also in AD/LDAP
Value comes from AD/LDAP
Yes
Yes
Yes
Via SAML
Attribute found in SAML, but not in AD/LDAP
Value comes from SAML
Yes
Yes
Yes
Via SAML
Attribute found in SAML, but user as a whole does not exist in AD/LDAP
Value comes from SAML
Yes, but property linked only to SAML
Yes
Yes
Via SAML
If SAML attribute found in LDAP
Value comes from LDAP
Yes, but property linked only to SAML
Yes
Yes
Via SAML
If SAML attribute not found in LDAP
Value comes from SAML
Image Removed
Upon clicking this menu option, a modal opens to link the property with the AD/LDAP or SAML attribute.
Image Removed
When a value is entered, the attribute is checked and validated with AD/LDAP (or SAML).
Info
If there’s a way to add validation of attributes when configuring them, but that is additional work.
From Colton: It is a valid requirement from customers, as its case sensitive, its very error prone.
Image Removed
When a property is linked, it will show ‘Linked with AD/LDAP’ in the row
Image Removed
Once a property is linked, it can be edited or unlinked by clicking ‘Edit link to AD/LDAP’ in the menu which will open the modal to make changes.
Image Removed
How a linked property appears in the list
A user can also click any of the tags to go to the edit screen for that linkage..
Image Removed
If a property is no longer valid and was changed in SAML/LDAP.
We can try to show that property in red, identifying that it was unlinked, and when a person opens up the modal, we can show the error.
Image Removed
And clicking on it can open this.
Image Removed
Changes to current LDAP/SAML Configuration
Currently various profile attributes are being linked to SAML and LDAP using the various options mentioned on each page.
Info
Various attributes may already be synced on these pages, so we need to ensure that those are migrated once we switch these attributes to the System Properties page.
Image Removed
However, since we’ll be having the link option available in the System properties page, we do not need to duplicate these options there.
Thus, we will have a to add anchors to the new page.
Which can be done as follows:
AD/LDAP
Image Removed
SAML
Info
Also proposing we encapsulate everything in the SAML section in a white container like we have in AD/LDAP, even if it is just under one and not broken out.
Image Removed
Displaying custom properties in the profile popover
Webapp
Standard properties will have reserved slots in the popover, while custom properties will display directly below the ‘Email’ property.