feat(auth): conditionally enable user signup and access token generation based on access token login status

2 months ago · 32b6903475
3 changed files with 26 additions and 18 deletions
--- a/apps/client/src/app/components/admin-overview/admin-overview.html
+++ b/apps/client/src/app/components/admin-overview/admin-overview.html
@ -30,6 +30,7 @@
              }
            </div>
          </div>
          @if (info?.isAccessTokenLoginEnabled !== false) {
            <div class="d-flex my-3">
              <div class="w-50" i18n>User Signup</div>
              <div class="w-50">
@ -37,12 +38,15 @@
                  color="primary"
                  hideIcon="true"
                  [checked]="
-                  info.globalPermissions.includes(permissions.createUserAccount)
+                    info.globalPermissions.includes(
                      permissions.createUserAccount
                    )
                  "
                  (change)="onEnableUserSignupModeChange($event)"
                />
              </div>
            </div>
          }
          @if (hasPermissionToToggleReadOnlyMode) {
            <div class="d-flex my-3">
              <div class="w-50" i18n>Read-only Mode</div>
--- a/apps/client/src/app/components/admin-users/admin-users.html
+++ b/apps/client/src/app/components/admin-users/admin-users.html
@ -235,6 +235,7 @@
                }
                <button
                  mat-menu-item
                  [disabled]="info?.isAccessTokenLoginEnabled === false"
                  (click)="onGenerateAccessToken(element.id)"
                >
                  <span class="align-items-center d-flex">
--- a/apps/client/src/app/components/user-account-access/user-account-access.component.ts
+++ b/apps/client/src/app/components/user-account-access/user-account-access.component.ts
@ -5,7 +5,7 @@ import { NotificationService } from '@ghostfolio/client/core/notification/notifi
 import { DataService } from '@ghostfolio/client/services/data.service';
 import { TokenStorageService } from '@ghostfolio/client/services/token-storage.service';
 import { UserService } from '@ghostfolio/client/services/user/user.service';
-import { Access, User } from '@ghostfolio/common/interfaces';
+import { Access, InfoItem, User } from '@ghostfolio/common/interfaces';
 import { hasPermission, permissions } from '@ghostfolio/common/permissions';
 import { GfPremiumIndicatorComponent } from '@ghostfolio/ui/premium-indicator';
@ -59,6 +59,7 @@ export class GfUserAccountAccessComponent implements OnDestroy, OnInit {
  public hasPermissionToCreateAccess: boolean;
  public hasPermissionToDeleteAccess: boolean;
  public hasPermissionToUpdateOwnAccessToken: boolean;
  public info: InfoItem;
  public isAccessTokenHidden = true;
  public updateOwnAccessTokenForm = this.formBuilder.group({
    accessToken: ['', Validators.required]
@ -79,7 +80,8 @@ export class GfUserAccountAccessComponent implements OnDestroy, OnInit {
    private tokenStorageService: TokenStorageService,
    private userService: UserService
  ) {
-    const { globalPermissions } = this.dataService.fetchInfo();
+    this.info = this.dataService.fetchInfo();
    const { globalPermissions } = this.info;
    this.hasPermissionToDeleteAccess = hasPermission(
      globalPermissions,
@ -102,10 +104,11 @@ export class GfUserAccountAccessComponent implements OnDestroy, OnInit {
            permissions.deleteAccess
          );
-          this.hasPermissionToUpdateOwnAccessToken = hasPermission(
+          this.hasPermissionToUpdateOwnAccessToken =
            hasPermission(
              this.user.permissions,
              permissions.updateOwnAccessToken
-          );
+            ) && this.info?.isAccessTokenLoginEnabled !== false;
          this.changeDetectorRef.markForCheck();
        }