fix(console): hide metadata on auth side if no user.read role present (#4512)

* check for role * require user.read for showing metadata section in auth-user * remove aggregate id from role check Co-authored-by: Livio Spring <livio.a@gmail.com>
2025-01-05 22:52:46 +00:00 · 2022-10-19 07:57:19 +02:00 · 2022-10-19 07:57:19 +02:00 · 0cb84523f9
commit 0cb84523f9
parent 556f381a5a
2 changed files with 29 additions and 20 deletions
--- a/console/src/app/modules/sidenav/sidenav.component.html
+++ b/console/src/app/modules/sidenav/sidenav.component.html
@ -30,8 +30,8 @@
            (click)="value = setting.id"
            *ngIf="
              !setting.requiredRoles ||
-              (setting.requiredRoles.mgmt && (setting.requiredRoles.mgmt | hasRole: true | async)) ||
-              (setting.requiredRoles.admin && (setting.requiredRoles.admin | hasRole: true | async))
+              (setting.requiredRoles.mgmt && (setting.requiredRoles.mgmt | hasRole | async)) ||
+              (setting.requiredRoles.admin && (setting.requiredRoles.admin | hasRole | async))
            "
            class="sidenav-setting-list-element hide-on-mobile"
            [ngClass]="{ active: currentSetting === setting.id, show: currentSetting === undefined }"
--- a/console/src/app/pages/users/user-detail/auth-user-detail/auth-user-detail.component.ts
+++ b/console/src/app/pages/users/user-detail/auth-user-detail/auth-user-detail.component.ts
@ -19,6 +19,7 @@ import { ManagementService } from 'src/app/services/mgmt.service';
 import { ToastService } from 'src/app/services/toast.service';
 import { Buffer } from 'buffer';
 import { EditDialogComponent, EditDialogType } from './edit-dialog/edit-dialog.component';
+import { PolicyComponentServiceType } from 'src/app/modules/policies/policy-component-types.enum';

@Component({
  selector: 'cnsl-auth-user-detail',
@ -51,7 +52,11 @@ export class AuthUserDetailComponent implements OnDestroy {
    { id: 'mfa', i18nKey: 'USER.SETTINGS.MFA' },
    { id: 'grants', i18nKey: 'USER.SETTINGS.USERGRANTS' },
    { id: 'memberships', i18nKey: 'USER.SETTINGS.MEMBERSHIPS' },
-    { id: 'metadata', i18nKey: 'USER.SETTINGS.METADATA' },
+    {
+      id: 'metadata',
+      i18nKey: 'USER.SETTINGS.METADATA',
+      requiredRoles: { [PolicyComponentServiceType.MGMT]: ['user.read'] },
+    },
  ];
  public currentSetting: string | undefined = this.settingsList[0].id;

@ -347,24 +352,28 @@ export class AuthUserDetailComponent implements OnDestroy {
    });
  }

-  public loadMetadata(): Promise<any> | void {
+  public loadMetadata(): void {
    if (this.user) {
-      this.loadingMetadata = true;
-      return this.mgmt
-        .listUserMetadata(this.user.id)
-        .then((resp) => {
-          this.loadingMetadata = false;
-          this.metadata = resp.resultList.map((md) => {
-            return {
-              key: md.key,
-              value: Buffer.from(md.value as string, 'base64').toString('ascii'),
-            };
-          });
-        })
-        .catch((error) => {
-          this.loadingMetadata = false;
-          this.toast.showError(error);
-        });
+      this.userService.isAllowed(['user.read']).subscribe((allowed) => {
+        if (allowed) {
+          this.loadingMetadata = true;
+          this.mgmt
+            .listUserMetadata(this.user?.id ?? '')
+            .then((resp) => {
+              this.loadingMetadata = false;
+              this.metadata = resp.resultList.map((md) => {
+                return {
+                  key: md.key,
+                  value: Buffer.from(md.value as string, 'base64').toString('ascii'),
+                };
+              });
+            })
+            .catch((error) => {
+              this.loadingMetadata = false;
+              this.toast.showError(error);
+            });
+        }
+      });
    }
  }