fix: restrict languages in console (#6964)

* feat: return 404 or 409 if org reg disallowed * fix: system limit permissions * feat: add iam limits api * feat: disallow public org registrations on default instance * add integration test * test: integration * fix test * docs: describe public org registrations * avoid updating docs deps * fix system limits integration test * silence integration tests * fix linting * ignore strange linter complaints * review * improve reset properties naming * redefine the api * use restrictions aggregate * test query * simplify and test projection * test commands * fix unit tests * move integration test * support restrictions on default instance * also test GetRestrictions * self review * lint * abstract away resource owner * fix tests * configure supported languages * fix allowed languages * fix tests * default lang must not be restricted * preferred language must be allowed * change preferred languages * check languages everywhere * lint * test command side * lint * add integration test * add integration test * restrict supported ui locales * lint * lint * cleanup * lint * allow undefined preferred language * fix integration tests * update main * fix env var * ignore linter * ignore linter * improve integration test config * reduce cognitive complexity * compile * fix(console): switch back to saved language * feat(API): get allowed languages * fix(console): only make allowed languages selectable * warn when editing not allowed languages * check for duplicates * remove useless restriction checks * review * revert restriction renaming * fix language restrictions * lint * generate * allow custom texts for supported langs for now * fix tests * cleanup * cleanup * cleanup * lint * unsupported preferred lang is allowed * fix integration test * allow unsupported preferred languages * lint * load languages for tests * cleanup * lint * cleanup * get allowed only on admin * cleanup * reduce flakiness on very limited postgres * simplify langSvc * refactor according to suggestions in pr * lint * set first allowed language as default * selectionchange for language in msg texts * initialize login texts * init message texts * lint --------- Co-authored-by: peintnermax <max@caos.ch>
2025-12-05 09:02:04 +00:00 · 2023-12-07 09:43:23 +01:00
parent f09fbf8709
commit 8c85318fbd
46 changed files with 479 additions and 312 deletions
--- a/console/src/app/services/admin.service.ts
+++ b/console/src/app/services/admin.service.ts
@@ -54,6 +54,8 @@ import {
  DeactivateSMSProviderResponse,
  DeleteProviderRequest,
  DeleteProviderResponse,
+  GetAllowedLanguagesRequest,
+  GetAllowedLanguagesResponse,
  GetCustomDomainClaimedMessageTextRequest,
  GetCustomDomainClaimedMessageTextResponse,
  GetCustomDomainPolicyRequest,
@@ -433,6 +435,11 @@ export class AdminService {
    return this.grpcService.admin.getSupportedLanguages(req, null).then((resp) => resp.toObject());
  }

+  public getAllowedLanguages(): Promise<GetAllowedLanguagesResponse.AsObject> {
+    const req = new GetAllowedLanguagesRequest();
+    return this.grpcService.admin.getAllowedLanguages(req, null).then((resp) => resp.toObject());
+  }
+
  public getDefaultLoginTexts(req: GetDefaultLoginTextsRequest): Promise<GetDefaultLoginTextsResponse.AsObject> {
    return this.grpcService.admin.getDefaultLoginTexts(req, null).then((resp) => resp.toObject());
  }
--- a/console/src/app/services/grpc-auth.service.ts
+++ b/console/src/app/services/grpc-auth.service.ts
@@ -32,8 +32,6 @@ import {
  GetMyProfileResponse,
  GetMyUserRequest,
  GetMyUserResponse,
-  GetSupportedLanguagesRequest,
-  GetSupportedLanguagesResponse,
  ListMyAuthFactorsRequest,
  ListMyAuthFactorsResponse,
  ListMyLinkedIDPsRequest,
@@ -494,11 +492,6 @@ export class GrpcAuthService {
    return this.grpcService.auth.resendMyEmailVerification(req, null).then((resp) => resp.toObject());
  }

-  public getSupportedLanguages(): Promise<GetSupportedLanguagesResponse.AsObject> {
-    const req = new GetSupportedLanguagesRequest();
-    return this.grpcService.auth.getSupportedLanguages(req, null).then((resp) => resp.toObject());
-  }
-
  public getMyLoginPolicy(): Promise<GetMyLoginPolicyResponse.AsObject> {
    const req = new GetMyLoginPolicyRequest();
    return this.grpcService.auth.getMyLoginPolicy(req, null).then((resp) => resp.toObject());
--- a/console/src/app/services/languages.service.ts
+++ b/console/src/app/services/languages.service.ts
@@ -0,0 +1,47 @@
+import { forkJoin, Observable, ReplaySubject, Subscription } from 'rxjs';
+import { map, withLatestFrom } from 'rxjs/operators';
+import { Injectable } from '@angular/core';
+import { AdminService } from './admin.service';
+
+@Injectable({
+  providedIn: 'root',
+})
+export class LanguagesService {
+  private supportedSubject$ = new ReplaySubject<string[]>(1);
+  public supported$: Observable<string[]> = this.supportedSubject$.asObservable();
+  private allowedSubject$ = new ReplaySubject<string[]>(1);
+  public allowed$: Observable<string[]> = this.allowedSubject$.asObservable();
+  public notAllowed$: Observable<string[]> = this.allowed$.pipe(
+    withLatestFrom(this.supported$),
+    map(([allowed, supported]) => {
+      return supported.filter((s) => !allowed.includes(s));
+    }),
+  );
+  public restricted$: Observable<boolean> = this.notAllowed$.pipe(
+    map((notallowed) => {
+      return notallowed.length > 0;
+    }),
+  );
+
+  constructor(private adminSvc: AdminService) {
+    const sub: Subscription = forkJoin([
+      this.adminSvc.getSupportedLanguages(),
+      this.adminSvc.getAllowedLanguages(),
+    ]).subscribe({
+      next: ([{ languagesList: supported }, { languagesList: allowed }]) => {
+        this.supportedSubject$.next(supported);
+        this.allowedSubject$.next(allowed);
+      },
+      complete: () => sub.unsubscribe(),
+    });
+  }
+
+  // TODO: call this in https://github.com/zitadel/zitadel/pull/6965
+  public newAllowed(languages: string[]) {
+    this.allowedSubject$.next(languages);
+  }
+
+  public isNotAllowed(language: string): Observable<boolean> {
+    return this.notAllowed$.pipe(map((notAllowed) => notAllowed.includes(language)));
+  }
+}
--- a/console/src/app/services/mgmt.service.ts
+++ b/console/src/app/services/mgmt.service.ts
@@ -551,11 +551,6 @@ export class ManagementService {

  constructor(private readonly grpcService: GrpcService) {}

-  public getSupportedLanguages(): Promise<GetSupportedLanguagesResponse.AsObject> {
-    const req = new GetSupportedLanguagesRequest();
-    return this.grpcService.mgmt.getSupportedLanguages(req, null).then((resp) => resp.toObject());
-  }
-
  public getDefaultLoginTexts(req: GetDefaultLoginTextsRequest): Promise<GetDefaultLoginTextsResponse.AsObject> {
    return this.grpcService.mgmt.getDefaultLoginTexts(req, null).then((resp) => resp.toObject());
  }