feat: add hide password reset to login policy (#1806)

* feat: add hide password reset to login policy * feat: tests * feat: hide password reset in login * feat: hide password reset to frontend * feat: hide password reset to frontend * feat: hide password reset to frontend * feat: check feature * feat: feature in frontend
2025-08-12 07:47:32 +00:00 · 2021-06-03 11:53:30 +02:00
parent 3dba12c0d4
commit 8d163163f1
45 changed files with 246 additions and 23 deletions
--- a/console/src/app/modules/features/features.component.html
+++ b/console/src/app/modules/features/features.component.html
@@ -66,6 +66,15 @@
            </mat-slide-toggle>
        </div>

+        <div class="row">
+          <span class="left-desc">{{'FEATURES.DATA.LOGINPOLICYPASSWORDRESET' | translate}}</span>
+          <span class="fill-space"></span>
+          <mat-slide-toggle color="primary" name="hasNumber" ngDefaultControl
+                            [(ngModel)]="features.loginPolicyPasswordReset"
+                            [disabled]="(['iam.features.write'] | hasRole | async) == false">
+          </mat-slide-toggle>
+        </div>
+
        <div class="row">
            <span class="left-desc">{{'FEATURES.DATA.LOGINPOLICYREGISTRATION' | translate}}</span>
            <span class="fill-space"></span>
@@ -132,4 +141,4 @@
            type="submit" mat-raised-button>{{ 'ACTIONS.SAVE' | translate
            }}</button>
    </div>
-</app-detail-layout>
+</app-detail-layout>
--- a/console/src/app/modules/features/features.component.ts
+++ b/console/src/app/modules/features/features.component.ts
@@ -152,6 +152,7 @@ export class FeaturesComponent implements OnDestroy {
        req.setOrgId(this.org.id);

        req.setLoginPolicyUsernameLogin(this.features.loginPolicyUsernameLogin);
+        req.setLoginPolicyPasswordReset(this.features.loginPolicyPasswordReset);
        req.setLoginPolicyRegistration(this.features.loginPolicyRegistration);
        req.setLoginPolicyIdp(this.features.loginPolicyIdp);
        req.setLoginPolicyFactors(this.features.loginPolicyFactors);
@@ -170,6 +171,7 @@ export class FeaturesComponent implements OnDestroy {
        // update Default org iam policy?
        const dreq = new SetDefaultFeaturesRequest();
        dreq.setLoginPolicyUsernameLogin(this.features.loginPolicyUsernameLogin);
+        dreq.setLoginPolicyPasswordReset(this.features.loginPolicyPasswordReset);
        dreq.setLoginPolicyRegistration(this.features.loginPolicyRegistration);
        dreq.setLoginPolicyIdp(this.features.loginPolicyIdp);
        dreq.setLoginPolicyFactors(this.features.loginPolicyFactors);
--- a/console/src/app/modules/policies/login-policy/login-policy.component.html
+++ b/console/src/app/modules/policies/login-policy/login-policy.component.html
@@ -95,6 +95,26 @@
                </cnsl-info-section>
            </ng-template>
        </div>
+      <div class="row">
+        <mat-slide-toggle class="toggle" color="primary" [disabled]="disabled" ngDefaultControl
+                          [(ngModel)]="loginData.hidePasswordReset">
+          {{'POLICY.DATA.HIDEPASSWORDRESET' | translate}}
+        </mat-slide-toggle>
+
+        <ng-container
+          *ngIf="serviceType == PolicyComponentServiceType.MGMT && (['login_policy.password_reset'] | hasFeature | async) == false; else passwordResetInfo">
+          <cnsl-info-section type="WARN">{{'FEATURES.NOTAVAILABLE' | translate: ({value:
+            'login_policy.hide_password_reset'})}}
+          </cnsl-info-section>
+        </ng-container>
+
+        <ng-template #passwordResetInfo>
+          <cnsl-info-section class="info">
+            {{'POLICY.DATA.HIDEPASSWORDRESET_DESC' | translate}}
+          </cnsl-info-section>
+        </ng-template>
+      </div>
+
        <div class="row">

            <cnsl-form-field class="form-field" label="Access Code" required="true">
@@ -201,4 +221,4 @@

    <cnsl-links *ngIf="nextLinks" [links]="nextLinks"></cnsl-links>

-</app-detail-layout>
+</app-detail-layout>
--- a/console/src/app/modules/policies/login-policy/login-policy.component.ts
+++ b/console/src/app/modules/policies/login-policy/login-policy.component.ts
@@ -143,6 +143,7 @@ export class LoginPolicyComponent implements OnDestroy {
        mgmtreq.setAllowUsernamePassword(this.loginData.allowUsernamePassword);
        mgmtreq.setForceMfa(this.loginData.forceMfa);
        mgmtreq.setPasswordlessType(this.loginData.passwordlessType);
+        mgmtreq.setHidePasswordReset(this.loginData.hidePasswordReset);
        if ((this.loginData as LoginPolicy.AsObject).isDefault) {
          return (this.service as ManagementService).addCustomLoginPolicy(mgmtreq);
        } else {
@@ -155,6 +156,7 @@ export class LoginPolicyComponent implements OnDestroy {
        adminreq.setAllowUsernamePassword(this.loginData.allowUsernamePassword);
        adminreq.setForceMfa(this.loginData.forceMfa);
        adminreq.setPasswordlessType(this.loginData.passwordlessType);
+        adminreq.setHidePasswordReset(this.loginData.hidePasswordReset);

        return (this.service as AdminService).updateLoginPolicy(adminreq);
    }
--- a/console/src/assets/i18n/de.json
+++ b/console/src/assets/i18n/de.json
@@ -607,6 +607,7 @@
    "DATA": {
      "AUDITLOGRETENTION": "Audit Log Retention",
      "LOGINPOLICYUSERNAMELOGIN": "Login Richtlinie: Login mit Username erlauben - benutzerdefiniert",
+      "LOGINPOLICYPASSWORDRESET": "Login Richtlinie: Passwort vergessen Link nicht anzeigen - benutzerdefiniert",
      "LOGINPOLICYREGISTRATION": "Login Richtlinie: Registration erlauben - benutzerdefiniert",
      "LOGINPOLICYIDP": "Login Richtlinie: Identity Providers - benutzerdefiniert",
      "LOGINPOLICYFACTORS": "Login Richtlinie: Mltifaktoren - benutzerdefiniert",
@@ -683,7 +684,9 @@
      "ALLOWEXTERNALIDP_DESC": "Der Login wird für die darunter liegenden Identity Provider erlaubt.",
      "ALLOWREGISTER_DESC": "Ist die Option gewählt, erscheint im Login ein zusätzlicher Schritt zum Registrieren eines Benutzers.",
      "FORCEMFA": "Mfa erzwingen",
-      "FORCEMFA_DESC": "Ist die Option gewählt, müssen Benutzer einen zweiten Faktor für den Login verwenden."
+      "FORCEMFA_DESC": "Ist die Option gewählt, müssen Benutzer einen zweiten Faktor für den Login verwenden.",
+      "HIDEPASSWORDRESET": "Passwort vergessen, nicht anzeigen",
+      "FORCEMFA_DESC": "Ist die Option gewählt, ist es nicht möglich im Login das Passwort zurück zusetzen via Passwort vergessen Link."
    },
    "RESET": "Richtlinie zurücksetzen",
    "CREATECUSTOM": "Benutzerdefinierte Richtlinie erstellen",
--- a/console/src/assets/i18n/en.json
+++ b/console/src/assets/i18n/en.json
@@ -607,6 +607,7 @@
    "DATA": {
      "AUDITLOGRETENTION": "Audit Log Retention",
      "LOGINPOLICYUSERNAMELOGIN": "Login Policy: Allow login with Username - custom",
+      "LOGINPOLICYPASSWORDRESET": "Login Policy: Hide reset password link - custom",
      "LOGINPOLICYREGISTRATION": "Login Policy: Allow self registration - custom",
      "LOGINPOLICYIDP": "Login Policy: Identity Provider - custom",
      "LOGINPOLICYFACTORS": "Login Policy: Multifactors - custom",
@@ -683,7 +684,9 @@
      "ALLOWEXTERNALIDP_DESC": "The login is allowed for the underlying identity providers",
      "ALLOWREGISTER_DESC": "If the option is selected, an additional step for registering a user appears in the login.",
      "FORCEMFA": "Force MFA",
-      "FORCEMFA_DESC": "If the option is selected, users have to configure a second factor for login."
+      "FORCEMFA_DESC": "If the option is selected, users have to configure a second factor for login.",
+      "HIDEPASSWORDRESET": "Hide Password reset",
+      "FORCEMFA_DESC": "If the option is selected, the user can't reset his password in the login process."
    },
    "RESET": "Reset Policy",
    "CREATECUSTOM": "Create Custom Policy",