ceph/src/pybind/mgr/dashboard/frontend/src/app/shared/services/change-password-guard.service.ts

   1 import { Injectable } from '@angular/core';
   2 import { CanActivate, CanActivateChild, Router } from '@angular/router';
   3
   4 import { AuthStorageService } from './auth-storage.service';
   5
   6 /**
   7  * This service guard checks if a user must be redirected to a special
   8  * page at '/login-change-password' to set a new password.
   9  */
  10 @Injectable({
  11   providedIn: 'root'
  12 })
  13 export class ChangePasswordGuardService implements CanActivate, CanActivateChild {
  14   constructor(private router: Router, private authStorageService: AuthStorageService) {}
  15
  16   canActivate() {
  17     // Redirect to '/login-change-password' when the following constraints
  18     // are fulfilled:
  19     // - The user must be logged in.
  20     // - SSO must be disabled.
  21     // - The flag 'User must change password at next logon' must be set.
  22     if (
  23       this.authStorageService.isLoggedIn() &&
  24       !this.authStorageService.isSSO() &&
  25       this.authStorageService.getPwdUpdateRequired()
  26     ) {
  27       this.router.navigate(['/login-change-password']);
  28       return false;
  29     }
  30     return true;
  31   }
  32
  33   canActivateChild(): boolean {
  34     return this.canActivate();
  35   }
  36 }