ci-verify: login-capabilities (#10949 formatting fix via develop merge)#10
Closed
MichaelUray wants to merge 7 commits into
Closed
ci-verify: login-capabilities (#10949 formatting fix via develop merge)#10MichaelUray wants to merge 7 commits into
MichaelUray wants to merge 7 commits into
Conversation
…inCapabilities When DISABLE_SIGNUP=true on the account service, the signUp and signUpOtp operations throw Forbidden — preventing manual sign-ups even via direct API calls, not just hiding the UI tab. When DISABLE_GUEST_LOGIN=true, the loginAsGuest operation throws Forbidden without touching the database. Combined with the existing AccountNotFound branch (no guest person row), the guest login is fully controllable via env or DB state. A new getLoginCapabilities operation lets the client query both flags so the UI can hide the corresponding affordances. It reports signUpEnabled (false iff DISABLE_SIGNUP=true) and guestLoginAvailable (false iff DISABLE_GUEST_LOGIN=true OR no read-only guest person row exists). The client RPC stub is added to AccountClient as well. Signed-off-by: Michael Uray <michael.uray@gmail.com> Signed-off-by: Michael Uray <michaeluray@users.noreply.github.com>
…lities
LoginForm now queries getLoginCapabilities on mount and uses the result
to gate two UI affordances:
- effectiveSignUpDisabled OR-s the existing signUpDisabled prop with
!signUpEnabled from the server, so the Sign Up tab disappears when
the account service reports sign-up disabled (DISABLE_SIGNUP=true).
- The "Continue as guest" button is rendered only when
guestLoginAvailable is true, which the server reports as false when
either DISABLE_GUEST_LOGIN=true or the read-only guest person row is
not present in the DB.
fetchLoginCapabilities returns { signUpEnabled: true,
guestLoginAvailable: true } on any RPC error to keep both controls
visible when talking to older account services without the endpoint.
Signed-off-by: Michael Uray <michael.uray@gmail.com>
Signed-off-by: Michael Uray <michaeluray@users.noreply.github.com>
…in-capabilities Signed-off-by: Michael Uray <michaeluray@users.noreply.github.com>
Signed-off-by: Michael Uray <michaeluray@users.noreply.github.com>
…ilities-disable-signup-guest Signed-off-by: Michael Uray <michaeluray@users.noreply.github.com>
…DB probing (L-AUTH-1) getLoginCapabilities ist unauthenticated und traf pro anonymem Aufruf die DB (db.person.findOne auf den Guest-Account) -> Existenz-Probing + DB-Last. Guest-Person-Zustand aendert sich praktisch nie: Ergebnis jetzt mit 60s-TTL modul-lokal gecacht. resetGuestPersonCache() fuer Tests/Ops. Signed-off-by: Michael Uray <michaeluray@users.noreply.github.com>
…ities-disable-signup-guest
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fork-interner CI-Runner für hcengineering#10949. Verifiziert build+test+formatting nach develop-Merge (c838648). Kein Upstream-PR.