feat(user-profile): removed setMfaEnforced call

mattjoke · HejdaJakub · commit 8ee944640af1 · 2023-07-04T15:30:57.000+02:00
* removed setMfaEnforced call from user profile
* refactored the loading process of settings
* removed unnecessary margin in accordions

DEPLOYMENT NOTE: value of the 'enable_detail_settings' is now ignored, accordion will appear based on the categories from the attribute
diff --git a/apps/user-profile/src/app/pages/settings-page/settings-authorization/mfa-settings/mfa-settings.component.html b/apps/user-profile/src/app/pages/settings-page/settings-authorization/mfa-settings/mfa-settings.component.html
@@ -23,7 +23,7 @@ <h1 class="page-subtitle">{{'AUTHENTICATION.MFA' | customTranslate | translate}}
       <mat-expansion-panel [disabled]="!mfaAvailable || !enableDetailSettings">
         <mat-expansion-panel-header>
           <mat-checkbox
-            class="toggle-ellipsis mt-2 me-5"
+            class="toggle-ellipsis me-5"
             [disabled]="!mfaAvailable"
             (click)="$event.stopPropagation()"
             [(ngModel)]="enforceMfa"
@@ -40,7 +40,7 @@ <h1 class="page-subtitle">{{'AUTHENTICATION.MFA' | customTranslate | translate}}
             <mat-expansion-panel-header
               [class.cursor-default]="allRpsKeysByCategory.get(category).length === 0">
               <mat-checkbox
-                class="toggle-ellipsis mt-2 me-2"
+                class="toggle-ellipsis me-2"
                 (click)="$event.stopPropagation()"
                 [checked]="categorySelection.isSelected(category)"
                 [indeterminate]="categorySelection.isSelected(category) && rpsSelections.get(category).selected.length !== allRpsKeysByCategory.get(category).length"
diff --git a/apps/user-profile/src/app/pages/settings-page/settings-authorization/mfa-settings/mfa-settings.component.ts b/apps/user-profile/src/app/pages/settings-page/settings-authorization/mfa-settings/mfa-settings.component.ts
@@ -28,7 +28,7 @@ export class MfaSettingsComponent implements OnInit {
 
   enforceMfa: boolean;
   originalMfa = false;
-  enableDetailSettings: boolean;
+  enableDetailSettings = true;
   loadingCategories = false;
   unchangedSettings = true;
   categorySelection: SelectionModel<string>;
@@ -62,7 +62,6 @@ export class MfaSettingsComponent implements OnInit {
 
     this.mfaUrl = this.translate.currentLang === 'en' ? mfa.url_en : mfa.url_cs;
     this.categorySelection = new SelectionModel<string>(true, []);
-    this.enableDetailSettings = this.store.getProperty('mfa').enable_detail_settings;
     this.mfaApiService.isMfaAvailable().subscribe({
       next: (isAvailable) => {
         this.mfaAvailable = isAvailable;
@@ -89,16 +88,10 @@ export class MfaSettingsComponent implements OnInit {
     const mfaRoute = sessionStorage.getItem('mfa_route');
     if (mfaRoute) {
       const enforceMfa = sessionStorage.getItem('enforce_mfa');
+      // This should propagate unfinished PUT action
       if (enforceMfa) {
-        this.mfaApiService.changeEnforceMfa(enforceMfa === 'true').subscribe({
-          next: () => {
-            this.loadingMfa = false;
-          },
-          error: () => {
-            this.loadingMfa = false;
-            this.loadingCategories = false;
-          },
-        });
+        const body = JSON.stringify({ all: enforceMfa === 'true' });
+        sessionStorage.setItem('settings_mfa', body);
       }
       const settingsMfa = sessionStorage.getItem('settings_mfa');
       if (settingsMfa) {
@@ -153,9 +146,13 @@ export class MfaSettingsComponent implements OnInit {
   }
 
   setSelections(): void {
+    // Check if the settings have categories
+    this.enableDetailSettings =
+      this.settings.categories && Object.keys(this.settings.categories).length > 0;
     this.categorySelection = new SelectionModel<string>(true, this.settings.includedCategories);
     this.allCategoriesKeys = Object.keys(this.settings.categories);
-    this.enforceMfa = this.settings.includedCategories.length > 0;
+    // Select if 'allEnforced' is true
+    this.enforceMfa = this.settings.includedCategories.length > 0 || this.settings.allEnforced;
     for (const category in this.settings.categories) {
       this.allRpsKeysByCategory.set(
         category,
@@ -227,7 +224,7 @@ export class MfaSettingsComponent implements OnInit {
   }
 
   /**
-   * This method fires logic for setting new values of enforceMfa and settings
+   * This method fires logic for setting new values of settings
    */
   saveSettings(enforceFirstMfa = false): void {
     this.loadingMfa = true;
diff --git a/apps/user-profile/src/assets/config/defaultConfig.json b/apps/user-profile/src/assets/config/defaultConfig.json
@@ -76,7 +76,6 @@
     "api_url": "https://id.muni.cz/mfaapi/",
     "enable_security_image": true,
     "enable_security_text": true,
-    "enable_detail_settings": false,
     "security_image_attribute": "urn:perun:user:attribute-def:def:securityImage:mu",
     "security_text_attribute": "urn:perun:user:attribute-def:def:securityText:mu",
     "enforce_mfa_attribute": "urn:perun:user:attribute-def:def:mfaEnforced:mu",
diff --git a/libs/perun/models/src/lib/ConfigProperties.ts b/libs/perun/models/src/lib/ConfigProperties.ts
@@ -119,7 +119,6 @@ interface ProfileMFA {
   api_url: string;
   enable_security_image: boolean;
   enable_security_text: boolean;
-  enable_detail_settings: boolean;
   security_image_attribute: string;
   security_text_attribute: string;
   enforce_mfa_attribute: string;
diff --git a/libs/perun/models/src/lib/MfaSettings.ts b/libs/perun/models/src/lib/MfaSettings.ts
@@ -1,4 +1,5 @@
 export interface MfaSettings {
+  allEnforced: boolean;
   categories: object;
   includedCategories: string[];
   excludedRps: string[];
diff --git a/libs/perun/services/src/lib/mfa-api.service.ts b/libs/perun/services/src/lib/mfa-api.service.ts
@@ -50,6 +50,7 @@ export class MfaApiService {
    */
   getSettings(): Observable<MfaSettings> {
     const result: MfaSettings = {
+      allEnforced: false,
       categories: {},
       includedCategories: [],
       excludedRps: [],
@@ -76,6 +77,7 @@ export class MfaApiService {
                 next: (settings) => {
                   if (settings.length !== 0) {
                     if (settings.all) {
+                      result.allEnforced = settings.all;
                       result.includedCategories = Object.keys(result.categories);
                       for (const category in result.categories) {
                         result.includedRpsByCategory[category] = Object.keys(
@@ -148,48 +150,15 @@ export class MfaApiService {
     }
     sessionStorage.setItem('settings_mfa', body);
   }
-
-  changeEnforceMfa(enforceMfa: boolean): Observable<any> {
-    const body = `value=${String(enforceMfa)}`;
-    return new Observable<any>((res) => {
-      this.httpClient
-        .put(this.mfaApiUrl + 'mfaEnforced', body, {
-          headers: { Authorization: 'Bearer ' + this.oauthService.getAccessToken() },
-        })
-        .subscribe({
-          next: () => {
-            sessionStorage.removeItem('enforce_mfa');
-            sessionStorage.removeItem('mfa_route');
-            res.next();
-          },
-          error: (err) => {
-            // when token is valid, but user is logged in without MFA -> enforce MFA
-            if (err.error.error === 'MFA is required') {
-              this.saveSettings(null, true).subscribe();
-            } else {
-              res.error(err);
-            }
-          },
-        });
-    });
-  }
-
   /**
    * This method fires logic for setting new values of enforceMfa and settings
    */
   saveSettings(newEnforce: boolean, enforceFirstMfa = false): Observable<any> {
     return new Observable<any>((res) => {
       if (this.oauthService.getIdTokenExpiration() - now() > 0 && !enforceFirstMfa) {
-        this.changeEnforceMfa(newEnforce).subscribe({
+        this.updateDetailSettings().subscribe({
           next: () => {
-            this.updateDetailSettings().subscribe({
-              next: () => {
-                res.next();
-              },
-              error: (e) => {
-                res.error(e);
-              },
-            });
+            res.next();
           },
           error: (e) => {
             res.error(e);

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,5 @@`
`1`	`1`	`export interface MfaSettings {`
	`2`	`+ allEnforced: boolean;`
`2`	`3`	`categories: object;`
`3`	`4`	`includedCategories: string[];`
`4`	`5`	`excludedRps: string[];`