summaryrefslogtreecommitdiffstats
path: root/src/pybind/mgr/dashboard/frontend/src/app/shared/services/no-sso-guard.service.ts
diff options
context:
space:
mode:
Diffstat (limited to 'src/pybind/mgr/dashboard/frontend/src/app/shared/services/no-sso-guard.service.ts')
-rw-r--r--src/pybind/mgr/dashboard/frontend/src/app/shared/services/no-sso-guard.service.ts28
1 files changed, 28 insertions, 0 deletions
diff --git a/src/pybind/mgr/dashboard/frontend/src/app/shared/services/no-sso-guard.service.ts b/src/pybind/mgr/dashboard/frontend/src/app/shared/services/no-sso-guard.service.ts
new file mode 100644
index 000000000..d4abcde0d
--- /dev/null
+++ b/src/pybind/mgr/dashboard/frontend/src/app/shared/services/no-sso-guard.service.ts
@@ -0,0 +1,28 @@
+import { Injectable } from '@angular/core';
+import { CanActivate, CanActivateChild } from '@angular/router';
+
+import { DashboardUserDeniedError } from '~/app/core/error/error';
+import { AuthStorageService } from './auth-storage.service';
+
+/**
+ * This service checks if a route can be activated if the user has not
+ * been logged in via SSO.
+ */
+@Injectable({
+ providedIn: 'root'
+})
+export class NoSsoGuardService implements CanActivate, CanActivateChild {
+ constructor(private authStorageService: AuthStorageService) {}
+
+ canActivate() {
+ if (!this.authStorageService.isSSO()) {
+ return true;
+ }
+ throw new DashboardUserDeniedError();
+ return false;
+ }
+
+ canActivateChild(): boolean {
+ return this.canActivate();
+ }
+}
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-10 22:10:55 +0000