@@ -171,7 +171,7 @@ export default defineComponent({
required: true,
autocomplete: 'given-name',
capitalize: true,
- disabled: this.isLDAPFeatureEnabled && this.signInWithLdap,
+ disabled: this.isExternalAuthEnabled,
},
},
{
@@ -183,7 +183,7 @@ export default defineComponent({
required: true,
autocomplete: 'family-name',
capitalize: true,
- disabled: this.isLDAPFeatureEnabled && this.signInWithLdap,
+ disabled: this.isExternalAuthEnabled,
},
},
{
@@ -196,7 +196,7 @@ export default defineComponent({
validationRules: [{ name: 'VALID_EMAIL' }],
autocomplete: 'email',
capitalize: true,
- disabled: (this.isLDAPFeatureEnabled && this.signInWithLdap) || this.signInWithSaml,
+ disabled: !this.isPersonalSecurityEnabled,
},
},
];
@@ -206,16 +206,15 @@ export default defineComponent({
currentUser(): IUser | null {
return this.usersStore.currentUser;
},
- signInWithLdap(): boolean {
- return this.currentUser?.signInType === 'ldap';
+ isExternalAuthEnabled(): boolean {
+ const isLdapEnabled =
+ this.settingsStore.settings.enterprise.ldap && this.currentUser?.signInType === 'ldap';
+ const isSamlEnabled =
+ this.settingsStore.isSamlLoginEnabled && this.settingsStore.isDefaultAuthenticationSaml;
+ return isLdapEnabled || isSamlEnabled;
},
- isLDAPFeatureEnabled(): boolean {
- return this.settingsStore.settings.enterprise.ldap;
- },
- signInWithSaml(): boolean {
- return (
- this.settingsStore.isSamlLoginEnabled && this.settingsStore.isDefaultAuthenticationSaml
- );
+ isPersonalSecurityEnabled(): boolean {
+ return this.usersStore.isInstanceOwner || !this.isExternalAuthEnabled;
},
mfaDisabled(): boolean {
return !this.usersStore.mfaEnabled;
diff --git a/packages/editor-ui/src/views/__tests__/SettingsPersonalView.test.ts b/packages/editor-ui/src/views/__tests__/SettingsPersonalView.test.ts
index 09df7dfc216f3..7236800010e07 100644
--- a/packages/editor-ui/src/views/__tests__/SettingsPersonalView.test.ts
+++ b/packages/editor-ui/src/views/__tests__/SettingsPersonalView.test.ts
@@ -57,16 +57,37 @@ describe('SettingsPersonalView', () => {
expect(getByTestId('change-password-link')).toBeInTheDocument();
});
- it('should disable email and pw change when SAML login is enabled', async () => {
- vi.spyOn(settingsStore, 'isSamlLoginEnabled', 'get').mockReturnValue(true);
- vi.spyOn(settingsStore, 'isDefaultAuthenticationSaml', 'get').mockReturnValue(true);
+ describe('when external auth is enabled, email and password change', () => {
+ beforeEach(() => {
+ vi.spyOn(settingsStore, 'isSamlLoginEnabled', 'get').mockReturnValue(true);
+ vi.spyOn(settingsStore, 'isDefaultAuthenticationSaml', 'get').mockReturnValue(true);
+ vi.spyOn(settingsStore, 'isMfaFeatureEnabled', 'get').mockReturnValue(true);
+ });
- const { queryByTestId, getAllByRole } = renderComponent({ pinia });
- await waitAllPromises();
+ it('should not be disabled for the instance owner', async () => {
+ vi.spyOn(usersStore, 'isInstanceOwner', 'get').mockReturnValue(true);
+
+ const { queryByTestId, getAllByRole } = renderComponent({ pinia });
+ await waitAllPromises();
+
+ expect(
+ getAllByRole('textbox').find((el) => el.getAttribute('type') === 'email'),
+ ).toBeEnabled();
+ expect(queryByTestId('change-password-link')).toBeInTheDocument();
+ expect(queryByTestId('mfa-section')).toBeInTheDocument();
+ });
+
+ it('should be disabled for members', async () => {
+ vi.spyOn(usersStore, 'isInstanceOwner', 'get').mockReturnValue(false);
+
+ const { queryByTestId, getAllByRole } = renderComponent({ pinia });
+ await waitAllPromises();
- expect(
- getAllByRole('textbox').find((el) => el.getAttribute('type') === 'email'),
- ).toBeDisabled();
- expect(queryByTestId('change-password-link')).not.toBeInTheDocument();
+ expect(
+ getAllByRole('textbox').find((el) => el.getAttribute('type') === 'email'),
+ ).toBeDisabled();
+ expect(queryByTestId('change-password-link')).not.toBeInTheDocument();
+ expect(queryByTestId('mfa-section')).not.toBeInTheDocument();
+ });
});
});