[AAE-4985] - Make SSO Role Service accept a content admin role that is not part of the JWT token (#6942)

* Add ability to check if the user is an ACS_ADMIN - not part of JTW token * Make get user api call only once * Add unit tests * Add documentation * Fix comments * Exclude flaky tests, dependent on another test * Fix unit test * Fix comments * Update documentation
2025-07-24 17:32:15 +00:00 · 2021-04-26 14:27:22 +01:00
parent 585a1b6918
commit 574db8d7cc
7 changed files with 106 additions and 7 deletions
--- a/lib/core/services/people-content.service.ts
+++ b/lib/core/services/people-content.service.ts
@@ -23,10 +23,16 @@ import { PersonEntry, PeopleApi, PersonBodyCreate } from '@alfresco/js-api';
 import { EcmUserModel } from '../models/ecm-user.model';
 import { LogService } from './log.service';

+export enum ContentGroups {
+    ALFRESCO_ADMINISTRATORS = 'ALFRESCO_ADMINISTRATORS'
+}
+
@Injectable({
    providedIn: 'root'
 })
 export class PeopleContentService {
+    private hasContentAdminRole: boolean = false;
+    hasCheckedIsContentAdmin: boolean = false;

    private _peopleApi: PeopleApi;

@@ -60,6 +66,7 @@ export class PeopleContentService {
    /**
     * Creates new person.
     * @param newPerson Object containing the new person details.
+     * @param opts Optional parameters
     * @returns Created new person
     */
    createPerson(newPerson: PersonBodyCreate, opts?: any): Observable<EcmUserModel> {
@@ -69,6 +76,15 @@ export class PeopleContentService {
        );
    }

+    async isContentAdmin(): Promise<boolean> {
+        if (!this.hasCheckedIsContentAdmin) {
+            const user: PersonEntry = await this.getCurrentPerson().toPromise();
+            this.hasContentAdminRole = user?.entry?.capabilities?.isAdmin;
+            this.hasCheckedIsContentAdmin = true;
+        }
+        return this.hasContentAdminRole;
+    }
+
    private handleError(error: any) {
        this.logService.error(error);
        return throwError(error || 'Server error');