diff --git a/lib/core/services/user-access.service.spec.ts b/lib/core/services/user-access.service.spec.ts index b4bd6c9b5f..4d056ebec5 100644 --- a/lib/core/services/user-access.service.spec.ts +++ b/lib/core/services/user-access.service.spec.ts @@ -92,6 +92,7 @@ describe('UserAccessService', () => { beforeEach(() => { spyOn(jwtHelperService, 'getValueFromLocalToken').and.returnValue(undefined); getAccessFromApiSpy = spyOn(oauth2Service, 'get').and.returnValue(of(userAccessMock)); + appConfigService.config.authType = 'OAUTH'; }); it('should return true when the user has one of the global roles', async () => { @@ -137,5 +138,12 @@ describe('UserAccessService', () => { expect(getAccessFromApiSpy).toHaveBeenCalledWith({ url: `${ fakeIdentityHost }/v1/identity/roles` }); }); + + it('should not fetch the access from the API if is not configured with OAUTH', async () => { + appConfigService.config.authType = 'BASIC'; + await userAccessService.fetchUserAccess(); + + expect(getAccessFromApiSpy).not.toHaveBeenCalled(); + }); }); }); diff --git a/lib/core/services/user-access.service.ts b/lib/core/services/user-access.service.ts index 5a78e7eb9a..68e2436304 100644 --- a/lib/core/services/user-access.service.ts +++ b/lib/core/services/user-access.service.ts @@ -36,7 +36,11 @@ export class UserAccessService { async fetchUserAccess() { if (!this.hasFetchedAccess()) { - this.hasRolesInJwt() ? this.fetchAccessFromJwt() : await this.fetchAccessFromApi(); + if (this.hasRolesInJwt()) { + this.fetchAccessFromJwt(); + } else if (this.isOauth()) { + await this.fetchAccessFromApi(); + } } } @@ -67,6 +71,10 @@ export class UserAccessService { return `${this.appConfigService.get('identityHost')}`; } + private isOauth(): boolean { + return this.appConfigService.get('authType') === 'OAUTH'; + } + /** * Checks for global roles access. *