[AAE-9365] - Auth guards should return true when no roles to check are passed (#7695)

2025-09-17 14:21:29 +00:00 · 2022-06-30 09:38:48 +01:00
parent e27833d770
commit ad9a468b11
2 changed files with 25 additions and 3 deletions
--- a/lib/core/services/user-access.service.ts
+++ b/lib/core/services/user-access.service.ts
@@ -84,7 +84,10 @@ export class UserAccessService {
     * @returns True if it contains at least one of the given roles, false otherwise
     */
    hasGlobalAccess(rolesToCheck: string[]): boolean {
-        return this.globalAccess ? this.globalAccess.some((role: string) => rolesToCheck.includes(role)) : false;
+        if (rolesToCheck?.length > 0) {
+            return this.globalAccess ? this.globalAccess.some((role: string) => rolesToCheck.includes(role)) : false;
+        }
+        return true;
    }

    /**
@@ -95,8 +98,11 @@ export class UserAccessService {
     * @returns True if it contains at least one of the given roles, false otherwise
     */
    hasApplicationAccess(appName: string, rolesToCheck: string[]): boolean {
-        const appAccess = this.hasRolesInJwt() ? this.applicationAccess[appName] : this.applicationAccess.find((app: ApplicationAccessModel) => app.name === appName);
-        return appAccess ? appAccess.roles.some(appRole => rolesToCheck.includes(appRole)) : false;
+        if (rolesToCheck?.length > 0) {
+            const appAccess = this.hasRolesInJwt() ? this.applicationAccess[appName] : this.applicationAccess.find((app: ApplicationAccessModel) => app.name === appName);
+            return appAccess ? appAccess.roles.some(appRole => rolesToCheck.includes(appRole)) : false;
+        }
+        return true;
    }

    /**