From a9abc772c225a2312ee703430953500c48501030 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rui=20Tom=C3=A9?= <108268980+r-tome@users.noreply.github.com> Date: Wed, 3 Jul 2024 17:45:49 +0100 Subject: [PATCH] =?UTF-8?q?[AC-1452]=C2=A0Restrict=20access=20to=20'Organi?= =?UTF-8?q?zation=20Info'=20and=20'Two-Step=20Login'=20settings=20pages=20?= =?UTF-8?q?with=20a=20permission=20check=20(#9483)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Guard Organization Info route - Owners only * Guard TwoFactor route - Owners only and Organization must be able to use 2FA * Update guards to use function syntax --------- Co-authored-by: Addison Beck --- .../organization-settings-routing.module.ts | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/apps/web/src/app/admin-console/organizations/settings/organization-settings-routing.module.ts b/apps/web/src/app/admin-console/organizations/settings/organization-settings-routing.module.ts index d18f5125fd..4e9180ef12 100644 --- a/apps/web/src/app/admin-console/organizations/settings/organization-settings-routing.module.ts +++ b/apps/web/src/app/admin-console/organizations/settings/organization-settings-routing.module.ts @@ -22,11 +22,21 @@ const routes: Routes = [ canActivate: [organizationRedirectGuard(getSettingsRoute)], children: [], // This is required to make the auto redirect work, }, - { path: "account", component: AccountComponent, data: { titleId: "organizationInfo" } }, + { + path: "account", + component: AccountComponent, + canActivate: [organizationPermissionsGuard((o) => o.isOwner)], + data: { + titleId: "organizationInfo", + }, + }, { path: "two-factor", component: TwoFactorSetupComponent, - data: { titleId: "twoStepLogin" }, + canActivate: [organizationPermissionsGuard((o) => o.use2fa && o.isOwner)], + data: { + titleId: "twoStepLogin", + }, }, { path: "policies",