feat: add option to disable self-account editing

2025-12-13 23:02:17 +00:00 · 2024-10-28 18:45:27 +01:00
parent 7bfc3f43a5
commit 8304065652
9 changed files with 65 additions and 30 deletions
--- a/frontend/src/lib/types/application-configuration.ts
+++ b/frontend/src/lib/types/application-configuration.ts
@@ -1,5 +1,6 @@
 export type AppConfig = {
 	appName: string;
+	allowOwnAccountEdit: boolean;
 };

 export type AllAppConfig = AppConfig & {
--- a/frontend/src/routes/settings/account/+page.svelte
+++ b/frontend/src/routes/settings/account/+page.svelte
@@ -3,6 +3,7 @@
 	import * as Card from '$lib/components/ui/card';
 	import UserService from '$lib/services/user-service';
 	import WebAuthnService from '$lib/services/webauthn-service';
+	import appConfigStore from '$lib/stores/application-configuration-store';
 	import type { Passkey } from '$lib/types/passkey.type';
 	import type { UserCreate } from '$lib/types/user.type';
 	import { axiosErrorToast, getWebauthnErrorMessage } from '$lib/utils/error-util';
@@ -51,14 +52,16 @@
 	<title>Account Settings</title>
 </svelte:head>

-<Card.Root>
-	<Card.Header>
-		<Card.Title>Account Details</Card.Title>
-	</Card.Header>
-	<Card.Content>
-		<AccountForm {account} callback={updateAccount} />
-	</Card.Content>
-</Card.Root>
+{#if $appConfigStore.allowOwnAccountEdit}
+	<Card.Root>
+		<Card.Header>
+			<Card.Title>Account Details</Card.Title>
+		</Card.Header>
+		<Card.Content>
+			<AccountForm {account} callback={updateAccount} />
+		</Card.Content>
+	</Card.Root>
+{/if}

 <Card.Root>
 	<Card.Header>
--- a/frontend/src/routes/settings/admin/application-configuration/forms/app-config-general-form.svelte
+++ b/frontend/src/routes/settings/admin/application-configuration/forms/app-config-general-form.svelte
@@ -21,13 +21,15 @@
 	const updatedAppConfig = {
 		appName: appConfig.appName,
 		sessionDuration: appConfig.sessionDuration,
-		emailsVerified: appConfig.emailsVerified
+		emailsVerified: appConfig.emailsVerified,
+		allowOwnAccountEdit: appConfig.allowOwnAccountEdit
 	};

 	const formSchema = z.object({
 		appName: z.string().min(2).max(30),
 		sessionDuration: z.number().min(1).max(43200),
-		emailsVerified: z.boolean()
+		emailsVerified: z.boolean(),
+		allowOwnAccountEdit: z.boolean()
 	});

 	const { inputs, ...form } = createForm<typeof formSchema>(formSchema, updatedAppConfig);
@@ -49,6 +51,17 @@
 			description="The duration of a session in minutes before the user has to sign in again."
 			bind:input={$inputs.sessionDuration}
 		/>
+		<div class="items-top mt-5 flex space-x-2">
+			<Checkbox id="admin-privileges" bind:checked={$inputs.allowOwnAccountEdit.value} />
+			<div class="grid gap-1.5 leading-none">
+				<Label for="admin-privileges" class="mb-0 text-sm font-medium leading-none">
+					Enable Self-Account Editing
+				</Label>
+				<p class="text-muted-foreground text-[0.8rem]">
+					Whether the user should be able to edit their own account details.
+				</p>
+			</div>
+		</div>
 		<div class="items-top mt-5 flex space-x-2">
 			<Checkbox id="admin-privileges" bind:checked={$inputs.emailsVerified.value} />
 			<div class="grid gap-1.5 leading-none">