mgr/dashboard: fix visibility of pwdExpirationDate field

Show the 'pwdExpirationDate' form field only if SSO is not enabled.
Also show a helper message if 'pwdExpirationSpan' is '0' to let
the admin know that the password will only expire once.

Fixes: https://tracker.ceph.com/issues/43523
Signed-off-by: Tatjana Dehler <tdehler@suse.com>

diff --git a/src/pybind/mgr/dashboard/frontend/src/app/core/auth/user-form/user-form.component.html b/src/pybind/mgr/dashboard/frontend/src/app/core/auth/user-form/user-form.component.html
index fd942c386c1542de7f7ea278a15b905e99e72027..e8e0eeb32d96e5c0b07cbe56d0a7af65e0dee86f 100644 (file)
--- a/src/pybind/mgr/dashboard/frontend/src/app/core/auth/user-form/user-form.component.html
+++ b/src/pybind/mgr/dashboard/frontend/src/app/core/auth/user-form/user-form.component.html
@@ -103,13 +103,26 @@
                   i18n>Password confirmation doesn't match the password.</span>
           </div>
         </div>
-
         <!-- Password expiration date -->
         <div class="form-group row"
-             *ngIf="showExpirationDateField()">
+             *ngIf="!authStorageService.isSSO()">
           <label class="col-form-label col-sm-3"
                  for="pwdExpirationDate">
             <ng-container i18n>Password expiration date</ng-container>
+            <cd-helper class="text-pre"
+                       *ngIf="pwdExpirationSettings.pwdExpirationSpan == 0">
+              <p>
+                The Dashboard setting defining the expiration interval of
+                passwords is currently set to <strong>0</strong>. This means
+                if a date is set, the user password will only expire once.
+              </p>
+              <p>
+                Consider configuring the Dashboard setting
+                <a routerLink="/mgr-modules/edit/dashboard"
+                   class="alert-link">USER_PWD_EXPIRATION_SPAN</a>
+                in order to let passwords expire periodically.
+              </p>
+            </cd-helper>
             <span class="required"
                   *ngIf="pwdExpirationSettings.pwdExpirationSpan > 0"></span>
           </label>

diff --git a/src/pybind/mgr/dashboard/frontend/src/app/core/auth/user-form/user-form.component.ts b/src/pybind/mgr/dashboard/frontend/src/app/core/auth/user-form/user-form.component.ts
index e954591c4a6e6b648293d8856c2fe433ab1907a3..ba3593e48b3b8ad90bd958dffbee6da05c8c85e5 100644 (file)
--- a/src/pybind/mgr/dashboard/frontend/src/app/core/auth/user-form/user-form.component.ts
+++ b/src/pybind/mgr/dashboard/frontend/src/app/core/auth/user-form/user-form.component.ts
@@ -227,14 +227,6 @@ export class UserFormComponent implements OnInit {
     }
   }
 
-  showExpirationDateField() {
-    return (
-      this.userForm.getValue('pwdExpirationDate') > 0 ||
-      this.userForm.touched ||
-      this.pwdExpirationSettings.pwdExpirationSpan > 0
-    );
-  }
-
   public isCurrentUser(): boolean {
     return this.authStorageService.getUsername() === this.userForm.getValue('username');
   }