mgr/dashboard: Remove username and password from request body

Fixes: https://tracker.ceph.com/issues/50451
Signed-off-by: Nizamudeen A <nia@redhat.com>
(cherry picked from commit 273a776cad8065f568f17a05804aabd14625a1f0)

diff --git a/src/pybind/mgr/dashboard/frontend/src/app/shared/api/user.service.spec.ts b/src/pybind/mgr/dashboard/frontend/src/app/shared/api/user.service.spec.ts
index 25d85db493436f970d016529d5390b6f1797a4cf..ba038a72553b864e9289677304a25e3a8ca7f007 100644 (file)
--- a/src/pybind/mgr/dashboard/frontend/src/app/shared/api/user.service.spec.ts
+++ b/src/pybind/mgr/dashboard/frontend/src/app/shared/api/user.service.spec.ts
@@ -83,19 +83,22 @@ describe('UserService', () => {
 
   it('should call validatePassword', () => {
     service.validatePassword('foo').subscribe();
-    const req = httpTesting.expectOne('api/user/validate_password?password=foo');
+    const req = httpTesting.expectOne('api/user/validate_password');
     expect(req.request.method).toBe('POST');
+    expect(req.request.body).toEqual({ password: 'foo', old_password: null, username: null });
   });
 
   it('should call validatePassword (incl. name)', () => {
     service.validatePassword('foo_bar', 'bar').subscribe();
-    const req = httpTesting.expectOne('api/user/validate_password?password=foo_bar&username=bar');
+    const req = httpTesting.expectOne('api/user/validate_password');
     expect(req.request.method).toBe('POST');
+    expect(req.request.body).toEqual({ password: 'foo_bar', username: 'bar', old_password: null });
   });
 
   it('should call validatePassword (incl. old password)', () => {
     service.validatePassword('foo', null, 'foo').subscribe();
-    const req = httpTesting.expectOne('api/user/validate_password?password=foo&old_password=foo');
+    const req = httpTesting.expectOne('api/user/validate_password');
     expect(req.request.method).toBe('POST');
+    expect(req.request.body).toEqual({ password: 'foo', old_password: 'foo', username: null });
   });
 });

diff --git a/src/pybind/mgr/dashboard/frontend/src/app/shared/api/user.service.ts b/src/pybind/mgr/dashboard/frontend/src/app/shared/api/user.service.ts
index bb358925e39551fec7a3174dcedd8b8901d6a066..95c80dd4665a039cc41e67e9c162b30d43a9650a 100644 (file)
--- a/src/pybind/mgr/dashboard/frontend/src/app/shared/api/user.service.ts
+++ b/src/pybind/mgr/dashboard/frontend/src/app/shared/api/user.service.ts
@@ -1,4 +1,4 @@
-import { HttpClient, HttpParams } from '@angular/common/http';
+import { HttpClient } from '@angular/common/http';
 import { Injectable } from '@angular/core';
 
 import { Observable, of as observableOf } from 'rxjs';
@@ -53,14 +53,10 @@ export class UserService {
   }
 
   validatePassword(password: string, username: string = null, oldPassword: string = null) {
-    let params = new HttpParams();
-    params = params.append('password', password);
-    if (username) {
-      params = params.append('username', username);
-    }
-    if (oldPassword) {
-      params = params.append('old_password', oldPassword);
-    }
-    return this.http.post('api/user/validate_password', null, { params });
+    return this.http.post('api/user/validate_password', {
+      password: password,
+      username: username,
+      old_password: oldPassword
+    });
   }
 }