RED-7874 - Integrate "user has no roles" message in sign-in page

src/lib/tenants/tenant-select/tenant-select.component.html

@@ -8,8 +8,8 @@
 
     <iqser-spacer [height]="100"></iqser-spacer>
 
-    <ng-container *ngIf="isLoggedOut">
+    <ng-container *ngIf="isLoggedOut || noRoleLogOut">
-        <div class="heading-xl" translate="tenant-resolve.header.youre-logged-out"></div>
+        <div class="heading-xl" [translate]="isLoggedOut ? translations.IS_LOGGED_OUT : translations.NO_ROLE_LOG_OUT"></div>
         <iqser-spacer [height]="75"></iqser-spacer>
     </ng-container>
 

src/lib/tenants/tenant-select/tenant-select.component.ts

@@ -9,6 +9,7 @@ import { getKeycloakOptions } from '../keycloak-initializer';
 import { IStoredTenantId, TenantsService } from '../services';
 import { KeycloakStatusService } from '../services/keycloak-status.service';
 import { UI_ROOT } from '../../utils';
+import { selectTenantTranslations } from '../../../../../../apps/red-ui/src/app/translations/select-tenant-translations';
 
 @Component({
     templateUrl: './tenant-select.component.html',
@@ -17,6 +18,7 @@ import { UI_ROOT } from '../../utils';
 })
 export class TenantSelectComponent {
     @Input() isLoggedOut = false;
+    @Input() noRoleLogOut = false;
     protected readonly logger = inject(NGXLogger);
     protected readonly tenantsService = inject(TenantsService);
     protected storedTenants: IStoredTenantId[] = [];
@@ -29,6 +31,7 @@ export class TenantSelectComponent {
         // eslint-disable-next-line @typescript-eslint/unbound-method
         tenantId: ['', Validators.required],
     });
+    protected readonly translations = selectTenantTranslations;
     readonly #uiRoot = inject(UI_ROOT);
 
     constructor() {

src/lib/users/guards/roles.guard.ts

@@ -17,11 +17,11 @@ export function doesNotHaveAnyRole(): AsyncGuard {
 
 export function hasAnyRole(): AsyncGuard {
     return async () => {
-        const router = inject(Router);
+        const userService = inject(IqserUserService);
-        const user = await inject(IqserUserService).loadCurrentUser();
+        const user = await userService.loadCurrentUser();
 
         if (!user?.hasAnyRole) {
-            await router.navigate(['auth-error']);
+            await userService.logout(true);
             return false;
         }
         return true;

src/lib/users/services/iqser-user.service.ts

@@ -58,11 +58,12 @@ export abstract class IqserUserService<
         await firstValueFrom(this.loadAll());
     }
 
-    async logout() {
+    async logout(noRoleLogOut = false) {
         try {
             await this._keycloakService.loadUserProfile(true);
             await this._cacheApiService.wipeCaches();
-            const redirectUri = window.location.origin + this.#uiRoot + '/?isLoggedOut=true';
+            const logoutParam = noRoleLogOut ? 'noRoleLogOut' : 'isLoggedOut';
+            const redirectUri = window.location.origin + this.#uiRoot + `/?${logoutParam}=true`;
             await this._keycloakService.logout(redirectUri);
         } catch (e) {
             console.log('Logout failed: ', e);