[#9192] Makes forgot-password link removable

[vins01-4science]

References

• Fixes Make forgot-password link removable #9192
• Requires [#2622] Makes forgot-password link removable dspace-angular#2624

Description

This PR introduces a new AuthorizationFeature that checks for the forgot-password feature.
The same feature can also check, whenever is provided, that the user is able to update its password.

Instructions for Reviewers

Try to enable the additional configuration:

user.forgot-password = false

inside the authentication-password.cfg and check that it is not shown inside the login-component, in both:

• dropdown login menu
• login page

Checklist

• My PR is small in size (e.g. less than 1,000 lines of code, not including comments & integration tests). Exceptions may be made if previously agreed upon.
• My PR passes Checkstyle validation based on the Code Style Guide.
• My PR includes Javadoc for all new (or modified) public methods and classes. It also includes Javadoc for large or complex private methods.
• My PR passes all tests and includes new/updated Unit or Integration Tests based on the Code Testing Guide.
• If my PR includes new libraries/dependencies (in any pom.xml), I've made sure their licenses align with the DSpace BSD License based on the Licensing of Contributions documentation.
• If my PR modifies REST API endpoints, I've opened a separate REST Contract PR related to this change.
• If my PR includes new configurations, I've provided basic technical documentation in the PR itself.
• If my PR fixes an issue ticket, I've linked them together.

[tdonohue]

@vins01-4science : Thanks! Overall, this looks good. I reported most of my feedback in my frontend review.

That said, I did notice some IT cleanup that can be done in this PR. You don't need to reset configurations back to the original values (they do that automatically). There's also a missing IT that we probably should add. See inline comments below.

[vins01-4science]

@vins01-4science : Thanks! Overall, this looks good. I reported most of my feedback in my frontend review.

That said, I did notice some IT cleanup that can be done in this PR. You don't need to reset configurations back to the original values (they do that automatically). There's also a missing IT that we probably should add. See inline comments below.

@tdonohue Thank you for the review.

All the changes have been addressed on this PR.

Let me know if you find something else.

[tdonohue]

👍 Thank you @vins01-4science ! This looks good to me now.

I will note though that we MUST add documentation for this new user.forgot-password configuration to the DSpace 8.x docs. It probably should just be added next to user.registration here: https://wiki.lyrasis.org/display/DSDOC8x/Authentication+Plugins#AuthenticationPlugins-ConfiguringAuthenticationbyPassword

I'll get this merged, but will add a needs documentation label until the docs have been added. If you can find time to add them, please link them here & we can remove that label.

[vins01-4science]

👍 Thank you @vins01-4science ! This looks good to me now.

I will note though that we MUST add documentation for this new user.forgot-password configuration to the DSpace 8.x docs. It probably should just be added next to user.registration here: https://wiki.lyrasis.org/display/DSDOC8x/Authentication+Plugins#AuthenticationPlugins-ConfiguringAuthenticationbyPassword

I'll get this merged, but will add a needs documentation label until the docs have been added. If you can find time to add them, please link them here & we can remove that label.

@tdonohue Thank you!

I modified that page, by placing the new property right after the user.registration one, just like you told me.
Let me know if we need to document it somewhere else.

[tdonohue]

Thanks @vins01-4science ! The documentation looks good to me. https://wiki.lyrasis.org/display/DSDOC8x/Authentication+Plugins#AuthenticationPlugins-ConfiguringAuthenticationbyPassword

I'll remove the needs documentation label.