HAM/Berufsschule_HAM
1
0
Fork 1
mirror of https://github.com/LD-Reborn/Berufsschule_HAM.git synced 2025-12-20 06:51:55 +00:00
Code Issues Packages Projects 1 Releases Wiki Activity

Added CanManageSettings claim, Implemented authorization for admin settings

Browse Source
This commit is contained in:
LD-Reborn
2025-11-02 15:23:31 +01:00
parent d559328902
commit af70cfb5f8
7 changed files with 38 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
src/Views/Home/Groups.cshtml
View File

@@ -29,6 +29,7 @@
<th class="text-center">@T["Can"]:<br/>@T["manage locations"]</th>
<th class="text-center">@T["Can"]:<br/>@T["manage assets"]</th>
<th class="text-center">@T["Can"]:<br/>@T["manage groups"]</th>
<th class="text-center">@T["Can"]:<br/>@T["manage settings"]</th>
<th class="text-center">@T["Action"]</th>
</tr>
</thead>
@@ -43,6 +44,7 @@
<td class="text-center @(groupTableViewModel.CanManageLocations ? "text-success" : "text-danger")">@(groupTableViewModel.CanManageLocations ? "✓" : "✗")</td>
<td class="text-center @(groupTableViewModel.CanManageAssets ? "text-success" : "text-danger")">@(groupTableViewModel.CanManageAssets ? "✓" : "✗")</td>
<td class="text-center @(groupTableViewModel.CanManageGroups ? "text-success" : "text-danger")">@(groupTableViewModel.CanManageGroups ? "✓" : "✗")</td>
<td class="text-center @(groupTableViewModel.CanManageSettings ? "text-success" : "text-danger")">@(groupTableViewModel.CanManageSettings ? "✓" : "✗")</td>
<td class="text-center">
<div class="d-flex gap-2 justify-content-center">
<button class="btn btn-sm btn-warning btn-update"
@@ -202,6 +204,10 @@
<input type="checkbox" class="form-check-input" name="Permissions.CanManageLocations" id="canManageLocations" />
<label class="form-check-label" for="canManageLocations">@T["Can manage locations"]</label>
</div>
<div class="form-check">
<input type="checkbox" class="form-check-input" name="Permissions.CanManageSettings" id="canManageSettings" />
<label class="form-check-label" for="canManageSettings">@T["Can manage settings"]</label>
</div>
</div>
</div>
</div>
@@ -236,6 +242,7 @@
if (createForm.querySelector('[name="Permissions.CanManageAssets"]').checked) jsonData.Permissions.push("CanManageAssets");
if (createForm.querySelector('[name="Permissions.CanManageUsers"]').checked) jsonData.Permissions.push("CanManageUsers");
if (createForm.querySelector('[name="Permissions.CanManageGroups"]').checked) jsonData.Permissions.push("CanManageGroups");
if (createForm.querySelector('[name="Permissions.CanManageSettings"]').checked) jsonData.Permissions.push("CanManageSettings");
if (createForm.querySelector('[name="Permissions.CanManageLocations"]').checked) jsonData.Permissions.push("CanManageLocations");
try {
@@ -265,6 +272,7 @@
<td class="text-center ${jsonData.Permissions.includes("CanManageLocations") ? "text-success" : "text-danger"}">${jsonData.Permissions.includes("CanManageLocations") ? "✓" : "✗"}</td>
<td class="text-center ${jsonData.Permissions.includes("CanManageAssets") ? "text-success" : "text-danger"}">${jsonData.Permissions.includes("CanManageAssets") ? "✓" : "✗"}</td>
<td class="text-center ${jsonData.Permissions.includes("CanManageGroups") ? "text-success" : "text-danger"}">${jsonData.Permissions.includes("CanManageGroups") ? "✓" : "✗"}</td>
<td class="text-center ${jsonData.Permissions.includes("CanManageSettings") ? "text-success" : "text-danger"}">${jsonData.Permissions.includes("CanManageSettings") ? "✓" : "✗"}</td>
<td style="text-align: center">
<div class="d-flex gap-2 justify-content-center">
<button class="btn btn-sm btn-warning btn-update"
@@ -353,6 +361,10 @@
<input type="checkbox" class="form-check-input" name="Description.Permissions.CanManageLocations" id="canManageLocations" />
<label class="form-check-label" for="canManageLocations">@T["Can manage locations"]</label>
</div>
<div class="form-check">
<input type="checkbox" class="form-check-input" name="Description.Permissions.CanManageSettings" id="canManageSettings" />
<label class="form-check-label" for="canManageSettings">@T["Can manage settings"]</label>
</div>
</div>
</div>
</div>
@@ -451,6 +463,7 @@ document.addEventListener('DOMContentLoaded', () => {
row.children[3].textContent = jsonData.Description.Permissions.includes("CanManageLocations") ? "✓" : "✗" || '';
row.children[4].textContent = jsonData.Description.Permissions.includes("CanManageAssets") ? "✓" : "✗" || '';
row.children[5].textContent = jsonData.Description.Permissions.includes("CanManageGroups") ? "✓" : "✗" || '';
row.children[6].textContent = jsonData.Description.Permissions.includes("CanManageSettings") ? "✓" : "✗" || '';
if (jsonData.Description.Permissions.includes("CanInventorize")) {
row.children[1].className = "text-center text-success";
} else {
@@ -480,6 +493,12 @@ document.addEventListener('DOMContentLoaded', () => {
} else {
row.children[5].className = "text-center text-danger";
}
if (jsonData.Description.Permissions.includes("CanManageSettings")) {
row.children[6].className = "text-center text-success";
} else {
row.children[6].className = "text-center text-danger";
}
}
} else {
showToast(result.reason || '@T["Error updating group"]', 'danger');

5
src/Views/Shared/_Layout.cshtml
View File

@@ -97,7 +97,10 @@
</div>
<ul class="dropdown-menu dropdown-menu-end" aria-labelledby="userDropdown">
<li><a class="dropdown-item" asp-controller="Settings" asp-action="User">@T["User settings"]</a></li>
<li><a class="dropdown-item" asp-controller="Settings" asp-action="Admin">@T["Admin settings"]</a></li>
@if (User.HasClaim(ClaimTypes.Role, "CanManageSettings"))
{
<li><a class="dropdown-item" asp-controller="Settings" asp-action="Admin">@T["Admin settings"]</a></li>
}
<li><hr class="dropdown-divider"></li>
<li><a class="dropdown-item" asp-controller="Home" asp-action="Logout">@T["Log out"]</a></li>
</ul>