HAM/Berufsschule_HAM
1
0
Fork 1
mirror of https://github.com/LD-Reborn/Berufsschule_HAM.git synced 2025-12-20 06:51:55 +00:00
Code Issues Packages Projects 1 Releases Wiki Activity

Added CanManageSettings claim, Implemented authorization for admin settings

Browse Source
This commit is contained in:
LD-Reborn
2025-11-02 15:23:31 +01:00
parent d559328902
commit af70cfb5f8
7 changed files with 38 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
docs/Specs/Object attribute specs.md
View File

@@ -29,7 +29,7 @@
- gidNumber = group id number (e.g. 1)
- displayName = display name (e.g. "Administrator")
- description = json string containing data as JSON. E.g.:
- `{"Permissions": ["CanInventorize", "CanManageUsers", "CanManageLocations", "CanManageAssets", "CanManageGroups"]}`
- `{"Permissions": ["CanInventorize", "CanManageUsers", "CanManageLocations", "CanManageAssets", "CanManageGroups", "CanManageSettings"]}`
## assets
- ObjectClass:

3
src/Controllers/SettingsController.cs
View File

@@ -28,12 +28,15 @@ public class SettingsController : Controller
return View();
}
[Authorize(Roles = "CanManageSettings")]
[HttpGet("Admin")]
public async Task<IActionResult> AdminAsync()
{
AdminSettingsModel adminSettingsModel = await _ldap.GetAdminSettingsModelAsync();
return View();
}
[Authorize(Roles = "CanManageSettings")]
[HttpPut("Admin")]
public async Task<AdminUpdateResponseModel> UpdateAdminAsync([FromBody]AdminUpdateRequestModel adminSettingsRequestModel)
{

3
src/Models/GroupModel.cs
View File

@@ -48,5 +48,6 @@ public enum GroupPermission
CanManageUsers,
CanManageLocations,
CanManageAssets,
CanManageGroups
CanManageGroups,
CanManageSettings
}

4
src/Models/GroupsViewModels.cs
View File

@@ -16,7 +16,8 @@ public class GroupsIndexViewModel
CanManageAssets = model.Permissions.Any(x => x == GroupPermission.CanManageAssets),
CanManageGroups = model.Permissions.Any(x => x == GroupPermission.CanManageGroups),
CanManageLocations = model.Permissions.Any(x => x == GroupPermission.CanManageLocations),
CanManageUsers = model.Permissions.Any(x => x == GroupPermission.CanManageUsers)
CanManageUsers = model.Permissions.Any(x => x == GroupPermission.CanManageUsers),
CanManageSettings = model.Permissions.Any(x => x == GroupPermission.CanManageSettings)
});
}
}
@@ -35,4 +36,5 @@ public class GroupsTableViewModel
public required bool CanManageLocations { get; set; }
public required bool CanManageAssets { get; set; }
public required bool CanManageGroups { get; set; }
public required bool CanManageSettings { get; set; }
}

6
src/Resources/Views.Home.Groups.de.resx
View File

@@ -37,6 +37,9 @@
<data name="manage groups" xml:space="preserve">
<value>Gruppen verwalten</value>
</data>
<data name="manage settings" xml:space="preserve">
<value>Einstellungen verwalten</value>
</data>
<data name="Action" xml:space="preserve">
<value>Aktion</value>
</data>
@@ -79,6 +82,9 @@
<data name="Can manage locations" xml:space="preserve">
<value>Kann Orte verwalten</value>
</data>
<data name="Can manage settings" xml:space="preserve">
<value>Kann Einstellungen verwalten</value>
</data>
<data name="Cancel" xml:space="preserve">
<value>Abbrechen</value>
</data>

19
src/Views/Home/Groups.cshtml
View File

@@ -29,6 +29,7 @@
<th class="text-center">@T["Can"]:<br/>@T["manage locations"]</th>
<th class="text-center">@T["Can"]:<br/>@T["manage assets"]</th>
<th class="text-center">@T["Can"]:<br/>@T["manage groups"]</th>
<th class="text-center">@T["Can"]:<br/>@T["manage settings"]</th>
<th class="text-center">@T["Action"]</th>
</tr>
</thead>
@@ -43,6 +44,7 @@
<td class="text-center @(groupTableViewModel.CanManageLocations ? "text-success" : "text-danger")">@(groupTableViewModel.CanManageLocations ? "✓" : "✗")</td>
<td class="text-center @(groupTableViewModel.CanManageAssets ? "text-success" : "text-danger")">@(groupTableViewModel.CanManageAssets ? "✓" : "✗")</td>
<td class="text-center @(groupTableViewModel.CanManageGroups ? "text-success" : "text-danger")">@(groupTableViewModel.CanManageGroups ? "✓" : "✗")</td>
<td class="text-center @(groupTableViewModel.CanManageSettings ? "text-success" : "text-danger")">@(groupTableViewModel.CanManageSettings ? "✓" : "✗")</td>
<td class="text-center">
<div class="d-flex gap-2 justify-content-center">
<button class="btn btn-sm btn-warning btn-update"
@@ -202,6 +204,10 @@
<input type="checkbox" class="form-check-input" name="Permissions.CanManageLocations" id="canManageLocations" />
<label class="form-check-label" for="canManageLocations">@T["Can manage locations"]</label>
</div>
<div class="form-check">
<input type="checkbox" class="form-check-input" name="Permissions.CanManageSettings" id="canManageSettings" />
<label class="form-check-label" for="canManageSettings">@T["Can manage settings"]</label>
</div>
</div>
</div>
</div>
@@ -236,6 +242,7 @@
if (createForm.querySelector('[name="Permissions.CanManageAssets"]').checked) jsonData.Permissions.push("CanManageAssets");
if (createForm.querySelector('[name="Permissions.CanManageUsers"]').checked) jsonData.Permissions.push("CanManageUsers");
if (createForm.querySelector('[name="Permissions.CanManageGroups"]').checked) jsonData.Permissions.push("CanManageGroups");
if (createForm.querySelector('[name="Permissions.CanManageSettings"]').checked) jsonData.Permissions.push("CanManageSettings");
if (createForm.querySelector('[name="Permissions.CanManageLocations"]').checked) jsonData.Permissions.push("CanManageLocations");
try {
@@ -265,6 +272,7 @@
<td class="text-center ${jsonData.Permissions.includes("CanManageLocations") ? "text-success" : "text-danger"}">${jsonData.Permissions.includes("CanManageLocations") ? "✓" : "✗"}</td>
<td class="text-center ${jsonData.Permissions.includes("CanManageAssets") ? "text-success" : "text-danger"}">${jsonData.Permissions.includes("CanManageAssets") ? "✓" : "✗"}</td>
<td class="text-center ${jsonData.Permissions.includes("CanManageGroups") ? "text-success" : "text-danger"}">${jsonData.Permissions.includes("CanManageGroups") ? "✓" : "✗"}</td>
<td class="text-center ${jsonData.Permissions.includes("CanManageSettings") ? "text-success" : "text-danger"}">${jsonData.Permissions.includes("CanManageSettings") ? "✓" : "✗"}</td>
<td style="text-align: center">
<div class="d-flex gap-2 justify-content-center">
<button class="btn btn-sm btn-warning btn-update"
@@ -353,6 +361,10 @@
<input type="checkbox" class="form-check-input" name="Description.Permissions.CanManageLocations" id="canManageLocations" />
<label class="form-check-label" for="canManageLocations">@T["Can manage locations"]</label>
</div>
<div class="form-check">
<input type="checkbox" class="form-check-input" name="Description.Permissions.CanManageSettings" id="canManageSettings" />
<label class="form-check-label" for="canManageSettings">@T["Can manage settings"]</label>
</div>
</div>
</div>
</div>
@@ -451,6 +463,7 @@ document.addEventListener('DOMContentLoaded', () => {
row.children[3].textContent = jsonData.Description.Permissions.includes("CanManageLocations") ? "✓" : "✗" || '';
row.children[4].textContent = jsonData.Description.Permissions.includes("CanManageAssets") ? "✓" : "✗" || '';
row.children[5].textContent = jsonData.Description.Permissions.includes("CanManageGroups") ? "✓" : "✗" || '';
row.children[6].textContent = jsonData.Description.Permissions.includes("CanManageSettings") ? "✓" : "✗" || '';
if (jsonData.Description.Permissions.includes("CanInventorize")) {
row.children[1].className = "text-center text-success";
} else {
@@ -480,6 +493,12 @@ document.addEventListener('DOMContentLoaded', () => {
} else {
row.children[5].className = "text-center text-danger";
}
if (jsonData.Description.Permissions.includes("CanManageSettings")) {
row.children[6].className = "text-center text-success";
} else {
row.children[6].className = "text-center text-danger";
}
}
} else {
showToast(result.reason || '@T["Error updating group"]', 'danger');

3
src/Views/Shared/_Layout.cshtml
View File

@@ -97,7 +97,10 @@
</div>
<ul class="dropdown-menu dropdown-menu-end" aria-labelledby="userDropdown">
<li><a class="dropdown-item" asp-controller="Settings" asp-action="User">@T["User settings"]</a></li>
@if (User.HasClaim(ClaimTypes.Role, "CanManageSettings"))
{
<li><a class="dropdown-item" asp-controller="Settings" asp-action="Admin">@T["Admin settings"]</a></li>
}
<li><hr class="dropdown-divider"></li>
<li><a class="dropdown-item" asp-controller="Home" asp-action="Logout">@T["Log out"]</a></li>
</ul>