add permissions for tenant users page

This commit is contained in:
amentis 2024-06-25 17:14:54 +03:00
parent 70d7c383e0
commit 4ce55249cd
4 changed files with 31 additions and 5 deletions

View File

@ -57,6 +57,8 @@ public final class Permission {
public static String EditUser = "EditUser";
public static String DeleteUser = "DeleteUser";
public static String ExportUsers = "ExportUsers";
public static String EditTenantUserRole = "EditTenantUserRole";
public static String InviteTenantUser = "InviteTenantUser";
public static String BrowseDmpAssociatedUser = "BrowseDmpAssociatedUser";

View File

@ -319,7 +319,7 @@ public class UserServiceImpl implements UserService {
@Override
public User patchRoles(UserRolePatchPersist model, FieldSet fields) throws InvalidApplicationException {
logger.debug(new MapLogEntry("persisting data UserRole").And("model", model).And("fields", fields));
this.authorizationService.authorizeForce(Permission.EditUser);
this.authorizationService.authorizeAtLeastOneForce(this.userScope.getUserId() != null ? List.of(new OwnedResource(this.userScope.getUserId())) : null, Permission.EditUser, Permission.EditTenantUserRole);
UserEntity data = this.entityManager.find(UserEntity.class, model.getId(), true);
if (data == null) throw new MyNotFoundException(this.messageSource.getMessage("General_ItemNotFound", new Object[]{model.getId(), User.class.getSimpleName()}, LocaleContextHolder.getLocale()));
@ -914,10 +914,13 @@ public class UserServiceImpl implements UserService {
}
public void sendUserToTenantInvitation(UserTenantUsersInviteRequest users) throws InvalidApplicationException, JAXBException {
this.authorizationService.authorizeForce(Permission.InviteTenantUser);
TenantEntity tenantEntity = null;
String tenantName = null;
String tenantCode;
if (this.tenantScope.getTenantCode() != null && !this.tenantScope.getTenantCode().equals(this.tenantScope.getDefaultTenantCode())) {
TenantEntity tenantEntity = this.queryFactory.query(TenantQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).codes(this.tenantScope.getTenantCode()).isActive(IsActive.Active).first();
tenantEntity = this.queryFactory.query(TenantQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).codes(this.tenantScope.getTenantCode()).isActive(IsActive.Active).first();
if (tenantEntity == null) throw new MyApplicationException("Tenant not found");
tenantName = tenantEntity.getName();
tenantCode = tenantEntity.getCode();
@ -927,8 +930,14 @@ public class UserServiceImpl implements UserService {
for (UserInviteToTenantRequestPersist user: users.getUsers()) {
String token = this.createUserInviteToTenantConfirmation(user, tenantCode);
UserContactInfoEntity contactInfoEntity = this.queryFactory.query(UserContactInfoQuery.class).disableTracking().values(user.getEmail()).types(ContactInfoType.Email).first();
if (contactInfoEntity != null){
this.createTenantSpecificInvitationUserNotificationEvent(token, user.getEmail(), tenantName, contactInfoEntity.getUserId());
if (contactInfoEntity != null && contactInfoEntity.getUserId() != null){
if (tenantEntity != null){
if (this.queryFactory.query(TenantUserQuery.class).disableTracking().authorize(AuthorizationFlags.AllExceptPublic).tenantIds(tenantEntity.getId()).userIds(contactInfoEntity.getUserId()).isActive(IsActive.Active).count() > 0){
this.createTenantSpecificInvitationUserNotificationEvent(token, user.getEmail(), tenantName, contactInfoEntity.getUserId());
} else this.createTenantSpecificInvitationUserNotificationEvent(token, user.getEmail(), tenantName, null);
} else if (tenantCode.equals(this.tenantScope.getDefaultTenantCode())){
this.createTenantSpecificInvitationUserNotificationEvent(token, user.getEmail(), tenantName, contactInfoEntity.getUserId());
}
} else {
this.createTenantSpecificInvitationUserNotificationEvent(token, user.getEmail(), tenantName, null);
}

View File

@ -318,6 +318,20 @@ permissions:
clients: [ ]
allowAnonymous: false
allowAuthenticated: false
EditTenantUserRole:
roles:
- Admin
- TenantAdmin
clients: [ ]
allowAnonymous: false
allowAuthenticated: false
InviteTenantUser:
roles:
- Admin
- TenantAdmin
clients: [ ]
allowAnonymous: false
allowAuthenticated: false
BrowseDmpAssociatedUser:
roles:
- Admin
@ -1100,6 +1114,7 @@ permissions:
allowAuthenticated: false
ViewTenantUserPage:
roles:
- Admin
- TenantAdmin
clients: [ ]
allowAnonymous: false

View File

@ -12,7 +12,7 @@
</button>
</div>
<div class="col-auto">
<button mat-raised-button class="create-btn" (click)="export()" *ngIf="authService.hasPermission(authService.permissionEnum.ExportUsers)">
<button mat-raised-button class="create-btn" (click)="export()" *ngIf="authService.hasPermission(authService.permissionEnum.ExportUsers) && !hasTenantAdminMode">
<mat-icon>download</mat-icon>
{{'USER-LISTING.ACTIONS.EXPORT' | translate}}
</button>