Stirling-PDF/src/main/java/stirling/software/SPDF/config/security/AppUpdateAuthService.java

package stirling.software.SPDF.config.security;

import java.util.Optional;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Service;

import stirling.software.SPDF.config.ShowAdminInterface;
import stirling.software.SPDF.model.ApplicationProperties;
import stirling.software.SPDF.model.User;
import stirling.software.SPDF.repository.UserRepository;

@Service
class AppUpdateAuthService implements ShowAdminInterface {

    @Autowired private UserRepository userRepository;
    @Autowired private ApplicationProperties applicationProperties;

    public boolean getShowUpdateOnlyAdmins() {
        boolean showUpdate = applicationProperties.getSystem().getShowUpdate();
        if (!showUpdate) {
            return showUpdate;
        }

        boolean showUpdateOnlyAdmin = applicationProperties.getSystem().getShowUpdateOnlyAdmin();

        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();

        if (authentication == null || !authentication.isAuthenticated()) {
            return !showUpdateOnlyAdmin;
        }

        if (authentication.getName().equalsIgnoreCase("anonymousUser")) {
            return !showUpdateOnlyAdmin;
        }

        Optional<User> user = userRepository.findByUsername(authentication.getName());
        if (user.isPresent() && showUpdateOnlyAdmin) {
            return "ROLE_ADMIN".equals(user.get().getRolesAsString());
        }

        return showUpdate;
    }
}
UI: settings show/hide update display (#1072) * UI: settings show/hide update display This PR replaces the PR #1003 In this PR, the visual for available update is added to the foreground. There are new settings to generally show/hide the update display, and only administrators receive the update display. * change to `Bean` * Update AppUpdateShowService.java * add update message * revision service * change shouldShow * Update githubVersion.js * rm folder * Update AppUpdateService.java 2024-04-21 13:15:18 +02:00			`package stirling.software.SPDF.config.security;`

			`import java.util.Optional;`

			`import org.springframework.beans.factory.annotation.Autowired;`
			`import org.springframework.security.core.Authentication;`
			`import org.springframework.security.core.context.SecurityContextHolder;`
			`import org.springframework.stereotype.Service;`

			`import stirling.software.SPDF.config.ShowAdminInterface;`
			`import stirling.software.SPDF.model.ApplicationProperties;`
			`import stirling.software.SPDF.model.User;`
			`import stirling.software.SPDF.repository.UserRepository;`

			`@Service`
			`class AppUpdateAuthService implements ShowAdminInterface {`

			`@Autowired private UserRepository userRepository;`
			`@Autowired private ApplicationProperties applicationProperties;`

			`public boolean getShowUpdateOnlyAdmins() {`
			`boolean showUpdate = applicationProperties.getSystem().getShowUpdate();`
			`if (!showUpdate) {`
			`return showUpdate;`
			`}`

			`boolean showUpdateOnlyAdmin = applicationProperties.getSystem().getShowUpdateOnlyAdmin();`

			`Authentication authentication = SecurityContextHolder.getContext().getAuthentication();`

			`if (authentication == null \|\| !authentication.isAuthenticated()) {`
			`return !showUpdateOnlyAdmin;`
			`}`

			`if (authentication.getName().equalsIgnoreCase("anonymousUser")) {`
			`return !showUpdateOnlyAdmin;`
			`}`

			`Optional<User> user = userRepository.findByUsername(authentication.getName());`
			`if (user.isPresent() && showUpdateOnlyAdmin) {`
			`return "ROLE_ADMIN".equals(user.get().getRolesAsString());`
			`}`

			`return showUpdate;`
			`}`
			`}`