saulteafarmer/Stirling-PDF
1
0
Fork 0
mirror of https://github.com/Stirling-Tools/Stirling-PDF.git synced 2025-08-06 04:25:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

admin permission switch

Browse Source
This commit is contained in:
Anthony Stirling 2025-08-01 20:34:11 +01:00
parent b049638f49
commit a9def611f6
9 changed files with 21 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/core/src/main/resources/templates/account.html
View File

@ -32,7 +32,7 @@
</div>
<!-- Admin Settings Banner (for admins only) -->
<div th:if="${role == 'ROLE_ADMIN'}" class="data-panel data-mb-3" style="background-color: var(--md-sys-color-secondary-container);">
<div th:if="${isSystemAdmin}" class="data-panel data-mb-3" style="background-color: var(--md-sys-color-secondary-container);">
<div class="data-body" style="display: flex; align-items: center; justify-content: space-between; padding: 1rem 1.5rem; background-color: var(--md-sys-color-secondary-container);">
<div style="display: flex; align-items: center; gap: 1rem;">
<span class="material-symbols-rounded" style="font-size: 2rem; color: var(--md-sys-color-secondary);">

6
app/proprietary/src/main/java/stirling/software/proprietary/controller/AdminJobController.java
View File

@ -33,7 +33,7 @@ public class AdminJobController {
* @return Job statistics
*/
@GetMapping("/api/v1/admin/job/stats")
@PreAuthorize("hasRole('ROLE_ADMIN')")
@PreAuthorize("@roleBasedAuthorizationService.canManageAllUsers()")
public ResponseEntity<JobStats> getJobStats() {
JobStats stats = taskManager.getJobStats();
log.info(
@ -49,7 +49,7 @@ public class AdminJobController {
* @return Queue statistics
*/
@GetMapping("/api/v1/admin/job/queue/stats")
@PreAuthorize("hasRole('ROLE_ADMIN')")
@PreAuthorize("@roleBasedAuthorizationService.canManageAllUsers()")
public ResponseEntity<?> getQueueStats() {
Map<String, Object> queueStats = jobQueue.getQueueStats();
log.info("Admin requested queue stats: {} queued jobs", queueStats.get("queuedJobs"));
@ -62,7 +62,7 @@ public class AdminJobController {
* @return A response indicating how many jobs were cleaned up
*/
@PostMapping("/api/v1/admin/job/cleanup")
@PreAuthorize("hasRole('ROLE_ADMIN')")
@PreAuthorize("@roleBasedAuthorizationService.canManageAllUsers()")
public ResponseEntity<?> cleanupOldJobs() {
int beforeCount = taskManager.getJobStats().getTotalJobs();
taskManager.cleanupOldJobs();

9
app/proprietary/src/main/java/stirling/software/proprietary/security/config/AccountWebController.java
View File

@ -203,7 +203,7 @@ public class AccountWebController {
return "login";
}
@PreAuthorize("hasRole('ROLE_ADMIN')")
@PreAuthorize("@roleBasedAuthorizationService.canManageAllUsers()")
@GetMapping("/usage")
public String showUsage() {
if (!runningEE) {
@ -212,7 +212,7 @@ public class AccountWebController {
return "usage";
}
@PreAuthorize("hasRole('ROLE_ADMIN')")
@PreAuthorize("@roleBasedAuthorizationService.canManageAllUsers()")
@GetMapping("/adminSettings")
public String showAddUserForm(
HttpServletRequest request, Model model, Authentication authentication) {
@ -426,6 +426,11 @@ public class AccountWebController {
model.addAttribute("username", username);
model.addAttribute("messageType", messageType);
model.addAttribute("role", user.get().getRolesAsString());
model.addAttribute("isSystemAdmin", user.get().isSystemAdmin());
System.out.println("user.get().getRolesAsString()" + user.get().getRolesAsString());
System.out.println(
"isSystemAdmin\", user.get().isSystemAdmin()" + user.get().isSystemAdmin());
model.addAttribute("settings", settingsJson);
model.addAttribute("changeCredsFlag", user.get().isFirstLogin());
model.addAttribute("currentPage", "account");

2
app/proprietary/src/main/java/stirling/software/proprietary/security/controller/api/AdminSettingsController.java
View File

@ -43,7 +43,7 @@ import stirling.software.proprietary.security.model.api.admin.UpdateSettingsRequ
@Tag(name = "Admin Settings", description = "Admin-only Settings Management APIs")
@RequestMapping("/api/v1/admin/settings")
@RequiredArgsConstructor
@PreAuthorize("hasRole('ROLE_ADMIN')")
@PreAuthorize("@roleBasedAuthorizationService.canManageAllUsers()")
@Slf4j
public class AdminSettingsController {

2
app/proprietary/src/main/java/stirling/software/proprietary/security/controller/api/DatabaseController.java
View File

@ -33,7 +33,7 @@ import stirling.software.proprietary.security.service.DatabaseService;
@Slf4j
@Controller
@RequestMapping("/api/v1/database")
@PreAuthorize("hasRole('ROLE_ADMIN')")
@PreAuthorize("@roleBasedAuthorizationService.canManageAllUsers()")
@Conditional(H2SQLCondition.class)
@Tag(name = "Database", description = "Database APIs for backup, import, and management")
@RequiredArgsConstructor

8
app/proprietary/src/main/java/stirling/software/proprietary/security/controller/api/UserController.java
View File

@ -207,7 +207,7 @@ public class UserController {
return "redirect:/account";
}
@PreAuthorize("hasRole('ROLE_ADMIN')")
@PreAuthorize("@roleBasedAuthorizationService.canManageAllUsers()")
@PostMapping("/admin/saveUser")
public RedirectView saveUser(
@RequestParam(name = "username", required = true) String username,
@ -279,7 +279,7 @@ public class UserController {
true);
}
@PreAuthorize("hasRole('ROLE_ADMIN')")
@PreAuthorize("@roleBasedAuthorizationService.canManageAllUsers()")
@PostMapping("/admin/changeRole")
@Transactional
public RedirectView changeRole(
@ -342,7 +342,7 @@ public class UserController {
true);
}
@PreAuthorize("hasRole('ROLE_ADMIN')")
@PreAuthorize("@roleBasedAuthorizationService.canManageAllUsers()")
@PostMapping("/admin/changeUserEnabled/{username}")
public RedirectView changeUserEnabled(
@PathVariable("username") String username,
@ -392,7 +392,7 @@ public class UserController {
true);
}
@PreAuthorize("hasRole('ROLE_ADMIN')")
@PreAuthorize("@roleBasedAuthorizationService.canManageAllUsers()")
@PostMapping("/admin/deleteUser/{username}")
public RedirectView deleteUser(
@PathVariable("username") String username, Authentication authentication) {

2
app/proprietary/src/main/java/stirling/software/proprietary/security/controller/web/DatabaseWebController.java
View File

@ -24,7 +24,7 @@ public class DatabaseWebController {
private final DatabaseService databaseService;
@PreAuthorize("hasRole('ROLE_ADMIN')")
@PreAuthorize("@roleBasedAuthorizationService.canManageAllUsers()")
@GetMapping("/database")
public String database(HttpServletRequest request, Model model, Authentication authentication) {
String error = request.getParameter("error");

4
app/proprietary/src/main/java/stirling/software/proprietary/security/controller/web/TeamWebController.java
View File

@ -36,7 +36,7 @@ public class TeamWebController {
private final UserRepository userRepository;
@GetMapping
@PreAuthorize("hasRole('ROLE_ADMIN')")
@PreAuthorize("@roleBasedAuthorizationService.canManageAllUsers()")
public String listTeams(HttpServletRequest request, Model model) {
// Get teams with user counts using a DTO projection
List<TeamWithUserCountDTO> allTeamsWithCounts = teamRepository.findAllTeamsWithUserCount();
@ -87,7 +87,7 @@ public class TeamWebController {
}
@GetMapping("/{id}")
@PreAuthorize("hasRole('ROLE_ADMIN')")
@PreAuthorize("@roleBasedAuthorizationService.canManageAllUsers()")
public String viewTeamDetails(
HttpServletRequest request, @PathVariable("id") Long id, Model model) {
// Get the team

2
app/proprietary/src/main/java/stirling/software/proprietary/security/service/AppUpdateAuthService.java
View File

@ -37,7 +37,7 @@ class AppUpdateAuthService implements ShowAdminInterface {
}
Optional<User> user = userRepository.findByUsername(authentication.getName());
if (user.isPresent() && showUpdateOnlyAdmin) {
return "ROLE_ADMIN".equals(user.get().getRolesAsString());
return user.get().isSystemAdmin();
}
return showUpdate;
}