java/com.sap.sailing.domain.common/src/com/sap/sailing/domain/common/security/SecuredDomainType.java
... ...
@@ -53,24 +53,11 @@ public class SecuredDomainType extends HasPermissionsImpl {
53 53
TrackedRaceActions.ALL_ACTIONS);
54 54
55 55
public static final HasPermissions IP_BLOCKLIST_FOR_BEARER_TOKEN_ABUSE = new SecuredDomainType(
56
- "IP_BLOCKLIST_FOR_BEARER_TOKEN_ABUSE", IpBlocklistForBearerTokenAbuseActions.ALL_ACTIONS);
56
+ "IP_BLOCKLIST_FOR_BEARER_TOKEN_ABUSE", DefaultActions.READ, DefaultActions.DELETE);
57 57
58 58
public static final HasPermissions IP_BLOCKLIST_FOR_USER_CREATION_ABUSE = new SecuredDomainType(
59
- "IP_BLOCKLIST_FOR_USER_CREATION_ABUSE", IpBlocklistForUserCreationAbuseActions.ALL_ACTIONS);
59
+ "IP_BLOCKLIST_FOR_USER_CREATION_ABUSE", DefaultActions.READ, DefaultActions.DELETE);
60 60
61
- public static enum IpBlocklistForBearerTokenAbuseActions implements Action {
62
- GET, UNLOCK;
63
-
64
- private static final Action[] ALL_ACTIONS = DefaultActions.plus(IpBlocklistForBearerTokenAbuseActions.values());
65
- }
66
-
67
-
68
- public static enum IpBlocklistForUserCreationAbuseActions implements Action {
69
- GET, UNLOCK;
70
-
71
- private static final Action[] ALL_ACTIONS = DefaultActions.plus(IpBlocklistForUserCreationAbuseActions.values());
72
- }
73
-
74 61
public static enum EventActions implements Action {
75 62
UPLOAD_MEDIA
76 63
}
java/com.sap.sailing.gwt.ui/src/main/java/com/sap/sailing/gwt/ui/adminconsole/IPBlocklistTableWrapper.java
... ...
@@ -23,7 +23,13 @@ import com.sap.sse.gwt.client.ErrorReporter;
23 23
import com.sap.sse.gwt.client.celltable.EntityIdentityComparator;
24 24
import com.sap.sse.gwt.client.celltable.RefreshableSelectionModel;
25 25
import com.sap.sse.gwt.client.panels.LabeledAbstractFilterablePanel;
26
+import com.sap.sse.security.shared.AdminRole;
26 27
import com.sap.sse.security.shared.HasPermissions;
28
+import com.sap.sse.security.shared.HasPermissions.DefaultActions;
29
+import com.sap.sse.security.shared.ServerAdminRole;
30
+import com.sap.sse.security.shared.WildcardPermission;
31
+import com.sap.sse.security.shared.dto.RoleWithSecurityDTO;
32
+import com.sap.sse.security.shared.dto.UserDTO;
27 33
import com.sap.sse.security.ui.client.UserService;
28 34
import com.sap.sse.security.ui.client.component.AccessControlledButtonPanel;
29 35
import com.sap.sse.security.ui.client.component.SelectedElementsCountingButton;
... ...
@@ -78,6 +84,34 @@ abstract class IPBlocklistTableWrapper
78 84
mainPanel.setSpacing(5);
79 85
}
80 86
87
+ // admin, server admin and those with the permission can all unlock
88
+ private boolean canUnlock() {
89
+ final UserDTO user = userService.getCurrentUser();
90
+ final Iterable<RoleWithSecurityDTO> roles = user.getRoles();
91
+ boolean isAdmin = false;
92
+ boolean isServerAdmin = false;
93
+ boolean isDeleteActionPermittedOnDomain = false;
94
+ for (RoleWithSecurityDTO role : roles) {
95
+ isAdmin = role.getName().equals(AdminRole.getInstance().getName());
96
+ if (isAdmin) {
97
+ break;
98
+ }
99
+ isServerAdmin = role.getName().equals(ServerAdminRole.getInstance().getName());
100
+ if (isServerAdmin) {
101
+ break;
102
+ }
103
+ }
104
+ final Iterable<WildcardPermission> permissions = user.getPermissions();
105
+ for (WildcardPermission permission : permissions) {
106
+ isDeleteActionPermittedOnDomain = permission.toString()
107
+ .equals(securedDomainType.getStringPermission(DefaultActions.DELETE));
108
+ if (isDeleteActionPermittedOnDomain) {
109
+ break;
110
+ }
111
+ }
112
+ return isAdmin || isServerAdmin || isDeleteActionPermittedOnDomain;
113
+ }
114
+
81 115
private AccessControlledButtonPanel composeButtonPanel() {
82 116
final AccessControlledButtonPanel buttonPanel = new AccessControlledButtonPanel(userService, securedDomainType);
83 117
final Button refreshbutton = buttonPanel.addAction(getStringMessages().refresh(), () -> true, new Command() {
... ...
@@ -87,27 +121,29 @@ abstract class IPBlocklistTableWrapper
87 121
}
88 122
});
89 123
refreshbutton.ensureDebugId("refreshButton");
90
- final Button unlockButton = new SelectedElementsCountingButton<IpToTimedLockDTO>(getStringMessages().unlock(),
91
- getSelectionModel(), new ClickHandler() {
92
- @Override
93
- public void onClick(ClickEvent event) {
94
- for (IpToTimedLockDTO e : getSelectionModel().getSelectedSet()) {
95
- unlockIP(e.ip, new AsyncCallback<Void>() {
96
- @Override
97
- public void onFailure(Throwable caught) {
98
- errorReporter.reportError(errorMessageOnDataFailureString);
99
- }
100
-
101
- @Override
102
- public void onSuccess(Void result) {
103
- filterField.remove(e);
104
- }
105
- });
124
+ if (canUnlock()) {
125
+ final Button unlockButton = new SelectedElementsCountingButton<IpToTimedLockDTO>(
126
+ getStringMessages().unlock(), getSelectionModel(), new ClickHandler() {
127
+ @Override
128
+ public void onClick(ClickEvent event) {
129
+ for (IpToTimedLockDTO e : getSelectionModel().getSelectedSet()) {
130
+ unlockIP(e.ip, new AsyncCallback<Void>() {
131
+ @Override
132
+ public void onFailure(Throwable caught) {
133
+ errorReporter.reportError(errorMessageOnDataFailureString);
134
+ }
135
+
136
+ @Override
137
+ public void onSuccess(Void result) {
138
+ filterField.remove(e);
139
+ }
140
+ });
141
+ }
106 142
}
107
- }
108
- });
109
- unlockButton.ensureDebugId("unlockButton");
110
- buttonPanel.insertWidgetAtPosition(unlockButton, 1);
143
+ });
144
+ unlockButton.ensureDebugId("unlockButton");
145
+ buttonPanel.insertWidgetAtPosition(unlockButton, 1);
146
+ }
111 147
return buttonPanel;
112 148
}
113 149