feat: Benutzerrollen und JWT-Konfiguration aktualisieren
- Benutzerrollen-Enums im Frontend aktualisiert, um die neuen Namenskonventionen für 'sDigital Data'-Rollen zu reflektieren. - Neue Rollen in `JwtGlobals` für Digital Data-Administratoren und Benutzer hinzugefügt. - Die Rolleneinstellungen in `LdapUser` erweitert, um neue Digital Data-Rollen einzubeziehen. - `JwtMiddlewareOptionsHelper` modifiziert, um zusätzliche Rollen zu unterstützen und die JWT-Rollenliste entsprechend strukturiert.
This commit is contained in:
Developer 02
parent
1d8ae2c371
commit
c362cb30e1
@ -8,9 +8,9 @@ export interface UserRole {
|
|||||||
|
|
||||||
|
|
||||||
export const enum EN_UserRoles {
|
export const enum EN_UserRoles {
|
||||||
User = 'user',
|
User = 'sDigital Data - IIM-Benutzer',
|
||||||
Master = 'master',
|
Master = 'sDigital Data - IIM-Administratoren',
|
||||||
Admin = 'admin',
|
Admin = 'sDigital Data - IIM-Administratoren',
|
||||||
DepartmentMaster = 'departmentmaster',
|
DepartmentMaster = 'departmentmaster',
|
||||||
DepartmentUser = 'departmentuser'
|
DepartmentUser = 'departmentuser'
|
||||||
}
|
}
|
||||||
@ -50,6 +50,7 @@ export class CoreUser extends BaseEntity {
|
|||||||
|
|
||||||
public isInRolle(role: string): boolean {
|
public isInRolle(role: string): boolean {
|
||||||
role = role?.toLowerCase();
|
role = role?.toLowerCase();
|
||||||
|
return this.roleList.toLowerCase().includes(role);
|
||||||
return (this.roleList && ((',' + this.roleList.replace(' ', '') + ',').toLowerCase().indexOf(',' + role + ',') > -1))
|
return (this.roleList && ((',' + this.roleList.replace(' ', '') + ',').toLowerCase().indexOf(',' + role + ',') > -1))
|
||||||
|| (this.webAppRoleList && ((',' + this.webAppRoleList.replace(' ', '') + ',').toLowerCase().indexOf(',' + role + ',') > -1));
|
|| (this.webAppRoleList && ((',' + this.webAppRoleList.replace(' ', '') + ',').toLowerCase().indexOf(',' + role + ',') > -1));
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,5 +1,6 @@
|
|||||||
namespace HRD.LDAPService.JWT
|
namespace HRD.LDAPService.JWT
|
||||||
{
|
{
|
||||||
|
//TODO: get this from config file (etc. appsettings.json)
|
||||||
public static class JwtGlobals
|
public static class JwtGlobals
|
||||||
{
|
{
|
||||||
public const string HttpContextItem_LdapUser = "ldapuser";
|
public const string HttpContextItem_LdapUser = "ldapuser";
|
||||||
@ -15,5 +16,7 @@
|
|||||||
public const string ROLE_DEPARTMENTMASTER = "DepartmentMaster";
|
public const string ROLE_DEPARTMENTMASTER = "DepartmentMaster";
|
||||||
public const string ROLE_MASTER = "Master";
|
public const string ROLE_MASTER = "Master";
|
||||||
public const string ROLE_ADMIN = "Admin";
|
public const string ROLE_ADMIN = "Admin";
|
||||||
|
public const string ROLE_DD_ADMIN = "sDigital Data - IIM-Administratoren";
|
||||||
|
public const string ROLE_DD_USER = "sDigital Data - IIM-Benutzer";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -145,11 +145,13 @@ namespace HRD.LDAPService
|
|||||||
|
|
||||||
public static bool IsJwtGlobalsRole(string roleName)
|
public static bool IsJwtGlobalsRole(string roleName)
|
||||||
{
|
{
|
||||||
|
//TODO: Import them from db or config (etc. appsettigns.json)
|
||||||
return string.Equals(roleName, JwtGlobals.ROLE_USER, StringComparison.OrdinalIgnoreCase)
|
return string.Equals(roleName, JwtGlobals.ROLE_USER, StringComparison.OrdinalIgnoreCase)
|
||||||
|| string.Equals(roleName, JwtGlobals.ROLE_DEPARTMENTUSER, StringComparison.OrdinalIgnoreCase)
|
|| string.Equals(roleName, JwtGlobals.ROLE_DEPARTMENTUSER, StringComparison.OrdinalIgnoreCase)
|
||||||
|| string.Equals(roleName, JwtGlobals.ROLE_DEPARTMENTMASTER, StringComparison.OrdinalIgnoreCase)
|
|| string.Equals(roleName, JwtGlobals.ROLE_DEPARTMENTMASTER, StringComparison.OrdinalIgnoreCase)
|
||||||
|| string.Equals(roleName, JwtGlobals.ROLE_MASTER, StringComparison.OrdinalIgnoreCase)
|
|| string.Equals(roleName, JwtGlobals.ROLE_MASTER, StringComparison.OrdinalIgnoreCase)
|
||||||
|| string.Equals(roleName, JwtGlobals.ROLE_ADMIN, StringComparison.OrdinalIgnoreCase);
|
|| string.Equals(roleName, JwtGlobals.ROLE_ADMIN, StringComparison.OrdinalIgnoreCase)
|
||||||
|
|| string.Equals(roleName, JwtGlobals.ROLE_DD_ADMIN, StringComparison.OrdinalIgnoreCase);
|
||||||
}
|
}
|
||||||
|
|
||||||
public void AddExtendedAttribute(string key, string value)
|
public void AddExtendedAttribute(string key, string value)
|
||||||
|
|||||||
@ -16,11 +16,14 @@ namespace StaffDBServer.Extends
|
|||||||
//Admin Role
|
//Admin Role
|
||||||
list.Add(new JwtRole(JwtGlobals.ROLE_ADMIN, "GG_WebApp" + ADGroupPrefix + "_StaffDB_Admin"));
|
list.Add(new JwtRole(JwtGlobals.ROLE_ADMIN, "GG_WebApp" + ADGroupPrefix + "_StaffDB_Admin"));
|
||||||
|
|
||||||
|
//TODO: get roles from db
|
||||||
//Core RoleList
|
//Core RoleList
|
||||||
list.Add(new JwtRole(JwtGlobals.ROLE_USER, "GG_WebApp" + ADGroupPrefix + "_StaffDB_User")); //(RO) nur eigene
|
list.Add(new JwtRole(JwtGlobals.ROLE_USER, "GG_WebApp" + ADGroupPrefix + "_StaffDB_User")); //(RO) nur eigene
|
||||||
list.Add(new JwtRole(JwtGlobals.ROLE_MASTER, "GG_WebApp" + ADGroupPrefix + "_StaffDB_Master")); //RW ALLE Abteilungen
|
list.Add(new JwtRole(JwtGlobals.ROLE_MASTER, "GG_WebApp" + ADGroupPrefix + "_StaffDB_Master")); //RW ALLE Abteilungen
|
||||||
list.Add(new JwtRole(JwtGlobals.ROLE_DEPARTMENTUSER, "GG_WebApp" + ADGroupPrefix + "_StaffDB_DepartmentUser")); //(RW) auch andere aus eigener Abteilung
|
list.Add(new JwtRole(JwtGlobals.ROLE_DEPARTMENTUSER, "GG_WebApp" + ADGroupPrefix + "_StaffDB_DepartmentUser")); //(RW) auch andere aus eigener Abteilung
|
||||||
list.Add(new JwtRole(JwtGlobals.ROLE_DEPARTMENTMASTER, "GG_WebApp" + ADGroupPrefix + "_StaffDB_DepartmentMaster")); //(RW) auch andere aus eigener Abteilung
|
list.Add(new JwtRole(JwtGlobals.ROLE_DEPARTMENTMASTER, "GG_WebApp" + ADGroupPrefix + "_StaffDB_DepartmentMaster")); //(RW) auch andere aus eigener Abteilung
|
||||||
|
list.Add(new JwtRole(JwtGlobals.ROLE_DD_ADMIN, JwtGlobals.ROLE_DD_ADMIN)); //(RW) auch andere aus eigener Abteilung
|
||||||
|
list.Add(new JwtRole(JwtGlobals.ROLE_DD_USER, JwtGlobals.ROLE_DD_USER));
|
||||||
|
|
||||||
JwtMiddlewareOptions options = new JwtMiddlewareOptions()
|
JwtMiddlewareOptions options = new JwtMiddlewareOptions()
|
||||||
{
|
{
|
||||||
|
|||||||
@ -116,6 +116,7 @@ try
|
|||||||
opts => opts.CommandTimeout((int)TimeSpan.FromMinutes(dbTimeoutInMin).TotalSeconds));
|
opts => opts.CommandTimeout((int)TimeSpan.FromMinutes(dbTimeoutInMin).TotalSeconds));
|
||||||
});
|
});
|
||||||
|
|
||||||
|
// Add repositories in DAL
|
||||||
builder.Services.AddStaffDBRepositories();
|
builder.Services.AddStaffDBRepositories();
|
||||||
builder.Services.AddScoped<WebAppUserHelper>();
|
builder.Services.AddScoped<WebAppUserHelper>();
|
||||||
builder.Services.AddJwtManagerWithLdap(configuration.GetSection("LdapOptions"));
|
builder.Services.AddJwtManagerWithLdap(configuration.GetSection("LdapOptions"));
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user