Skip to content

Commit

Permalink
Merge pull request #832 from universi-me/change#831/allow-accounts-wi…
Browse files Browse the repository at this point in the history 
…th-dev-level-to-see-error

CHANGE #831: Allow accounts with Dev level to see error
  • Loading branch information
@julio-ufpb
julio-ufpb authored Oct 10, 2024
2 parents d193419 + ced281f commit 3682fdb
Show file tree
Hide file tree
Showing 3 changed files with 20 additions and 5 deletions.
2 changes: 1 addition & 1 deletion src/main/java/me/universi/api/entities/Response.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -86,7 +86,7 @@ public static Response buildResponse(ThrowingConsumer<Response> completionHandle
}
} else {
// unknown exception occurred
response.message = "Ocorreu um erro interno por parte do servidor." + (UserService.getInstance().isProduction() ? "" : "\n (" + e.getMessage() + ")");
response.message = "Ocorreu um erro interno por parte do servidor." + ((UserService.getInstance().isProduction() || !UserService.getInstance().isUserDevSession()) ? "" : "\n (" + e.getMessage() + ")");
response.alertOptions.put("html", response.message + "<br/><br/><img src=\"https://i.imgur.com/OWV6eKo.gif\" width='70%'/>");
}

Expand Down
21 changes: 18 additions & 3 deletions src/main/java/me/universi/user/services/UserService.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -420,23 +420,38 @@ public boolean userIsLoggedIn() {
}

// check if user has authority following springsecurity hierarchy
public boolean userHasAuthority(User user, Authority authority) {
public boolean userHasAuthority(User user, Authority authority, boolean equal) {
if(equal) {
return user.getAuthority().equals(authority);
}
Collection<? extends GrantedAuthority> reachableRoles = roleHierarchy.getReachableGrantedAuthorities(user.getAuthorities());
return reachableRoles.contains(new SimpleGrantedAuthority(authority.toString()));
}

public boolean isUserAdmin(User userSession) {
public boolean isUserRole(User user, Authority role, boolean equal) {
try {
return userHasAuthority(userSession, Authority.ROLE_ADMIN);
return userHasAuthority(user, role, equal);
} catch (Exception e) {
return false;
}
}

public boolean isUserAdmin(User userSession) {
return isUserRole(userSession, Authority.ROLE_ADMIN, false);
}

public boolean isUserDev(User userSession) {
return isUserRole(userSession, Authority.ROLE_DEV, false);
}

public boolean isUserAdminSession() {
return isUserAdmin(getUserInSession());
}

public boolean isUserDevSession() {
return isUserDev(getUserInSession());
}

public boolean userNeedAnProfile(User user, boolean checkAdmin) {
try {
if(checkAdmin && isUserAdmin(user)) {
Expand Down
2 changes: 1 addition & 1 deletion src/main/resources/spring-security.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -123,7 +123,7 @@
<beans:bean id="roleHierarchy" class="org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl">
<beans:property name="hierarchy">
<beans:value>
ROLE_ADMIN > ROLE_DEV > ROLE_USER
ROLE_DEV > ROLE_ADMIN > ROLE_USER
</beans:value>
</beans:property>
</beans:bean>
Expand Down

0 comments on commit 3682fdb

Please sign in to comment.