feat: authentication configuration permission (#8987)

New permission for SSO config.
2025-01-25 00:07:47 +01:00 · 2024-12-17 10:16:24 +01:00 · 2024-12-17 10:16:24 +01:00 · 9b15343a79
commit 9b15343a79
parent 138ba35d7a
3 changed files with 9 additions and 3 deletions
--- a/frontend/src/component/admin/auth/AuthSettings.tsx
+++ b/frontend/src/component/admin/auth/AuthSettings.tsx
@ -8,7 +8,7 @@ import { ScimSettings } from './ScimSettings/ScimSettings';
 import { PasswordAuth } from './PasswordAuth/PasswordAuth';
 import { GoogleAuth } from './GoogleAuth/GoogleAuth';
 import { PermissionGuard } from 'component/common/PermissionGuard/PermissionGuard';
-import { ADMIN } from '@server/types/permissions';
+import { ADMIN, UPDATE_AUTH_CONFIGURATION } from '@server/types/permissions';
 import { PremiumFeature } from 'component/common/PremiumFeature/PremiumFeature';
 import { useState } from 'react';
 import { TabPanel } from 'component/common/TabNav/TabPanel/TabPanel';
@ -51,7 +51,7 @@ export const AuthSettings = () => {

    return (
        <div>
-            <PermissionGuard permissions={ADMIN}>
+            <PermissionGuard permissions={[ADMIN, UPDATE_AUTH_CONFIGURATION]}>
                <PageContent
                    withTabs
                    header={
--- a/frontend/src/component/admin/roles/RoleForm/RolePermissionCategories/RolePermissionCategories.tsx
+++ b/frontend/src/component/admin/roles/RoleForm/RolePermissionCategories/RolePermissionCategories.tsx
@ -91,7 +91,8 @@ export const RolePermissionCategories = ({
                    .filter(
                        ({ label }) =>
                            granularAdminPermissionsEnabled ||
-                            label !== 'Instance maintenance',
+                            (label !== 'Instance maintenance' &&
+                                label !== 'Authentication'),
                    )
                    .map(({ label, type, permissions }) => (
                        <RolePermissionCategory
--- a/src/lib/types/permissions.ts
+++ b/src/lib/types/permissions.ts
@ -43,6 +43,7 @@ export const DELETE_TAG_TYPE = 'DELETE_TAG_TYPE';

 export const UPDATE_MAINTENANCE_MODE = 'UPDATE_MAINTENANCE_MODE';
 export const UPDATE_INSTANCE_BANNERS = 'UPDATE_INSTANCE_BANNERS';
+export const UPDATE_AUTH_CONFIGURATION = 'UPDATE_AUTH_CONFIGURATION';

 // Project
 export const CREATE_FEATURE = 'CREATE_FEATURE';
@ -148,6 +149,10 @@ export const ROOT_PERMISSION_CATEGORIES = [
        label: 'Instance maintenance',
        permissions: [UPDATE_MAINTENANCE_MODE, UPDATE_INSTANCE_BANNERS],
    },
+    {
+        label: 'Authentication',
+        permissions: [UPDATE_AUTH_CONFIGURATION],
+    },
 ];

 // Used on Frontend, to allow admin panel use for users with custom root roles