Fix missuse of system admin permission.

Signed-off-by: kaizimmerm <kai.zimmermann@bosch-si.com>
This commit is contained in:
kaizimmerm
2017-05-18 15:46:39 +02:00
parent 21fca55b0e
commit aefa6a3c81
3 changed files with 4 additions and 12 deletions

View File

@@ -60,7 +60,7 @@ public interface SystemManagement {
* @param consumer * @param consumer
* to run as teanant * to run as teanant
*/ */
@PreAuthorize(SpringEvalExpressions.HAS_AUTH_SYSTEM_ADMIN) @PreAuthorize(SpringEvalExpressions.IS_SYSTEM_CODE)
void forEachTenant(Consumer<String> consumer); void forEachTenant(Consumer<String> consumer);
/** /**

View File

@@ -24,7 +24,8 @@ public interface TenantStatsManagement {
* *
* @return collected statistics * @return collected statistics
*/ */
@PreAuthorize(SpringEvalExpressions.HAS_AUTH_READ_REPOSITORY + SpringEvalExpressions.HAS_AUTH_OR @PreAuthorize(SpringEvalExpressions.HAS_AUTH_SYSTEM_ADMIN + SpringEvalExpressions.HAS_AUTH_OR
+ SpringEvalExpressions.HAS_AUTH_READ_REPOSITORY + SpringEvalExpressions.HAS_AUTH_OR
+ SpringEvalExpressions.HAS_AUTH_READ_TARGET + SpringEvalExpressions.HAS_AUTH_OR + SpringEvalExpressions.HAS_AUTH_READ_TARGET + SpringEvalExpressions.HAS_AUTH_OR
+ SpringEvalExpressions.HAS_AUTH_TENANT_CONFIGURATION + SpringEvalExpressions.HAS_AUTH_OR + SpringEvalExpressions.HAS_AUTH_TENANT_CONFIGURATION + SpringEvalExpressions.HAS_AUTH_OR
+ SpringEvalExpressions.IS_SYSTEM_CODE) + SpringEvalExpressions.IS_SYSTEM_CODE)

View File

@@ -46,15 +46,6 @@ public class SpPermissionChecker implements Serializable {
return permissionService.hasPermission(SpPermission.SYSTEM_DIAG); return permissionService.hasPermission(SpPermission.SYSTEM_DIAG);
} }
/**
* Gets the SP administration retrieval Permission.
*
* @return SYSTEM_ADMIN boolean value
*/
public boolean hasSpAdminViewPermission() {
return permissionService.hasPermission(SpPermission.SYSTEM_ADMIN);
}
/** /**
* Gets the SP read Target & Dist Permission. * Gets the SP read Target & Dist Permission.
* *