From dc7ae58cfe7b36939100fcb4b6ba854393163c52 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Elias=20H=C3=B6rner?= Date: Sun, 29 Jun 2025 09:33:06 +0200 Subject: [PATCH 1/2] Add new role + update actions in endpoints --- .../Endpoints/Matches/SetMatchOutcomeEndpoint.cs | 2 +- .../Endpoints/Teams/SetTeamEntryFeePaidEndpoint.cs | 2 +- .../Endpoints/Teams/SetTeamPriorityEndpoint.cs | 2 +- src/Turnierplan.App/Security/Actions.cs | 5 +++++ src/Turnierplan.Core/RoleAssignment/Role.cs | 12 +++++++++++- 5 files changed, 19 insertions(+), 4 deletions(-) diff --git a/src/Turnierplan.App/Endpoints/Matches/SetMatchOutcomeEndpoint.cs b/src/Turnierplan.App/Endpoints/Matches/SetMatchOutcomeEndpoint.cs index b279270b..aba6345b 100644 --- a/src/Turnierplan.App/Endpoints/Matches/SetMatchOutcomeEndpoint.cs +++ b/src/Turnierplan.App/Endpoints/Matches/SetMatchOutcomeEndpoint.cs @@ -36,7 +36,7 @@ private static async Task Handle( return Results.NotFound(); } - if (!accessValidator.IsActionAllowed(tournament, Actions.GenericWrite)) + if (!accessValidator.IsActionAllowed(tournament, Actions.TournamentConduct)) { return Results.Forbid(); } diff --git a/src/Turnierplan.App/Endpoints/Teams/SetTeamEntryFeePaidEndpoint.cs b/src/Turnierplan.App/Endpoints/Teams/SetTeamEntryFeePaidEndpoint.cs index ccf280bd..d6cd6cf2 100644 --- a/src/Turnierplan.App/Endpoints/Teams/SetTeamEntryFeePaidEndpoint.cs +++ b/src/Turnierplan.App/Endpoints/Teams/SetTeamEntryFeePaidEndpoint.cs @@ -28,7 +28,7 @@ private static async Task Handle( return Results.NotFound(); } - if (!accessValidator.IsActionAllowed(tournament, Actions.GenericWrite)) + if (!accessValidator.IsActionAllowed(tournament, Actions.TournamentConduct)) { return Results.Forbid(); } diff --git a/src/Turnierplan.App/Endpoints/Teams/SetTeamPriorityEndpoint.cs b/src/Turnierplan.App/Endpoints/Teams/SetTeamPriorityEndpoint.cs index 9d25dbba..a5bc4f8a 100644 --- a/src/Turnierplan.App/Endpoints/Teams/SetTeamPriorityEndpoint.cs +++ b/src/Turnierplan.App/Endpoints/Teams/SetTeamPriorityEndpoint.cs @@ -28,7 +28,7 @@ private static async Task Handle( return Results.NotFound(); } - if (!accessValidator.IsActionAllowed(tournament, Actions.GenericWrite)) + if (!accessValidator.IsActionAllowed(tournament, Actions.TournamentConduct)) { return Results.Forbid(); } diff --git a/src/Turnierplan.App/Security/Actions.cs b/src/Turnierplan.App/Security/Actions.cs index b184f37e..0603851e 100644 --- a/src/Turnierplan.App/Security/Actions.cs +++ b/src/Turnierplan.App/Security/Actions.cs @@ -19,6 +19,11 @@ internal static class Actions /// public static readonly Action GenericRead = new(Role.Owner, Role.Contributor, Role.Reader); + /// + /// Any action that modifies a tournament in a way that is required during "playtime". + /// + public static readonly Action TournamentConduct = new(Role.Owner, Role.Contributor, Role.Reporter); + internal sealed class Action(params Role[] requiredRoles) { public bool IsAllowed(IEnumerable availableRoles) diff --git a/src/Turnierplan.Core/RoleAssignment/Role.cs b/src/Turnierplan.Core/RoleAssignment/Role.cs index 3e4b40f9..6462c92e 100644 --- a/src/Turnierplan.Core/RoleAssignment/Role.cs +++ b/src/Turnierplan.Core/RoleAssignment/Role.cs @@ -21,7 +21,17 @@ public enum Role /// /// This role grants the permission to view the target entity but not to make modifications. /// - Reader = 1002 + Reader = 1002, + + #endregion + + #region Tournament Roles + + /// + /// This role grants the permission to perform all actions in a tournament which + /// are necessary while the tournament is played. + /// + Reporter = 2000 #endregion } From e964815719a772d9cd282709e0687a47d9c5a78a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Elias=20H=C3=B6rner?= Date: Sun, 29 Jun 2025 09:41:17 +0200 Subject: [PATCH 2/2] Add i18n --- src/Turnierplan.App/Client/src/app/i18n/de.ts | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/src/Turnierplan.App/Client/src/app/i18n/de.ts b/src/Turnierplan.App/Client/src/app/i18n/de.ts index 5cc6cb67..dc3e0e6d 100644 --- a/src/Turnierplan.App/Client/src/app/i18n/de.ts +++ b/src/Turnierplan.App/Client/src/app/i18n/de.ts @@ -927,12 +927,15 @@ export const de = { RoleName: { Owner: 'Besitzer', Contributor: 'Mitwirkender', - Reader: 'Leser' + Reader: 'Leser', + Reporter: 'Turnierdurchführung' }, RoleDescription: { Owner: 'Der Benutzer kann sämtliche Änderungen durchführen inkl. Änderungen an Zugriffsrechten.', Contributor: 'Der Benutzer kann sämtliche Änderungen durchführen ausgenommen Änderungen an Zugriffsrechten.', - Reader: 'Der Benutzer kann sämtliche Informationen lesen aber keine Änderungen durchführen.' + Reader: 'Der Benutzer kann sämtliche Informationen lesen aber keine Änderungen durchführen.', + Reporter: + 'Der Benutzer kann Spielergebnisse melden und löschen sowie Änderungen an der Startgebühr und Priorität der Mannschaften durchführen.' }, PrincipalKind: { ApiKey: 'API-Schlüssel',