From f3b44d9cbe04d37e6647f0a9fce9e7f5d3cf7d4c Mon Sep 17 00:00:00 2001 From: anhefti Date: Thu, 10 Oct 2019 09:29:48 +0200 Subject: [PATCH] deleted docker and fixed some minor issues --- docker/.gitignore | 1 - docker/demo/Dockerfile | 46 --------- .../demo/config/application-demo.properties | 63 ------------ docker/demo/config/messages_en.properties | 6 -- docker/demo/docker-compose.yml | 42 -------- docker/prod/standalone/selfsigned/.gitignore | 1 - .../standalone/selfsigned/certs.Dockerfile | 34 ------- .../standalone/selfsigned/config/.gitignore | 5 - .../config/application-prod.properties | 99 ------------------- .../standalone/selfsigned/config/mariadb.cnf | 9 -- .../standalone/selfsigned/docker-compose.yml | 64 ------------ .../selfsigned/sebserver.Dockerfile | 58 ----------- .../gui/content/SebExamConfigPropForm.java | 7 +- .../gui/content/activity/ActivitiesPane.java | 17 +++- 14 files changed, 15 insertions(+), 437 deletions(-) delete mode 100644 docker/.gitignore delete mode 100644 docker/demo/Dockerfile delete mode 100644 docker/demo/config/application-demo.properties delete mode 100644 docker/demo/config/messages_en.properties delete mode 100644 docker/demo/docker-compose.yml delete mode 100644 docker/prod/standalone/selfsigned/.gitignore delete mode 100644 docker/prod/standalone/selfsigned/certs.Dockerfile delete mode 100644 docker/prod/standalone/selfsigned/config/.gitignore delete mode 100644 docker/prod/standalone/selfsigned/config/application-prod.properties delete mode 100644 docker/prod/standalone/selfsigned/config/mariadb.cnf delete mode 100644 docker/prod/standalone/selfsigned/docker-compose.yml delete mode 100644 docker/prod/standalone/selfsigned/sebserver.Dockerfile diff --git a/docker/.gitignore b/docker/.gitignore deleted file mode 100644 index 19337860..00000000 --- a/docker/.gitignore +++ /dev/null @@ -1 +0,0 @@ -/test/ diff --git a/docker/demo/Dockerfile b/docker/demo/Dockerfile deleted file mode 100644 index 2b8e20d0..00000000 --- a/docker/demo/Dockerfile +++ /dev/null @@ -1,46 +0,0 @@ -FROM alpine/git - -ARG GIT_TAG -ARG SEBSERVER_VERSION - -WORKDIR /sebserver -RUN if [ "x${GIT_TAG}" = "x" ] ; \ - then git clone --depth 1 https://github.com/SafeExamBrowser/seb-server.git ; \ - else git clone -b "$GIT_TAG" --depth 1 https://github.com/SafeExamBrowser/seb-server.git ; fi - -FROM maven:3.5-jdk-8-alpine - -ARG SEBSERVER_VERSION - -WORKDIR /sebserver -COPY --from=0 /sebserver/seb-server /sebserver -RUN mvn clean install -e -P Demo -DskipTests - -FROM openjdk:8-jre-alpine - -ARG SEBSERVER_VERSION -ENV SEBSERVER_VERSION=${SEBSERVER_VERSION} -ENV SERVER_PORT="8080" -ENV DBSERVER_PWD= -ENV GUICLIENT_PWD= -ENV INTERNAL_PWD= - -WORKDIR /sebserver -COPY --from=1 /sebserver/target/seb-server-"$SEBSERVER_VERSION"-SNAPSHOT.jar /sebserver - -ENTRYPOINT exec java \ - -Dcom.sun.management.jmxremote \ - -Dcom.sun.management.jmxremote.port=9090 \ - -Dcom.sun.management.jmxremote.rmi.port=9090 \ - -Djava.rmi.server.hostname=127.0.0.1 \ - -Dcom.sun.management.jmxremote.ssl=false \ - -Dcom.sun.management.jmxremote.authenticate=false \ - -jar seb-server-"${SEBSERVER_VERSION}"-SNAPSHOT.jar \ - --server.port="${SERVER_PORT}" \ - --spring.profiles.active=demo \ - --spring.config.location=file:/sebserver/config/,classpath:/config/ \ - --spring.datasource.password="${DBSERVER_PWD}" \ - --sebserver.webservice.api.admin.clientSecret="${GUICLIENT_PWD}" \ - --sebserver.webservice.internalSecret="${INTERNAL_PWD}" - -EXPOSE $SERVER_PORT 9090 \ No newline at end of file diff --git a/docker/demo/config/application-demo.properties b/docker/demo/config/application-demo.properties deleted file mode 100644 index 218cec1b..00000000 --- a/docker/demo/config/application-demo.properties +++ /dev/null @@ -1,63 +0,0 @@ -# overall server configuration -server.address=0.0.0.0 -server.port=8080 -server.servlet.context-path=/ -server.servlet.session.cookie.http-only=true -server.servlet.session.tracking-modes=cookie - -# database server -datastore.mariadb.server.address=seb-server-mariadb -datastore.mariadb.server.port=3306 - -# data source configuration -spring.datasource.username=root -spring.datasource.initialize=true -spring.datasource.initialization-mode=always -spring.datasource.url=jdbc:mariadb://${datastore.mariadb.server.address}:${datastore.mariadb.server.port}/SEBServer?useSSL=false&createDatabaseIfNotExist=true -spring.datasource.driver-class-name=org.mariadb.jdbc.Driver -spring.datasource.platform=demo -spring.datasource.hikari.initializationFailTimeout=30000 -spring.datasource.hikari.connectionTimeout=30000 -spring.datasource.hikari.idleTimeout=600000 -spring.datasource.hikari.maxLifetime=1800000 - -# webservice configuration -sebserver.test.property=This is a SEB Server Demo -sebserver.webservice.distributed=false -sebserver.webservice.http.scheme=http -sebserver.webservice.http.server.name=ralph.ethz.ch -sebserver.webservice.http.redirect.gui=${sebserver.gui.entrypoint} -sebserver.webservice.api.admin.clientId=guiClient -sebserver.webservice.api.admin.endpoint=/admin-api/v1 -sebserver.webservice.api.admin.accessTokenValiditySeconds=3600 -sebserver.webservice.api.admin.refreshTokenValiditySeconds=-1 -sebserver.webservice.api.exam.endpoint=/exam-api -sebserver.webservice.api.exam.endpoint.discovery=${sebserver.webservice.api.exam.endpoint}/discovery -sebserver.webservice.api.exam.endpoint.v1=${sebserver.webservice.api.exam.endpoint}/v1 -sebserver.webservice.api.exam.accessTokenValiditySeconds=86400 -sebserver.webservice.api.pagination.maxPageSize=500 -# comma separated list of known possible OpenEdX API access token request endpoints -sebserver.webservice.lms.openedx.api.token.request.paths=/oauth2/access_token -sebserver.webservice.lms.address.alias=lms.mockup.com=ralph.ethz.ch,edx.devstack.lms=ralph.ethz.ch -# write logs to -logging.file=log/sebserver.log - -# actuator configuration -management.endpoints.web.base-path=/actuator -management.endpoints.web.exposure.include=logfile,loggers - -# GUI server configuration -sebserver.gui.external.messages=file:/sebserver/config/messages -sebserver.gui.entrypoint=/gui -sebserver.gui.webservice.protocol=http -sebserver.gui.webservice.address=${server.address} -sebserver.gui.webservice.port=8080 -sebserver.gui.webservice.apipath=/admin-api/v1 -sebserver.gui.theme=css/sebserver.css -sebserver.gui.list.page.size=20 -sebserver.gui.date.displayformat=MM/dd/yyyy HH:mm -sebserver.gui.date.displayformat.timezone=|ZZ -sebserver.gui.multilingual=false -sebserver.gui.languages=en -sebserver.gui.seb.client.config.download.filename=SebClientSettings.seb -sebserver.gui.seb.exam.config.download.filename=SebClientSettings.seb diff --git a/docker/demo/config/messages_en.properties b/docker/demo/config/messages_en.properties deleted file mode 100644 index d4c2638c..00000000 --- a/docker/demo/config/messages_en.properties +++ /dev/null @@ -1,6 +0,0 @@ -sebserver.overall.imprint= -sebserver.overall.imprint.markup= -sebserver.overall.about=About -sebserver.overall.about.markup=SEB Server About Example

1. This is an example of how an About-Page can look like.

By simply define the markup HTML content within the message.propertie configuration of specified language -sebserver.overall.help=Documentation -sebserver.overall.help.link=https://www.safeexambrowser.org/news_en.html diff --git a/docker/demo/docker-compose.yml b/docker/demo/docker-compose.yml deleted file mode 100644 index 387419c5..00000000 --- a/docker/demo/docker-compose.yml +++ /dev/null @@ -1,42 +0,0 @@ -version: '3' -services: - mariadb: - image: "mariadb/server:10.3" - container_name: seb-server-mariadb - environment: - MYSQL_ROOT_PASSWORD: somePW - volumes: - - seb-server-mariadb-data:/var/lib/mysql - ports: - - 3306:3306 - networks: - - ralph - - seb-server: - build: - context: . - args: - - GIT_TAG= - - SEBSERVER_VERSION=0.4.2-beta - container_name: seb-server - environment: - - SERVER_PORT=8080 - - DBSERVER_PWD=somePW - - GUICLIENT_PWD=somePW - - INTERNAL_PWD=somePW - volumes: - - ./config:/sebserver/config - - ports: - - 8080:8080 - - 9090:9090 - networks: - - ralph - depends_on: - - "mariadb" - -networks: - ralph: - -volumes: - seb-server-mariadb-data: \ No newline at end of file diff --git a/docker/prod/standalone/selfsigned/.gitignore b/docker/prod/standalone/selfsigned/.gitignore deleted file mode 100644 index 956d4725..00000000 --- a/docker/prod/standalone/selfsigned/.gitignore +++ /dev/null @@ -1 +0,0 @@ -/secrets diff --git a/docker/prod/standalone/selfsigned/certs.Dockerfile b/docker/prod/standalone/selfsigned/certs.Dockerfile deleted file mode 100644 index 1882672b..00000000 --- a/docker/prod/standalone/selfsigned/certs.Dockerfile +++ /dev/null @@ -1,34 +0,0 @@ -FROM openjdk:11-jre-stretch - -RUN apt-get update && apt-get install -y openssl - -ENV OPENSSL_SUBJ="/C=CH/ST=Zurich/L=Zurich" -ENV OPENSSL_CA="${OPENSSL_SUBJ}/CN=demo-CA" -ENV OPENSSL_SERVER="${OPENSSL_SUBJ}/CN=localhost" -ENV OPENSSL_CLIENT="${OPENSSL_SUBJ}/CN=localhost" -ENV ADDITIONAL_DNS="dns:localhost,dns:127.0.0.1,dns:seb-server" - -WORKDIR /certs - -CMD cp -a /host/config/. /config/ \ - && secret=$(cat /config/secret) \ - && openssl genrsa -out ca-key.pem 2048 \ - && openssl req -new -x509 -key ca-key.pem -nodes -days 3600 -subj "${OPENSSL_CA}" -out ca.pem \ - && openssl req -newkey rsa:2048 -days 3600 -nodes -subj "${OPENSSL_SERVER}" -keyout server-key.pem -out server-req.pem \ - && openssl rsa -in server-key.pem -out server-key.pem \ - && openssl x509 -req -in server-req.pem -days 3600 -CA ca.pem -CAkey ca-key.pem -set_serial 01 -out server-cert.pem \ - && openssl req -newkey rsa:2048 -days 3600 -nodes -subj "${OPENSSL_CLIENT}" -keyout client-key.pem -out client-req.pem \ - && openssl rsa -in client-key.pem -out client-key.pem \ - && openssl x509 -req -in client-req.pem -days 3600 -CA ca.pem -CAkey ca-key.pem -set_serial 01 -out client-cert.pem \ - && openssl verify -CAfile ca.pem server-cert.pem client-cert.pem \ - && openssl pkcs12 -export -out client-cert.pkcs12 -in client-cert.pem -inkey client-key.pem -passout pass:${secret} \ - && keytool -genkeypair -alias sebserver -dname "CN=localhost, OU=ETHZ, O=ETHZ, L=Zurich, S=Zurich, C=CH" -ext san="${ADDITIONAL_DNS}" -storetype PKCS12 -keyalg RSA -keysize 2048 -keystore seb-server-keystore.pkcs12 -storepass ${secret} -validity 3650 \ - && keytool -export -alias sebserver -keystore seb-server-keystore.pkcs12 -rfc -file sebserver.cert -storetype PKCS12 -storepass ${secret} -noprompt \ - && keytool -importcert -trustcacerts -alias sebserver -file sebserver.cert -keystore seb-server-truststore.pkcs12 -storetype PKCS12 -storepass ${secret} -noprompt \ - && keytool -import -alias mariadb-ca -file ca.pem -keystore seb-server-truststore.pkcs12 -storepass ${secret} -srcstoretype PKCS12 -noprompt \ - && keytool -import -alias mariadb-client -file client-cert.pem -keystore seb-server-truststore.pkcs12 -storepass ${secret} -srcstoretype PKCS12 -noprompt \ - && keytool -import -alias mariadb-server -file server-cert.pem -keystore seb-server-keystore.pkcs12 -storepass ${secret} -srcstoretype PKCS12 -noprompt \ - && chmod 777 -R . \ - && cp seb-server-keystore.pkcs12 /host/config/ \ - && cp seb-server-truststore.pkcs12 /host/config/ \ - && rm /host/config/secret \ No newline at end of file diff --git a/docker/prod/standalone/selfsigned/config/.gitignore b/docker/prod/standalone/selfsigned/config/.gitignore deleted file mode 100644 index cd3f148b..00000000 --- a/docker/prod/standalone/selfsigned/config/.gitignore +++ /dev/null @@ -1,5 +0,0 @@ -/secrets -/secret -/.secret -/seb-server-keystore.pkcs12 -/seb-server-truststore.pkcs12 diff --git a/docker/prod/standalone/selfsigned/config/application-prod.properties b/docker/prod/standalone/selfsigned/config/application-prod.properties deleted file mode 100644 index 2e4d3f3b..00000000 --- a/docker/prod/standalone/selfsigned/config/application-prod.properties +++ /dev/null @@ -1,99 +0,0 @@ -spring.profiles.include=prod-ws,prod-gui -file.encoding=UTF-8 - -server.address=0.0.0.0 -server.port=443 -server.servlet.context-path=/ - -########################################################## -### Security - -security.require-ssl=true -server.ssl.key-store-type=PKCS12 -server.ssl.key-store=/certs/seb-server-keystore.pkcs12 -server.ssl.key-store-password=${sebserver.certs.password} -server.ssl.key-password=${sebserver.certs.password} -server.ssl.trust-store=/certs/seb-server-truststore.pkcs12 -server.ssl.trust-store-password=${sebserver.certs.password} -server.ssl.enabled-protocols=TLSv1,TLSv1.1,TLSv1.2 - -########################################################## -### SEB Server Overall - -# Default logging level in the form "logging.level" + namespace=LEVEL -logging.level.ch=INFO -logging.file=/sebserver/log/sebserver.log - -# If webservice or gui runs on ssl and this flag is true, an integrated redirect from http to https is activated -# Disable this if a redirect is done by a pre-processing proxy -sebserver.ssl.redirect.enabled=true -sebserver.ssl.redirect.html.port=8080 - -########################################################## -### SEB Server Webservice configuration - -# database server -datastore.mariadb.server.address=seb-server-mariadb -datastore.mariadb.server.port=3306 - -# data source configuration -spring.datasource.initialize=true -spring.datasource.initialization-mode=always -spring.datasource.url=jdbc:mariadb://${datastore.mariadb.server.address}:${datastore.mariadb.server.port}/SEBServer?createDatabaseIfNotExist=true&verifyServerCertificate=false&useSSL=true&requireSSL=true&trustServerCertificate=true -spring.datasource.driver-class-name=org.mariadb.jdbc.Driver -spring.datasource.platform=prod -spring.datasource.hikari.initializationFailTimeout=30000 -spring.datasource.hikari.connectionTimeout=30000 -spring.datasource.hikari.idleTimeout=600000 -spring.datasource.hikari.maxLifetime=1800000 -spring.datasource.password=${sebserver.mariadb.password} - -# webservice configuration -sebserver.webservice.api.admin.clientSecret=${sebserver.password} -sebserver.webservice.internalSecret=${sebserver.password} -sebserver.webservice.distributed=false -sebserver.webservice.http.scheme=https -sebserver.webservice.http.server.name=${server.address} -sebserver.webservice.http.redirect.gui=/gui -sebserver.webservice.api.admin.clientId=guiClient -sebserver.webservice.api.admin.endpoint=/admin-api/v1 -sebserver.webservice.api.admin.accessTokenValiditySeconds=3600 -sebserver.webservice.api.admin.refreshTokenValiditySeconds=25200 -sebserver.webservice.api.exam.endpoint=/exam-api -sebserver.webservice.api.exam.endpoint.discovery=${sebserver.webservice.api.exam.endpoint}/discovery -sebserver.webservice.api.exam.endpoint.v1=${sebserver.webservice.api.exam.endpoint}/v1 -sebserver.webservice.api.exam.accessTokenValiditySeconds=3600 -sebserver.webservice.api.exam.event-handling-strategy=ASYNC_BATCH_STORE_STRATEGY -sebserver.webservice.api.exam.enable-indicator-cache=true -sebserver.webservice.api.pagination.maxPageSize=500 -# comma separated list of known possible OpenEdX API access token request endpoints -sebserver.webservice.lms.openedx.api.token.request.paths=/oauth2/access_token - -# actuator configuration -management.endpoints.web.base-path=/actuator -management.endpoints.web.exposure.include=metrics,logfile,loggers,heapdump - -########################################################## -### SEB Server GUI configuration -server.servlet.session.cookie.http-only=true -server.servlet.session.tracking-modes=cookie - -sebserver.gui.entrypoint=/gui -sebserver.gui.webservice.protocol=https -sebserver.gui.webservice.address=localhost -sebserver.gui.webservice.port=443 -sebserver.gui.webservice.apipath=/admin-api/v1 -# defines the polling interval that is used to poll the webservice for client connection data on a monitored exam page -sebserver.gui.webservice.poll-interval=500 -sebserver.gui.webservice.mock-lms-enabled=true - - -sebserver.gui.theme=css/sebserver.css -sebserver.gui.list.page.size=20 -sebserver.gui.date.displayformat=MM/dd/yyyy HH:mm -sebserver.gui.date.displayformat.timezone=|ZZ -sebserver.gui.multilingual=false -sebserver.gui.languages=en - -sebserver.gui.seb.client.config.download.filename=SEBClientSettings.seb -sebserver.gui.seb.exam.config.download.filename=SEBExamSettings.seb \ No newline at end of file diff --git a/docker/prod/standalone/selfsigned/config/mariadb.cnf b/docker/prod/standalone/selfsigned/config/mariadb.cnf deleted file mode 100644 index 99df9666..00000000 --- a/docker/prod/standalone/selfsigned/config/mariadb.cnf +++ /dev/null @@ -1,9 +0,0 @@ -[mysqld] -ssl-ca=/etc/mysql/certs/ca.pem -ssl-cert=/etc/mysql/certs/server-cert.pem -ssl-key=/etc/mysql/certs/server-key.pem - -[client] -ssl-ca=/etc/mysql/certs/ca.pem -ssl-cert=/etc/mysql/certs/client-cert.pem -ssl-key=/etc/mysql/certs/client-key.pem \ No newline at end of file diff --git a/docker/prod/standalone/selfsigned/docker-compose.yml b/docker/prod/standalone/selfsigned/docker-compose.yml deleted file mode 100644 index 934c2c27..00000000 --- a/docker/prod/standalone/selfsigned/docker-compose.yml +++ /dev/null @@ -1,64 +0,0 @@ -version: '3' -services: - selfsigned: - build: - context: . - dockerfile: certs.Dockerfile - container_name: gencerts - volumes: - - seb-server-certs:/certs - - seb-server-config:/config - - ./config:/host/config - - mariadb: - image: "mariadb/server:10.3" - container_name: seb-server-mariadb - volumes: - - seb-server-config:/etc/mysql/conf.d - - seb-server-certs:/etc/mysql/certs - - seb-server-mariadb-data:/var/lib/mysql - environment: - - MYSQL_ROOT_PASSWORD_FILE=/etc/mysql/conf.d/secret - ports: - - 3306:3306 - networks: - - seb-server-network - depends_on: - - "selfsigned" - - seb-server: - build: - context: . - dockerfile: sebserver.Dockerfile - args: - - GIT_TAG= - - SEBSERVER_VERSION=0.4.2-beta-SNAPSHOT - container_name: seb-server - - volumes: - - seb-server-config:/sebserver/config - - seb-server-certs:/certs - environment: - - ADDITIONAL_DNS=dns:127.0.0.1,dns:seb-server - - DEBUG_MODE=false - ports: - - 443:443 - - 80:8080 - - 9090:9090 - logging: - driver: "json-file" - options: - max-size: "200k" - max-file: "10" - networks: - - seb-server-network - depends_on: - - "mariadb" - -networks: - seb-server-network: - -volumes: - seb-server-mariadb-data: - seb-server-certs: - seb-server-config: \ No newline at end of file diff --git a/docker/prod/standalone/selfsigned/sebserver.Dockerfile b/docker/prod/standalone/selfsigned/sebserver.Dockerfile deleted file mode 100644 index 10304f3a..00000000 --- a/docker/prod/standalone/selfsigned/sebserver.Dockerfile +++ /dev/null @@ -1,58 +0,0 @@ -# Clone git repository form specified tag -FROM alpine/git - -ARG GIT_TAG - -WORKDIR /sebserver -RUN if [ "x${GIT_TAG}" = "x" ] ; \ - then git clone --depth 1 https://github.com/SafeExamBrowser/seb-server.git ; \ - else git clone -b "$GIT_TAG" --depth 1 https://github.com/SafeExamBrowser/seb-server.git ; fi - -# Build with maven (skip tests) -FROM maven:latest - -ARG SEBSERVER_VERSION - -WORKDIR /sebserver -COPY --from=0 /sebserver/seb-server /sebserver -RUN mvn clean install -DskipTests - -FROM openjdk:11-jre-stretch - -ARG SEBSERVER_VERSION -ENV SEBSERVER_VERSION=${SEBSERVER_VERSION} -ENV DEBUG_MODE=false - -WORKDIR /sebserver -COPY --from=1 /sebserver/target/seb-server-"$SEBSERVER_VERSION".jar /sebserver - -CMD if [ "${DEBUG_MODE}" = "true" ] ; \ - then secret=$(cat /sebserver/config/secret) && exec java \ - -Xms64M \ - -Xmx1G \ - -Djavax.net.debug=ssl \ - -Dcom.sun.management.jmxremote \ - -Dcom.sun.management.jmxremote.port=9090 \ - -Dcom.sun.management.jmxremote.rmi.port=9090 \ - -Djava.rmi.server.hostname=127.0.0.1 \ -# TODO secure the JMX connection (cueenrtly there is a premission problem with the secret file - -Dcom.sun.management.jmxremote.ssl=false \ - -Dcom.sun.management.jmxremote.authenticate=false \ - -jar seb-server-"${SEBSERVER_VERSION}".jar \ - --spring.profiles.active=prod \ - --spring.config.location=file:/sebserver/config/,classpath:/config/ \ - --sebserver.certs.password="${secret}" \ - --sebserver.mariadb.password="${secret}" \ - --sebserver.password="${secret}" ; \ - else secret=$(cat /sebserver/config/secret) && exec java \ - -Xms64M \ - -Xmx1G \ - -jar seb-server-"${SEBSERVER_VERSION}".jar \ - --spring.profiles.active=prod \ - --spring.config.location=file:/sebserver/config/,classpath:/config/ \ - --sebserver.certs.password="${secret}" \ - --sebserver.mariadb.password="${secret}" \ - --sebserver.password="${secret}" ; \ - fi - -EXPOSE 443 8080 9090 \ No newline at end of file diff --git a/src/main/java/ch/ethz/seb/sebserver/gui/content/SebExamConfigPropForm.java b/src/main/java/ch/ethz/seb/sebserver/gui/content/SebExamConfigPropForm.java index 7c98f7c5..a927e971 100644 --- a/src/main/java/ch/ethz/seb/sebserver/gui/content/SebExamConfigPropForm.java +++ b/src/main/java/ch/ethz/seb/sebserver/gui/content/SebExamConfigPropForm.java @@ -137,7 +137,6 @@ public class SebExamConfigPropForm implements TemplateComposer { } final EntityGrantCheck entityGrant = this.currentUser.entityGrantCheck(examConfig); - final boolean readGrant = entityGrant.r(); final boolean writeGrant = entityGrant.w(); final boolean modifyGrant = entityGrant.m(); final boolean isReadonly = pageContext.isReadonly(); @@ -208,19 +207,19 @@ public class SebExamConfigPropForm implements TemplateComposer { urlLauncher.openURL(downloadURL); return action; }) - .publishIf(() -> readGrant && isReadonly) + .publishIf(() -> modifyGrant && isReadonly) .newAction(ActionDefinition.SEB_EXAM_CONFIG_GET_CONFIG_KEY) .withEntityKey(entityKey) .withExec(SebExamConfigPropForm.getConfigKeyFunction(this.pageService)) .noEventPropagation() - .publishIf(() -> readGrant && isReadonly) + .publishIf(() -> modifyGrant && isReadonly) .newAction(ActionDefinition.SEB_EXAM_CONFIG_IMPORT_CONFIG) .withEntityKey(entityKey) .withExec(SebExamConfigPropForm.importConfigFunction(this.pageService)) .noEventPropagation() - .publishIf(() -> readGrant && isReadonly) + .publishIf(() -> modifyGrant && isReadonly) .newAction(ActionDefinition.SEB_EXAM_CONFIG_SAVE) .withEntityKey(entityKey) diff --git a/src/main/java/ch/ethz/seb/sebserver/gui/content/activity/ActivitiesPane.java b/src/main/java/ch/ethz/seb/sebserver/gui/content/activity/ActivitiesPane.java index 66c2b884..9909e346 100644 --- a/src/main/java/ch/ethz/seb/sebserver/gui/content/activity/ActivitiesPane.java +++ b/src/main/java/ch/ethz/seb/sebserver/gui/content/activity/ActivitiesPane.java @@ -86,6 +86,9 @@ public class ActivitiesPane implements TemplateComposer { //-------------------------------------------------------------------------------------- // ---- SEB ADMIN ---------------------------------------------------------------------- + final boolean isServerOrInstAdmin = this.currentUser.get() + .hasAnyRole(UserRole.SEB_SERVER_ADMIN, UserRole.INSTITUTIONAL_ADMIN); + // SEB Server Administration final TreeItem sebadmin = this.widgetFactory.treeItemLocalized( navigation, @@ -119,7 +122,7 @@ public class ActivitiesPane implements TemplateComposer { // User Account // if current user has role seb-server admin or institutional-admin, show list - if (this.currentUser.get().hasAnyRole(UserRole.SEB_SERVER_ADMIN, UserRole.INSTITUTIONAL_ADMIN)) { + if (isServerOrInstAdmin) { final TreeItem userAccounts = this.widgetFactory.treeItemLocalized( sebadmin, @@ -132,7 +135,7 @@ public class ActivitiesPane implements TemplateComposer { } else { // otherwise show the user account form for current user final TreeItem userAccounts = this.widgetFactory.treeItemLocalized( - sebadmin, + navigation, ActivityDefinition.USER_ACCOUNT.displayName); injectActivitySelection( userAccounts, @@ -157,9 +160,13 @@ public class ActivitiesPane implements TemplateComposer { .create()); } - sebadmin.setExpanded(this.currentUser.get().hasAnyRole( - UserRole.SEB_SERVER_ADMIN, - UserRole.INSTITUTIONAL_ADMIN)); + if (sebadmin.getItemCount() > 0) { + sebadmin.setExpanded(this.currentUser.get().hasAnyRole( + UserRole.SEB_SERVER_ADMIN, + UserRole.INSTITUTIONAL_ADMIN)); + } else { + sebadmin.dispose(); + } // ---- SEB ADMIN ---------------------------------------------------------------------- //--------------------------------------------------------------------------------------