diff --git a/webapp/rdf/auth/everytime/permission_config.n3 b/webapp/rdf/auth/everytime/permission_config.n3 index e0b1c1960..3af62fb71 100644 --- a/webapp/rdf/auth/everytime/permission_config.n3 +++ b/webapp/rdf/auth/everytime/permission_config.n3 @@ -20,6 +20,7 @@ auth:ADMIN auth:hasPermission simplePermission:ManageUserAccounts ; auth:hasPermission simplePermission:RebuildVClassGroupCache ; auth:hasPermission simplePermission:RefreshVisualizationCache ; + auth:hasPermission simplePermission:SeeConfiguration ; auth:hasPermission simplePermission:SeeStartupStatus ; auth:hasPermission simplePermission:UseAdvancedDataToolsPages ; auth:hasPermission simplePermission:UseMiscellaneousAdminPages ; diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/permissions/SimplePermission.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/permissions/SimplePermission.java index 0484638bd..539356e17 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/permissions/SimplePermission.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/permissions/SimplePermission.java @@ -64,6 +64,8 @@ public class SimplePermission extends Permission { NAMESPACE + "RebuildVClassGroupCache"); public static final SimplePermission REFRESH_VISUALIZATION_CACHE = new SimplePermission( NAMESPACE + "RefreshVisualizationCache"); + public static final SimplePermission SEE_CONFIGURATION = new SimplePermission( + NAMESPACE + "SeeConfiguration"); public static final SimplePermission SEE_INDVIDUAL_EDITING_PANEL = new SimplePermission( NAMESPACE + "SeeIndividualEditingPanel"); public static final SimplePermission SEE_REVISION_INFO = new SimplePermission( diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/admin/ShowConfiguration.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/admin/ShowConfiguration.java index 7a8a2322c..c25d845eb 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/admin/ShowConfiguration.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/admin/ShowConfiguration.java @@ -8,6 +8,7 @@ import java.util.Properties; import java.util.SortedMap; import java.util.TreeMap; +import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions; import edu.cornell.mannlib.vitro.webapp.config.ConfigurationProperties; import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest; @@ -21,7 +22,7 @@ import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.Tem public class ShowConfiguration extends FreemarkerHttpServlet { @Override protected Actions requiredActions(VitroRequest vreq) { - return Actions.AUTHORIZED; + return SimplePermission.SEE_CONFIGURATION.ACTIONS; } @Override @@ -34,8 +35,14 @@ public class ShowConfiguration extends FreemarkerHttpServlet { private SortedMap getConfigurationProperties( VitroRequest vreq) { - return new TreeMap<>(ConfigurationProperties.getBean(vreq) - .getPropertyMap()); + ConfigurationProperties props = ConfigurationProperties.getBean(vreq); + TreeMap map = new TreeMap<>(props.getPropertyMap()); + for (String key : map.keySet()) { + if (key.toLowerCase().endsWith("password")) { + map.put(key, "********"); + } + } + return map; } private SortedMap getSystemProperties() {