diff --git a/src/Admin/Controllers/UsersController.cs b/src/Admin/Controllers/UsersController.cs index a988cc2af7..38e863aae7 100644 --- a/src/Admin/Controllers/UsersController.cs +++ b/src/Admin/Controllers/UsersController.cs @@ -165,7 +165,7 @@ public class UsersController : Controller [HttpPost] [ValidateAntiForgeryToken] - [RequirePermission(Permission.User_GeneralDetails_View)] + [RequirePermission(Permission.User_NewDeviceException_Edit)] [RequireFeature(FeatureFlagKeys.NewDeviceVerification)] public async Task ToggleNewDeviceVerification(Guid id) { diff --git a/src/Admin/Enums/Permissions.cs b/src/Admin/Enums/Permissions.cs index c544cb2106..20c500c061 100644 --- a/src/Admin/Enums/Permissions.cs +++ b/src/Admin/Enums/Permissions.cs @@ -17,6 +17,7 @@ public enum Permission User_Billing_View, User_Billing_Edit, User_Billing_LaunchGateway, + User_NewDeviceException_Edit, Org_List_View, Org_OrgInformation_View, diff --git a/src/Admin/Utilities/RolePermissionMapping.cs b/src/Admin/Utilities/RolePermissionMapping.cs index 381cf914aa..4b5a4e3802 100644 --- a/src/Admin/Utilities/RolePermissionMapping.cs +++ b/src/Admin/Utilities/RolePermissionMapping.cs @@ -12,7 +12,6 @@ public static class RolePermissionMapping Permission.User_List_View, Permission.User_UserInformation_View, Permission.User_GeneralDetails_View, - Permission.Org_CheckEnabledBox, Permission.User_Delete, Permission.User_UpgradePremium, Permission.User_BillingInformation_View, @@ -24,6 +23,8 @@ public static class RolePermissionMapping Permission.User_Billing_View, Permission.User_Billing_Edit, Permission.User_Billing_LaunchGateway, + Permission.User_NewDeviceException_Edit, + Permission.Org_CheckEnabledBox, Permission.Org_List_View, Permission.Org_OrgInformation_View, Permission.Org_GeneralDetails_View, @@ -57,7 +58,6 @@ public static class RolePermissionMapping Permission.User_List_View, Permission.User_UserInformation_View, Permission.User_GeneralDetails_View, - Permission.Org_CheckEnabledBox, Permission.User_Delete, Permission.User_UpgradePremium, Permission.User_BillingInformation_View, @@ -70,6 +70,8 @@ public static class RolePermissionMapping Permission.User_Billing_View, Permission.User_Billing_Edit, Permission.User_Billing_LaunchGateway, + Permission.User_NewDeviceException_Edit, + Permission.Org_CheckEnabledBox, Permission.Org_List_View, Permission.Org_OrgInformation_View, Permission.Org_GeneralDetails_View, @@ -106,7 +108,6 @@ public static class RolePermissionMapping Permission.User_List_View, Permission.User_UserInformation_View, Permission.User_GeneralDetails_View, - Permission.Org_CheckEnabledBox, Permission.User_UpgradePremium, Permission.User_BillingInformation_View, Permission.User_BillingInformation_DownloadInvoice, @@ -114,6 +115,8 @@ public static class RolePermissionMapping Permission.User_Licensing_View, Permission.User_Billing_View, Permission.User_Billing_LaunchGateway, + Permission.User_NewDeviceException_Edit, + Permission.Org_CheckEnabledBox, Permission.Org_List_View, Permission.Org_OrgInformation_View, Permission.Org_GeneralDetails_View, @@ -135,7 +138,6 @@ public static class RolePermissionMapping Permission.User_List_View, Permission.User_UserInformation_View, Permission.User_GeneralDetails_View, - Permission.Org_CheckEnabledBox, Permission.User_UpgradePremium, Permission.User_BillingInformation_View, Permission.User_BillingInformation_DownloadInvoice, @@ -146,6 +148,7 @@ public static class RolePermissionMapping Permission.User_Billing_View, Permission.User_Billing_Edit, Permission.User_Billing_LaunchGateway, + Permission.Org_CheckEnabledBox, Permission.Org_List_View, Permission.Org_OrgInformation_View, Permission.Org_GeneralDetails_View, @@ -177,12 +180,12 @@ public static class RolePermissionMapping Permission.User_List_View, Permission.User_UserInformation_View, Permission.User_GeneralDetails_View, - Permission.Org_CheckEnabledBox, Permission.User_BillingInformation_View, Permission.User_BillingInformation_DownloadInvoice, Permission.User_Premium_View, Permission.User_Licensing_View, Permission.User_Licensing_Edit, + Permission.Org_CheckEnabledBox, Permission.Org_List_View, Permission.Org_OrgInformation_View, Permission.Org_GeneralDetails_View, diff --git a/src/Admin/Views/Users/Edit.cshtml b/src/Admin/Views/Users/Edit.cshtml index 417d9fb9a2..495fc43c2f 100644 --- a/src/Admin/Views/Users/Edit.cshtml +++ b/src/Admin/Views/Users/Edit.cshtml @@ -7,7 +7,7 @@ ViewData["Title"] = "User: " + Model.User.Email; var canViewUserInformation = AccessControlService.UserHasPermission(Permission.User_UserInformation_View); - var canViewNewDeviceException = AccessControlService.UserHasPermission(Permission.User_UserInformation_View) && + var canViewNewDeviceException = AccessControlService.UserHasPermission(Permission.User_NewDeviceException_Edit) && FeatureService.IsEnabled(Bit.Core.FeatureFlagKeys.NewDeviceVerification); var canViewBillingInformation = AccessControlService.UserHasPermission(Permission.User_BillingInformation_View); var canViewGeneral = AccessControlService.UserHasPermission(Permission.User_GeneralDetails_View);