island-is · kodiakhq · Jun 19, 2024 · Jun 11, 2024 · Jun 11, 2024 · Jun 11, 2024
@@ -210,15 +210,6 @@ export class AdminPatchClientDto {
 }
 
 export const superUserFields = [
-  'supportsCustomDelegation',
-  'supportsLegalGuardians',
-  'supportsProcuringHolders',
-  'supportsPersonalRepresentatives',
-  'supportedDelegationTypes',
-  'addedDelegationTypes',
-  'removedDelegationTypes',
-  'promptDelegations',
-  'requireApiScopes',
   'requireConsent',
   'allowOfflineAccess',
   'requirePkce',

@@ -25,9 +25,8 @@ import { TranslatedValueDto } from '../../translation/dto/translated-value.dto'
 import { TranslationService } from '../../translation/translation.service'
 import { User } from '@island.is/auth-nest-tools'
 import { AdminPortalScope } from '@island.is/auth/scopes'
-import { AuthDelegationProvider, AuthDelegationType } from 'delegation'
+import { AuthDelegationType } from 'delegation'
 import { ApiScopeDelegationType } from '../models/api-scope-delegation-type.model'
-import { DelegationTypeModel } from '../../delegations/models/delegation-type.model'
 
 /**
  * This is a service that is used to access the admin scopes
@@ -41,8 +40,6 @@ export class AdminScopeService {
     private readonly apiScopeUserClaim: typeof ApiScopeUserClaim,
     @InjectModel(ApiScopeDelegationType)
     private readonly apiScopeDelegationType: typeof ApiScopeDelegationType,
-    @InjectModel(DelegationTypeModel)
-    private readonly delegationTypeModel: typeof DelegationTypeModel,
     private readonly adminTranslationService: AdminTranslationService,
     private readonly translationService: TranslationService,
     private sequelize: Sequelize,

@@ -106,11 +106,13 @@ export class AdminPatchScopeDto {
   removedDelegationTypes?: string[]
 }
 
-export const superUserScopeFields = [
-  'grantToAuthenticatedUser',
-  'grantToLegalGuardians',
-  'grantToProcuringHolders',
-  'allowExplicitDelegationGrant',
-  'isAccessControlled',
-  'grantToPersonalRepresentatives',
-]
+/**
+ * Here we can define properties that should only be editable by a super user
+ *
+ * For example:
+ * export const superUserScopeFields = [
+ *   'isAccessControlled',
+ *   'grantToAuthenticatedUser',
+ * ]
+ */
+export const superUserScopeFields: string[] = []
@@ -766,15 +766,17 @@ export const m = defineMessages({
   },
   isAccessControlledDescription: {
     id: 'ap.ids-admin:is-access-controlled-description',
-    defaultMessage: 'Only allow specific national ids',
+    defaultMessage:
+      'Authorize a list of national ids for this permission. Request support from island.is to manage the list.',
   },
   grantToAuthenticatedUser: {
     id: 'ap.ids-admin:grant-to-authenticated-user',
     defaultMessage: 'Authenticated user',
   },
   grantToAuthenticatedUserDescription: {
     id: 'ap.ids-admin:grant-to-authenticated-user-description',
-    defaultMessage: 'Should the authenticated user get this scope',
+    defaultMessage:
+      'Should the authenticated individual get this scope (uncheck if only delegated users should be allowed).',
   },
   grantToProcuringHolders: {
     id: 'ap.ids-admin:grant-to-procuring-holders',

@@ -126,7 +126,7 @@ export const EditClient = () => {
           <Permissions
             allowedScopes={selectedEnvironment?.allowedScopes ?? []}
           />
-          {isSuperAdmin && !isMachineApplication && (
+          {!isMachineApplication && (
             <Delegation
               promptDelegations={selectedEnvironment.promptDelegations}
               requireApiScopes={selectedEnvironment.requireApiScopes}

@@ -30,7 +30,6 @@ const Delegation = ({
   selectedEnvironment,
 }: DelegationProps) => {
   const { formatMessage } = useLocale()
-  const { isSuperAdmin } = useSuperAdmin()
   const { client } = useClient()
   const { getDelegationProviders } = useDelegationProviders()
 
@@ -149,7 +148,6 @@ const Delegation = ({
                       large
                       name={`${FIELD_PREFIX}${delegationType.id}`}
                       value="true"
-                      disabled={!isSuperAdmin}
                       checked={inputValues.supportedDelegationTypes?.includes(
                         delegationType.id,
                       )}
@@ -172,7 +170,6 @@ const Delegation = ({
             label={formatMessage(m.alwaysPromptDelegations)}
             backgroundColor={'blue'}
             large
-            disabled={!isSuperAdmin}
             name="promptDelegations"
             value="true"
             checked={inputValues.promptDelegations}
@@ -188,7 +185,6 @@ const Delegation = ({
             label={formatMessage(m.requirePermissions)}
             backgroundColor={'blue'}
             large
-            disabled={!isSuperAdmin}
             name="requireApiScopes"
             value="true"
             checked={inputValues.requireApiScopes}

@@ -6,12 +6,11 @@ import { PermissionAccessControl } from './components/PermissionAccessControl'
 import { EnvironmentProvider } from '../../context/EnvironmentContext'
 import { usePermission } from './PermissionContext'
 import { PublishPermission } from './PublishPermission/PublishPermission'
-import { useSuperAdmin } from '../../hooks/useSuperAdmin'
 import { PermissionDelegations } from './components/PermissionDelegations'
 
 export const EditPermission = () => {
   const { selectedPermission, permission } = usePermission()
-  const { isSuperAdmin } = useSuperAdmin()
+
   return (
     <EnvironmentProvider
       selectedEnvironment={selectedPermission.environment}
@@ -20,8 +19,8 @@ export const EditPermission = () => {
       <Box display="flex" flexDirection="column" rowGap={5}>
         <PermissionBasicInfo />
         <PermissionContent />
-        {isSuperAdmin && <PermissionAccessControl />}
-        {isSuperAdmin && <PermissionDelegations />}
+        <PermissionDelegations />
+        <PermissionAccessControl />
         <PublishPermission />
       </Box>
     </EnvironmentProvider>