Summary:

The provided code changes focus on enhancing the security and manageability of the Admin UI (AUI) in the Jans Auth Server application. The key changes include:

1. SMTP Keystore Editing: The addition of a new configuration parameter allowSmtpKeystoreEdit that controls whether users can edit the SMTP keystore in the AUI. This is an important security consideration, as the SMTP keystore may contain sensitive information that should be properly protected.

2. Role and Permission Management: The code introduces new functionality for managing roles and permissions in the AUI, including the ability to add, edit, and delete roles and permissions, as well as map permissions to roles. Proper access control and role-based permissions are crucial for ensuring that users have the appropriate level of access to the application.

3. Configuration Persistence: The configuration changes are persisted to the database using the PersistenceEntryManager. It is important to ensure that the database and any related configuration files are properly secured to prevent unauthorized access or modification.

4. Webhook Management: The changes include the addition of endpoints for managing webhooks, which allow for the integration of external systems and the triggering of actions based on specific events. It is important to ensure that the implementation of these webhook features is secure, with proper input validation and authorization checks.

Overall, the code changes appear to be focused on enhancing the security and manageability of the AUI, while also incorporating security best practices such as authentication, authorization, and input validation.

Files Changed:

1. jans-auth-server/model/src/main/java/io/jans/as/model/config/adminui/UIConfiguration.java: The changes introduce a new field allowSmtpKeystoreEdit to control whether the SMTP keystore can be edited in the AUI.

2. jans-config-api/plugins/admin-ui-plugin/src/main/java/io/jans/ca/plugin/adminui/model/config/AUIConfiguration.java: Similar to the changes in the UIConfiguration class, this file adds the allowSmtpKeystoreEdit property to the AUIConfiguration class.

3. jans-config-api/plugins/admin-ui-plugin/src/main/java/io/jans/ca/plugin/adminui/service/adminui/AdminUIService.java: This file includes changes related to the management of roles, permissions, and the SMTP keystore configuration in the AUI.

4. jans-config-api/plugins/admin-ui-plugin/src/main/java/io/jans/ca/plugin/adminui/model/auth/AppConfigResponse.java: The changes introduce a new field allowSmtpKeystoreEdit to the AppConfigResponse class, which is used for serialization and deserialization of JSON data.

5. jans-config-api/plugins/admin-ui-plugin/src/main/java/io/jans/ca/plugin/adminui/service/config/AUIConfigurationService.java: This file includes changes related to the management of the AUI configuration, including the SMTP keystore and license validation.

6. jans-config-api/plugins/docs/jans-admin-ui-plugin-swagger.yaml: This file contains updates to the Swagger documentation for the Admin UI, including new endpoints for managing permissions, roles, role-permissions mapping, configuration, licenses, and webhooks.