Loading src/main/java/es/redmic/api/config/Oauth2SecurityConfiguration.java +8 −8 Original line number Diff line number Diff line Loading @@ -68,14 +68,6 @@ public class Oauth2SecurityConfiguration { "#oauth2.hasScope('write') and " + "hasAnyRole('ROLE_ADMINISTRATOR', 'ROLE_OAG', 'ROLE_COLLABORATOR')"); http.authorizeRequests().antMatchers(HttpMethod.POST, "/mediastorage/**").access( "#oauth2.hasScope('read') or #oauth2.hasScope('write') and " + "hasAnyRole('ROLE_ADMINISTRATOR', 'ROLE_OAG', 'ROLE_COLLABORATOR')"); http.authorizeRequests().antMatchers(HttpMethod.GET, "/mediastorage/**").access( "#oauth2.hasScope('read') or #oauth2.hasScope('write') and " + "hasAnyRole('ROLE_ADMINISTRATOR', 'ROLE_OAG', 'ROLE_COLLABORATOR')"); http.authorizeRequests().antMatchers(HttpMethod.POST, "/mediastorage/uploads/users").access( "#oauth2.hasScope('read') or #oauth2.hasScope('write') and " + "hasAnyRole('ROLE_ADMINISTRATOR', 'ROLE_OAG', 'ROLE_COLLABORATOR', 'ROLE_USER')"); Loading @@ -84,6 +76,14 @@ public class Oauth2SecurityConfiguration { "#oauth2.hasScope('read') or #oauth2.hasScope('write') and " + "hasAnyRole('ROLE_ADMINISTRATOR', 'ROLE_OAG', 'ROLE_COLLABORATOR', 'ROLE_USER')"); http.authorizeRequests().antMatchers(HttpMethod.POST, "/mediastorage/**").access( "#oauth2.hasScope('read') or #oauth2.hasScope('write') and " + "hasAnyRole('ROLE_ADMINISTRATOR', 'ROLE_OAG', 'ROLE_COLLABORATOR')"); http.authorizeRequests().antMatchers(HttpMethod.GET, "/mediastorage/**").access( "#oauth2.hasScope('read') or #oauth2.hasScope('write') and " + "hasAnyRole('ROLE_ADMINISTRATOR', 'ROLE_OAG', 'ROLE_COLLABORATOR')"); http.authorizeRequests().antMatchers(HttpMethod.POST, "/**").access( "#oauth2.hasScope('write') and " + "hasAnyRole('ROLE_ADMINISTRATOR', 'ROLE_OAG', 'ROLE_COLLABORATOR')"); Loading Loading
src/main/java/es/redmic/api/config/Oauth2SecurityConfiguration.java +8 −8 Original line number Diff line number Diff line Loading @@ -68,14 +68,6 @@ public class Oauth2SecurityConfiguration { "#oauth2.hasScope('write') and " + "hasAnyRole('ROLE_ADMINISTRATOR', 'ROLE_OAG', 'ROLE_COLLABORATOR')"); http.authorizeRequests().antMatchers(HttpMethod.POST, "/mediastorage/**").access( "#oauth2.hasScope('read') or #oauth2.hasScope('write') and " + "hasAnyRole('ROLE_ADMINISTRATOR', 'ROLE_OAG', 'ROLE_COLLABORATOR')"); http.authorizeRequests().antMatchers(HttpMethod.GET, "/mediastorage/**").access( "#oauth2.hasScope('read') or #oauth2.hasScope('write') and " + "hasAnyRole('ROLE_ADMINISTRATOR', 'ROLE_OAG', 'ROLE_COLLABORATOR')"); http.authorizeRequests().antMatchers(HttpMethod.POST, "/mediastorage/uploads/users").access( "#oauth2.hasScope('read') or #oauth2.hasScope('write') and " + "hasAnyRole('ROLE_ADMINISTRATOR', 'ROLE_OAG', 'ROLE_COLLABORATOR', 'ROLE_USER')"); Loading @@ -84,6 +76,14 @@ public class Oauth2SecurityConfiguration { "#oauth2.hasScope('read') or #oauth2.hasScope('write') and " + "hasAnyRole('ROLE_ADMINISTRATOR', 'ROLE_OAG', 'ROLE_COLLABORATOR', 'ROLE_USER')"); http.authorizeRequests().antMatchers(HttpMethod.POST, "/mediastorage/**").access( "#oauth2.hasScope('read') or #oauth2.hasScope('write') and " + "hasAnyRole('ROLE_ADMINISTRATOR', 'ROLE_OAG', 'ROLE_COLLABORATOR')"); http.authorizeRequests().antMatchers(HttpMethod.GET, "/mediastorage/**").access( "#oauth2.hasScope('read') or #oauth2.hasScope('write') and " + "hasAnyRole('ROLE_ADMINISTRATOR', 'ROLE_OAG', 'ROLE_COLLABORATOR')"); http.authorizeRequests().antMatchers(HttpMethod.POST, "/**").access( "#oauth2.hasScope('write') and " + "hasAnyRole('ROLE_ADMINISTRATOR', 'ROLE_OAG', 'ROLE_COLLABORATOR')"); Loading
