Restaura configuración de seguridad (64c2bc39) · Commits · REDMIC Project / Server / Atlas

atlas-view/src/main/java/es/redmic/atlasview/config/Oauth2SecurityConfiguration.java

+16 −13

Original line number	Diff line number	Diff line
		@@ -38,8 +38,7 @@ public class Oauth2SecurityConfiguration {
		public void configure(HttpSecurity http) throws Exception {
		// @formatter:off

		http.cors().and().anonymous().and().authorizeRequests()
		.antMatchers(HttpMethod.GET, "/actuator/**").permitAll();
		http.cors();

		http.authorizeRequests().antMatchers(HttpMethod.GET, "/**/settings/_suggest").access(
		"#oauth2.hasScope('write') and hasAnyRole('ROLE_ADMINISTRATOR', 'ROLE_OAG', 'ROLE_COLLABORATOR', 'ROLE_USER')");
		@@ -49,6 +48,10 @@ public class Oauth2SecurityConfiguration {
		http.authorizeRequests().antMatchers("//settings/").access(
		"#oauth2.hasScope('write') and hasAnyRole('ROLE_ADMINISTRATOR', 'ROLE_OAG', 'ROLE_COLLABORATOR', 'ROLE_USER')");

		http.authorizeRequests().antMatchers(HttpMethod.GET, "/actuator/**").permitAll();

		http.authorizeRequests().antMatchers(HttpMethod.GET, "/**").permitAll();

		http.authorizeRequests().antMatchers(HttpMethod.POST, "/**/_search").permitAll();

		http.authorizeRequests().antMatchers(HttpMethod.POST, "/**/_mget").permitAll();