Projekt

Obecné

Profil

« Předchozí | Další » 

Revize 6a1a8cd7

Přidáno uživatelem Jakub Šmíd před asi 2 roky(ů)

Database exported to script
- removed initialization from application
- updated docker-compose.yml to create volume and add data from script

re #9746

Zobrazit rozdíly:

backend/src/main/java/cz/zcu/kiv/backendapi/security/SecurityConfig.java
72 72 
     * @param http http security
73 73 
     * @throws Exception exception
74 74 
     */
75 
    // TODO configure and check rights
76 75 
    @Override
77 76 
    protected void configure(HttpSecurity http) throws Exception {
78 77 
        http.csrf().disable()
......
85 84 
                .authorizeRequests()
86 85 
                .antMatchers(HttpMethod.GET, PERMITTED_ENDPOINTS.keySet().stream().filter(k -> PERMITTED_ENDPOINTS.get(k).equals(HttpMethod.GET)).toArray(String[]::new)).permitAll()
87 86 
                .antMatchers(HttpMethod.POST, "/login").permitAll()
88 
                .antMatchers(HttpMethod.POST, "/external-catalog-items").hasRole(Role.ADMIN.name())
87 
                .antMatchers(HttpMethod.POST, "/users", "/external-catalog-items").hasRole(Role.ADMIN.name())
89 88 
                .antMatchers(HttpMethod.PATCH, "/users/*/permissions", "/users/*/password").hasRole(Role.ADMIN.name())
90 89 
                .antMatchers(HttpMethod.DELETE, "/users/**").hasRole(Role.ADMIN.name())
91 90 
                .antMatchers(HttpMethod.GET, "/users").hasRole(Role.ADMIN.name())
......
116 115 
     */
117 116 
    @Bean
118 117 
    public DaoAuthenticationProvider authenticationProvider() {
119 
        final DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
118 
        DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
120 119 
        provider.setUserDetailsService(userDetailsService);
121 120 
        provider.setPasswordEncoder(bCryptPasswordEncoder);
122 121 
        return provider;
......
124 123 

  		




  125
  124
  
    
    @Bean


  		




  126
  125
  
    
    CorsConfigurationSource corsConfigurationSource() {


  		




  127
  
  
    
        final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();


  		




  
  126
  
    
        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();


  		




  128
  127
  
    
        source.registerCorsConfiguration("/**", new CorsConfiguration().applyPermitDefaultValues());


  		




  129
  128
  
    
        return source;


  		




  130
  129
  
    
    }


  		












Také k dispozici:  Unified diff