| .. | .. |
|---|
| 37 | 37 | import net.curisit.securis.db.Application; |
|---|
| 38 | 38 | import net.curisit.securis.db.Organization; |
|---|
| 39 | 39 | import net.curisit.securis.db.User; |
|---|
| 40 | +import net.curisit.securis.db.User.Rol; |
|---|
| 40 | 41 | import net.curisit.securis.ioc.EnsureTransaction; |
|---|
| 41 | 42 | import net.curisit.securis.security.BasicSecurityContext; |
|---|
| 42 | 43 | import net.curisit.securis.security.Securable; |
|---|
| .. | .. |
|---|
| 120 | 121 | @Consumes(MediaType.APPLICATION_JSON) |
|---|
| 121 | 122 | @Produces({ MediaType.APPLICATION_JSON }) |
|---|
| 122 | 123 | @EnsureTransaction |
|---|
| 123 | | - @Securable |
|---|
| 124 | + @Securable(roles = Rol.ADMIN) |
|---|
| 124 | 125 | @RolesAllowed(BasicSecurityContext.ROL_ADMIN) |
|---|
| 125 | 126 | public Response create(User user, @HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token) { |
|---|
| 126 | 127 | LOG.info("Creating new user"); |
|---|
| .. | .. |
|---|
| 196 | 197 | @EnsureTransaction |
|---|
| 197 | 198 | @Consumes(MediaType.APPLICATION_JSON) |
|---|
| 198 | 199 | @Produces({ MediaType.APPLICATION_JSON }) |
|---|
| 199 | | - @Securable |
|---|
| 200 | + @Securable(roles = Rol.ADMIN) |
|---|
| 200 | 201 | @RolesAllowed(BasicSecurityContext.ROL_ADMIN) |
|---|
| 201 | 202 | public Response modify(User user, @PathParam("uid") String uid, @HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token) { |
|---|
| 202 | 203 | LOG.info("Modifying user with id: {}", uid); |
|---|
| .. | .. |
|---|
| 241 | 242 | @Path("/{uid}") |
|---|
| 242 | 243 | @EnsureTransaction |
|---|
| 243 | 244 | @Produces({ MediaType.APPLICATION_JSON }) |
|---|
| 244 | | - @Securable |
|---|
| 245 | + @Securable(roles = Rol.ADMIN) |
|---|
| 245 | 246 | @RolesAllowed(BasicSecurityContext.ROL_ADMIN) |
|---|
| 246 | 247 | public Response delete(@PathParam("uid") String uid, @Context HttpServletRequest request) { |
|---|
| 247 | 248 | LOG.info("Deleting app with id: {}", uid); |
|---|
