From 146a0fb8b0e90f9196e569152f649baf60d6cc8f Mon Sep 17 00:00:00 2001
From: Joaquín Reñé <jrene@curisit.net>
Date: Tue, 07 Oct 2025 14:52:57 +0000
Subject: [PATCH] #4410 - Comments on classes

---
 securis/src/main/java/net/curisit/securis/security/Securable.java |   24 ++++++++++++++++++------
 1 files changed, 18 insertions(+), 6 deletions(-)

diff --git a/securis/src/main/java/net/curisit/securis/security/Securable.java b/securis/src/main/java/net/curisit/securis/security/Securable.java
index 5580b5f..1ab3cd9 100644
--- a/securis/src/main/java/net/curisit/securis/security/Securable.java
+++ b/securis/src/main/java/net/curisit/securis/security/Securable.java
@@ -1,3 +1,6 @@
+/*
+* Copyright @ 2013 CurisTEC, S.A.S. All Rights Reserved.
+*/
 package net.curisit.securis.security;
 
 import java.lang.annotation.ElementType;
@@ -7,16 +10,25 @@
 
 import net.curisit.securis.utils.TokenHelper;
 
+/**
+* Securable
+* <p>
+* Method-level annotation to declare security requirements:
+* - {@link #header()} name containing the auth token (defaults to {@link TokenHelper#TOKEN_HEADER_PÀRAM}).
+* - {@link #roles()} required role bitmask; {@code 0} means no role restriction.
+*
+* Intended to be enforced by request filters/interceptors (e.g., RequestsInterceptor).
+* 
+* @author JRA
+* Last reviewed by JRA on Oct 5, 2025.
+*/
 @Retention(RetentionPolicy.RUNTIME)
 @Target(ElementType.METHOD)
 public @interface Securable {
-    /**
-     * Name of header parameter with the auth token to validate
-     */
+
+    /** Header name carrying the token to validate. */
     String header() default TokenHelper.TOKEN_HEADER_PÀRAM;
 
-    /**
-     * Bit mask with the rol or roles necessary to access the method
-     */
+    /** Bitmask of required roles; set 0 for public endpoints (token still may be required). */
     int roles() default 0;
 }

--
Gitblit v1.3.2