From 84588a793c9484f9182d253ed83ad11687a1d4f8 Mon Sep 17 00:00:00 2001
From: rsanchez <rsanchez@curisit.net>
Date: Thu, 13 Apr 2017 17:18:56 +0000
Subject: [PATCH] #3529 feature - Added new role for readonly
---
securis/src/main/java/net/curisit/securis/services/ApplicationResource.java | 7 ++++---
1 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/securis/src/main/java/net/curisit/securis/services/ApplicationResource.java b/securis/src/main/java/net/curisit/securis/services/ApplicationResource.java
index e3fcced..e62cdb4 100644
--- a/securis/src/main/java/net/curisit/securis/services/ApplicationResource.java
+++ b/securis/src/main/java/net/curisit/securis/services/ApplicationResource.java
@@ -32,6 +32,7 @@
import net.curisit.securis.DefaultExceptionHandler;
import net.curisit.securis.db.Application;
import net.curisit.securis.db.ApplicationMetadata;
+import net.curisit.securis.db.User.Rol;
import net.curisit.securis.ioc.EnsureTransaction;
import net.curisit.securis.security.BasicSecurityContext;
import net.curisit.securis.security.Securable;
@@ -120,7 +121,7 @@
@Consumes(MediaType.APPLICATION_JSON)
@Produces({ MediaType.APPLICATION_JSON })
@EnsureTransaction
- @Securable
+ @Securable(roles = Rol.ADMIN)
@RolesAllowed(BasicSecurityContext.ROL_ADMIN)
public Response create(Application app, @HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token) {
LOG.info("Creating new application");
@@ -146,7 +147,7 @@
@EnsureTransaction
@Consumes(MediaType.APPLICATION_JSON)
@Produces({ MediaType.APPLICATION_JSON })
- @Securable
+ @Securable(roles = Rol.ADMIN)
@RolesAllowed(BasicSecurityContext.ROL_ADMIN)
public Response modify(Application app, @PathParam("appid") String appid, @HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token) {
LOG.info("Modifying application with id: {}", appid);
@@ -209,7 +210,7 @@
@Path("/{appid}")
@EnsureTransaction
@Produces({ MediaType.APPLICATION_JSON })
- @Securable
+ @Securable(roles = Rol.ADMIN)
@RolesAllowed(BasicSecurityContext.ROL_ADMIN)
public Response delete(@PathParam("appid") String appid, @Context HttpServletRequest request) {
LOG.info("Deleting app with id: {}", appid);
--
Gitblit v1.3.2