1. fixed authorization when requesting for repository interfaces
This commit is contained in:
parent
7b9e1ef4a7
commit
fc4b182e0f
|
@ -124,7 +124,7 @@ public class RepositoryController {
|
|||
@RequestMapping(value = "/getRepositoryInterface/{id}", method = RequestMethod.GET,
|
||||
produces = MediaType.APPLICATION_JSON_VALUE)
|
||||
@ResponseBody
|
||||
@PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_PROVIDE_ADMIN') or @aaiUserRoleService.isMemberOf(#id)")
|
||||
@PostAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_PROVIDE_ADMIN') or @aaiUserRoleService.isMemberOf(#id) or (@repositoryService.getRepositoryById(#id).registeredBy=='null' and hasRole('ROLE_USER'))")
|
||||
public List<RepositoryInterface> getRepositoryInterface(@PathVariable("id") String id) throws JSONException {
|
||||
return repositoryService.getRepositoryInterface(id);
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue