From fc4b182e0fb8b8f539bd2c41c6ed8f34d1f72ef5 Mon Sep 17 00:00:00 2001
From: spyroukon <spyroukon@di.uoa.gr>
Date: Wed, 7 Jul 2021 08:25:51 +0000
Subject: [PATCH] 1. fixed authorization when requesting for repository
 interfaces

---
 .../dnetlib/repo/manager/controllers/RepositoryController.java  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/main/java/eu/dnetlib/repo/manager/controllers/RepositoryController.java b/src/main/java/eu/dnetlib/repo/manager/controllers/RepositoryController.java
index f088a0d..d106f74 100644
--- a/src/main/java/eu/dnetlib/repo/manager/controllers/RepositoryController.java
+++ b/src/main/java/eu/dnetlib/repo/manager/controllers/RepositoryController.java
@@ -124,7 +124,7 @@ public class RepositoryController {
     @RequestMapping(value = "/getRepositoryInterface/{id}", method = RequestMethod.GET,
             produces = MediaType.APPLICATION_JSON_VALUE)
     @ResponseBody
-    @PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_PROVIDE_ADMIN') or @aaiUserRoleService.isMemberOf(#id)")
+    @PostAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_PROVIDE_ADMIN') or @aaiUserRoleService.isMemberOf(#id) or (@repositoryService.getRepositoryById(#id).registeredBy=='null' and hasRole('ROLE_USER'))")
     public List<RepositoryInterface> getRepositoryInterface(@PathVariable("id") String id) throws JSONException {
         return repositoryService.getRepositoryInterface(id);
     }