From 11ca677f65b2341bc82a69c245d85f7e480a676c Mon Sep 17 00:00:00 2001 From: ScarletRedMan Date: Mon, 25 Mar 2024 11:48:44 +0700 Subject: [PATCH] Secured NodeService, added role 'NODE_MANAGEMENT' --- .../src/main/java/ru/dragonestia/picker/model/Permission.java | 4 +++- .../main/java/ru/dragonestia/picker/service/NodeService.java | 3 +++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/server/src/main/java/ru/dragonestia/picker/model/Permission.java b/server/src/main/java/ru/dragonestia/picker/model/Permission.java index 85f9cda..c295d6e 100644 --- a/server/src/main/java/ru/dragonestia/picker/model/Permission.java +++ b/server/src/main/java/ru/dragonestia/picker/model/Permission.java @@ -3,7 +3,9 @@ package ru.dragonestia.picker.model; import org.springframework.security.core.GrantedAuthority; public enum Permission implements GrantedAuthority { - ADMIN; + ADMIN, // account management + NODE_MANAGEMENT, // create and remove nodes + ; @Override public String getAuthority() { diff --git a/server/src/main/java/ru/dragonestia/picker/service/NodeService.java b/server/src/main/java/ru/dragonestia/picker/service/NodeService.java index 2631a46..f44915b 100644 --- a/server/src/main/java/ru/dragonestia/picker/service/NodeService.java +++ b/server/src/main/java/ru/dragonestia/picker/service/NodeService.java @@ -1,5 +1,6 @@ package ru.dragonestia.picker.service; +import org.springframework.security.access.prepost.PreAuthorize; import ru.dragonestia.picker.api.exception.InvalidNodeIdentifierException; import ru.dragonestia.picker.api.exception.NodeAlreadyExistException; import ru.dragonestia.picker.api.model.node.NodeDetails; @@ -12,8 +13,10 @@ import java.util.Set; public interface NodeService { + @PreAuthorize("hasRole('NODE_MANAGEMENT')") void create(Node node) throws InvalidNodeIdentifierException, NodeAlreadyExistException; + @PreAuthorize("hasRole('NODE_MANAGEMENT')") void remove(Node node); List all();