Secured NodeService, added role 'NODE_MANAGEMENT'

server/src/main/java/ru/dragonestia/picker/model/Permission.java

@@ -3,7 +3,9 @@ package ru.dragonestia.picker.model;
 import org.springframework.security.core.GrantedAuthority;
 
 public enum Permission implements GrantedAuthority {
-    ADMIN;
+    ADMIN, // account management
+    NODE_MANAGEMENT, // create and remove nodes
+    ;
 
     @Override
     public String getAuthority() {

server/src/main/java/ru/dragonestia/picker/service/NodeService.java

@@ -1,5 +1,6 @@
 package ru.dragonestia.picker.service;
 
+import org.springframework.security.access.prepost.PreAuthorize;
 import ru.dragonestia.picker.api.exception.InvalidNodeIdentifierException;
 import ru.dragonestia.picker.api.exception.NodeAlreadyExistException;
 import ru.dragonestia.picker.api.model.node.NodeDetails;
@@ -12,8 +13,10 @@ import java.util.Set;
 
 public interface NodeService {
 
+    @PreAuthorize("hasRole('NODE_MANAGEMENT')")
     void create(Node node) throws InvalidNodeIdentifierException, NodeAlreadyExistException;
 
+    @PreAuthorize("hasRole('NODE_MANAGEMENT')")
     void remove(Node node);
 
     List<Node> all();