From d0a1e253b81b4a9cb5d9f7b992b58cf2e543c740 Mon Sep 17 00:00:00 2001
From: ScarletRedMan <terentev.andrey.2002@gmail.com>
Date: Tue, 26 Mar 2024 00:58:57 +0700
Subject: [PATCH] Restricted getting account details

---
 .../ru/dragonestia/picker/controller/AccountsController.java    | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/server/src/main/java/ru/dragonestia/picker/controller/AccountsController.java b/server/src/main/java/ru/dragonestia/picker/controller/AccountsController.java
index 85040a3..d62be9d 100644
--- a/server/src/main/java/ru/dragonestia/picker/controller/AccountsController.java
+++ b/server/src/main/java/ru/dragonestia/picker/controller/AccountsController.java
@@ -2,6 +2,7 @@ package ru.dragonestia.picker.controller;
 
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.ResponseEntity;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.web.bind.annotation.*;
@@ -22,6 +23,7 @@ public class AccountsController {
         return account.toResponseObject();
     }
 
+    @PreAuthorize("hasRole('ADMIN')")
     @GetMapping("/{accountId}")
     ResponseEntity<ResponseAccount> findAccount(@PathVariable String accountId) {
         try {