Dragonestia/RoomPicker
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Restricted getting account details

Browse Source
This commit is contained in:
Andrey Terentev 2024-03-26 00:58:57 +07:00 committed by Andrey Terentev
parent 743c3a9d21
commit d0a1e253b8
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
server/src/main/java/ru/dragonestia/picker/controller/AccountsController.java
View File

@ -2,6 +2,7 @@ package ru.dragonestia.picker.controller;
import lombok.RequiredArgsConstructor; import lombok.RequiredArgsConstructor;
import org.springframework.http.ResponseEntity; import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.web.bind.annotation.*; import org.springframework.web.bind.annotation.*;
@ -22,6 +23,7 @@ public class AccountsController {
return account.toResponseObject(); return account.toResponseObject();
} }
@PreAuthorize("hasRole('ADMIN')")
@GetMapping("/{accountId}") @GetMapping("/{accountId}")
ResponseEntity<ResponseAccount> findAccount(@PathVariable String accountId) { ResponseEntity<ResponseAccount> findAccount(@PathVariable String accountId) {
try { try {