Revision 57661
Added by Michele Artini over 4 years ago
WebSecurityConfig.java | ||
---|---|---|
13 | 13 |
import org.springframework.security.crypto.password.PasswordEncoder; |
14 | 14 |
import org.springframework.security.web.access.AccessDeniedHandler; |
15 | 15 |
|
16 |
import eu.dnetlib.organizations.utils.OpenOrgsConstants;
|
|
16 |
import eu.dnetlib.organizations.controller.UserRole;
|
|
17 | 17 |
|
18 | 18 |
@Configuration |
19 | 19 |
@EnableWebSecurity |
... | ... | |
32 | 32 |
.disable() |
33 | 33 |
.authorizeRequests() |
34 | 34 |
.antMatchers("/", "/api/**") |
35 |
.hasAnyRole(OpenOrgsConstants.userRole, OpenOrgsConstants.superUserRole)
|
|
36 |
.antMatchers("/public_api/**")
|
|
37 |
.hasRole(OpenOrgsConstants.notAuthorizedRole)
|
|
38 |
.antMatchers("/resources/**", "/webjars/**", "/public_api/**")
|
|
35 |
.hasAnyRole(UserRole.ADMIN.name(), UserRole.NATIONAL_ADMIN.name(), UserRole.USER.name())
|
|
36 |
.antMatchers("/registration_api/**")
|
|
37 |
.hasRole(UserRole.NOT_AUTHORIZED.name())
|
|
38 |
.antMatchers("/resources/**", "/webjars/**") |
|
39 | 39 |
.permitAll() |
40 | 40 |
.anyRequest() |
41 | 41 |
.authenticated() |
... | ... | |
58 | 58 |
.usersByUsernameQuery("select ?, '{MD5}60c4a0eb167dd41e915a885f582414df', true") // TODO: this is a MOCK, the user should |
59 | 59 |
// be authenticated using the openaire |
60 | 60 |
// credentials |
61 |
.authoritiesByUsernameQuery("with const as (SELECT ? as email) select c.email, 'ROLE_'||coalesce(u.role, 'NOTAUTHORIZED') from const c left outer join users u on (u.email = c.email)"); |
|
61 |
.authoritiesByUsernameQuery("with const as (SELECT ? as email) " |
|
62 |
+ "select c.email, 'ROLE_'||coalesce(u.role, '" |
|
63 |
+ UserRole.NOT_AUTHORIZED |
|
64 |
+ "') from const c left outer join users u on (u.email = c.email)"); |
|
62 | 65 |
} |
63 | 66 |
|
64 | 67 |
@Bean |
Also available in: Unified diff
national admin management