/ - Diff - D-Net - D-Net project tracking tool

« Previous | Next »

Revision 61330

1. fixed authorization when requesting for repository interfaces

         @RequestMapping(value = "/getRepositoryInterface/{id}", method = RequestMethod.GET,
                 produces = MediaType.APPLICATION_JSON_VALUE)
         @ResponseBody
         @PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_PROVIDE_ADMIN') or @aaiUserRoleService.isMemberOf(#id)")
         @PostAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_PROVIDE_ADMIN') or @aaiUserRoleService.isMemberOf(#id) or (@repositoryService.getRepositoryById(#id).registeredBy=='null' and hasRole('ROLE_USER'))")
         public List<RepositoryInterface> getRepositoryInterface(@PathVariable("id") String id) throws JSONException {
             return repositoryService.getRepositoryInterface(id);
+        }

Also available in: Unified diff