SecurityConfig dla usługi restowej

a444e7de · Patryk Czarnik · 36e8ef77 · a444e7de
Commit a444e7de authored Jun 28, 2024 by Patryk Czarnik
Hide whitespace changes
Inline Side-by-side

Showing with 5 additions and 1 deletions

SecurityConfig.java ...ngJersey/src/main/java/sklep/security/SecurityConfig.java +5 -1

No files found.
--- a/PC34-SpringJersey/src/main/java/sklep/security/SecurityConfig.java
+++ b/PC34-SpringJersey/src/main/java/sklep/security/SecurityConfig.java
@@ -2,6 +2,7 @@ package sklep.security;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpMethod;
 import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@@ -17,7 +18,10 @@ public class SecurityConfig {
    SecurityFilterChain setHttpSecurity(HttpSecurity httpSecurity) throws Exception {
        httpSecurity
            .authorizeHttpRequests((authz) -> authz
-                    .anyRequest().permitAll()
+                    .requestMatchers(HttpMethod.GET).permitAll()
+                    .requestMatchers(HttpMethod.POST).hasRole("manager")
+                    .requestMatchers(HttpMethod.PUT).hasRole("manager")
+                    .requestMatchers(HttpMethod.DELETE).hasRole("manager")
                )
            .httpBasic(Customizer.withDefaults())
            .csrf(config -> config.disable());