diff --git a/data.mv.db b/data.mv.db
index 204d8dc..2e6c88c 100644
Binary files a/data.mv.db and b/data.mv.db differ
diff --git a/front/src/App.jsx b/front/src/App.jsx
index 2fef7e2..8366d26 100644
--- a/front/src/App.jsx
+++ b/front/src/App.jsx
@@ -18,8 +18,8 @@ export default function App() {
const links = [
{ path: 'catalog', label: "Catalog", userGroup: "AUTH" },
{ path: 'readerAction', label: "ReaderAction", userGroup: "USER" },
- { path: 'creatorAction', label: "CreatorAction", userGroup: "ADMIN" },
- { path: 'users', label: "Users", userGroup: "ADMIN" }
+ { path: 'creatorAction', label: "CreatorAction", userGroup: "USER" },
+ { path: 'users', label: "Users", userGroup: "USER" }
];
return (
<>
@@ -37,7 +37,7 @@ export default function App() {
}>
} path="/readerAction" />
- }>
+ }>
} path="/users" />
} path="/creatorAction" />
diff --git a/src/main/java/com/LabWork/app/MangaStore/controller/UserController.java b/src/main/java/com/LabWork/app/MangaStore/controller/UserController.java
index f2040e4..c82efea 100644
--- a/src/main/java/com/LabWork/app/MangaStore/controller/UserController.java
+++ b/src/main/java/com/LabWork/app/MangaStore/controller/UserController.java
@@ -50,6 +50,7 @@ public class UserController {
return new UserDto(user);
}
+ @Secured(UserRole.AsString.ADMIN)
@PostMapping(OpenAPI30Configuration.API_PREFIX + "/user")
public String updateUser(@RequestBody @Valid UserDto userDto) {
try {
@@ -60,12 +61,14 @@ public class UserController {
}
}
+ @Secured(UserRole.AsString.ADMIN)
@DeleteMapping(OpenAPI30Configuration.API_PREFIX + "/user/{id}")
public UserDto removeUser(@PathVariable Long id) {
User user = userService.deleteUser(id);
return new UserDto(user);
}
+ @Secured(UserRole.AsString.ADMIN)
@GetMapping(OpenAPI30Configuration.API_PREFIX + "/users")
public Pair, List> getUsers(@RequestParam(defaultValue = "1") int page,
@RequestParam(defaultValue = "5") int size) {