From 2eaf84e681ce01d6e3c99cb816d4f07ec8dc001f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=D0=A2=D0=B0=D1=82=D1=8C=D1=8F=D0=BD=D0=B0=20=D0=90=D1=80?= =?UTF-8?q?=D1=82=D0=B0=D0=BC=D0=BE=D0=BD=D0=BE=D0=B2=D0=B0?= Date: Tue, 26 Sep 2023 13:47:36 +0400 Subject: [PATCH] lab6 mvc done --- .../java/ru/ulstu/is/sbapp/controllers/AlbumController.java | 3 ++- .../java/ru/ulstu/is/sbapp/controllers/ArtistController.java | 3 ++- .../java/ru/ulstu/is/sbapp/controllers/SongController.java | 3 ++- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/src/main/java/ru/ulstu/is/sbapp/controllers/AlbumController.java b/src/main/java/ru/ulstu/is/sbapp/controllers/AlbumController.java index 272731e..85a53ef 100644 --- a/src/main/java/ru/ulstu/is/sbapp/controllers/AlbumController.java +++ b/src/main/java/ru/ulstu/is/sbapp/controllers/AlbumController.java @@ -3,6 +3,7 @@ package ru.ulstu.is.sbapp.controllers; import javax.validation.Valid; import org.springframework.http.ResponseEntity; import org.springframework.security.access.annotation.Secured; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.web.bind.annotation.*; import ru.ulstu.is.sbapp.configuration.WebConfiguration; import ru.ulstu.is.sbapp.database.model.Artist; @@ -35,7 +36,7 @@ public class AlbumController { } @PostMapping - @Secured({UserRole.AsString.ADMIN}) + @PreAuthorize("hasAuthority('ROLE_ADMIN')") public AlbumDTO createAlbum(@RequestBody @Valid AlbumDTO albumDTO){ return new AlbumDTO(albumService.addAlbum(albumDTO.getAlbumName())); } diff --git a/src/main/java/ru/ulstu/is/sbapp/controllers/ArtistController.java b/src/main/java/ru/ulstu/is/sbapp/controllers/ArtistController.java index 8f561eb..788a1e7 100644 --- a/src/main/java/ru/ulstu/is/sbapp/controllers/ArtistController.java +++ b/src/main/java/ru/ulstu/is/sbapp/controllers/ArtistController.java @@ -3,6 +3,7 @@ package ru.ulstu.is.sbapp.controllers; import javax.validation.Valid; import org.springframework.security.access.annotation.Secured; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.web.bind.annotation.*; import ru.ulstu.is.sbapp.configuration.WebConfiguration; import ru.ulstu.is.sbapp.database.model.UserRole; @@ -32,7 +33,7 @@ public class ArtistController { } @PostMapping - @Secured({UserRole.AsString.ADMIN}) + @PreAuthorize("hasAuthority('ROLE_ADMIN')") public ArtistDTO createArtist(@RequestBody @Valid ArtistDTO artistDTO){ return new ArtistDTO(artistService.addArtist(artistDTO.getArtistName(), artistDTO.getGenre())); } diff --git a/src/main/java/ru/ulstu/is/sbapp/controllers/SongController.java b/src/main/java/ru/ulstu/is/sbapp/controllers/SongController.java index 1699751..6fa7b7b 100644 --- a/src/main/java/ru/ulstu/is/sbapp/controllers/SongController.java +++ b/src/main/java/ru/ulstu/is/sbapp/controllers/SongController.java @@ -3,6 +3,7 @@ package ru.ulstu.is.sbapp.controllers; import javax.validation.Valid; import org.springframework.security.access.annotation.Secured; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.web.bind.annotation.*; import ru.ulstu.is.sbapp.configuration.WebConfiguration; import ru.ulstu.is.sbapp.database.model.UserRole; @@ -35,7 +36,7 @@ public class SongController { } @PostMapping - @Secured({UserRole.AsString.ADMIN}) + @PreAuthorize("hasAuthority('ROLE_ADMIN')") public SongDTO createSong(@RequestBody @Valid SongDTO songDTO){ return new SongDTO(songService.addSong(songDTO.getSongName(), songDTO.getDuration())); }