lab6 mvc done

2023-09-25 22:12:27 +04:00 · 2023-09-25 22:12:27 +04:00 · 421baebbf7
commit 421baebbf7
parent 5e6d8104dc
4 changed files with 34 additions and 21 deletions
--- a/front/src/pages/albums.vue
+++ b/front/src/pages/albums.vue
@ -302,16 +302,23 @@ export default {
        },
        addAlbum(album) {
          console.log(this.album);
-            axios .create({
+          axios
+            .create({
              headers: {
                'Authorization': 'Bearer ' + localStorage.getItem("token")
-                                     }}).post(this.URL + "album", album)
+              }
+            })
+            .post(this.URL + "album", album)
            .then(() => {
              this.getAlbums();
              this.closeModal();
            })
            .catch(error => {
-                    console.log(error);
+              if (error.response && error.response.status === 403) {
+                console.error("Forbidden: User does not have permission to perform this operation");
+              } else {
+                console.error(error);
+              }
            });
        },
        deleteAlbum(id){
--- a/front/src/pages/songs.vue
+++ b/front/src/pages/songs.vue
@ -60,6 +60,8 @@ import 'axios';
 import axios from "axios";
 import Song from "@/models/Song";
 export default {
+    name: 'Songs',
+    emits: ['login'],
    created() {
        this.getSongs();
        this.getAlbums();
--- a/front/src/pages/users.vue
+++ b/front/src/pages/users.vue
@ -47,7 +47,11 @@ export default {
                              this.users = response.data;
                              })
                            .catch(error => {
-                console.log(error);
+                                          if (error.response && error.response.status === 403) {
+                                            console.error("Forbidden: User does not have permission to perform this operation");
+                                          } else {
+                                            console.error(error);
+                                          }
                            });
    },
    methods:{
--- a/src/main/java/ru/ulstu/is/sbapp/controllers/UserController.java
+++ b/src/main/java/ru/ulstu/is/sbapp/controllers/UserController.java
@ -2,6 +2,7 @@ package ru.ulstu.is.sbapp.controllers;

 import javax.validation.Valid;
 import org.springframework.security.access.annotation.Secured;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.*;
 import ru.ulstu.is.sbapp.database.model.User;
 import ru.ulstu.is.sbapp.database.model.Role;
@ -39,12 +40,11 @@ public class UserController {
        }
    }
    @GetMapping("/{id}")
-    @Secured({Role.AsString.ADMIN})
    public UserDTO getUser(@PathVariable Long id) {
        return new UserDTO(userService.findUser(id));
    }
    @GetMapping("/")
-    @Secured({Role.AsString.ADMIN})
+    @PreAuthorize("hasAuthority('ADMIN')")
    public List<UserDTO> getUsers() {
        return userService.findAllUsers().stream()
                .map(UserDTO::new)