Fix try access.

2024-02-09 23:55:05 -08:00 · 2024-02-09 23:55:05 -08:00 · 6f528835bf
parent 555c6383b9
commit 6f528835bf
2 changed files with 3 additions and 2 deletions
--- a/wise-api/src/main/java/com/wisemapping/config/rest/RestAppConfig.java
+++ b/wise-api/src/main/java/com/wisemapping/config/rest/RestAppConfig.java
@ -39,8 +39,9 @@ public class RestAppConfig {
                .securityMatcher("/**")
                .addFilterAfter(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class)
                .authorizeHttpRequests(auth -> auth
-                        .requestMatchers(mvc.pattern("/api/restful/users/")).permitAll()
                        .requestMatchers(mvc.pattern("/api/restful/authenticate")).permitAll()
+                        .requestMatchers(mvc.pattern("/api/restful/users/")).permitAll()
+                        .requestMatchers(mvc.pattern("/api/restful/maps/*/document/xml-pub")).permitAll()
                        .requestMatchers(mvc.pattern("/api/restful/users/resetPassword")).permitAll()
                        .requestMatchers(mvc.pattern("/api/restful/oauth2/googlecallback")).permitAll()
                        .requestMatchers(mvc.pattern("/api/restful/oauth2/confirmaccountsync")).permitAll()
--- a/wise-api/src/main/java/com/wisemapping/rest/MindmapController.java
+++ b/wise-api/src/main/java/com/wisemapping/rest/MindmapController.java
@ -250,7 +250,7 @@ public class MindmapController extends BaseController {
    @NotNull
    private Mindmap findMindmapById(int id) throws MapCouldNotFoundException, AccessDeniedSecurityException {
        // Has enough permissions ?
-        final User user = Utils.getUser(true);
+        final User user = Utils.getUser();
        if (!mindmapService.hasPermissions(user, id, CollaborationRole.VIEWER)) {
            throw new AccessDeniedSecurityException(id, user);
        }