mirror of
https://bitbucket.org/wisemapping/wisemapping-open-source.git
synced 2024-11-25 15:37:56 +01:00
Fix try access.
This commit is contained in:
parent
555c6383b9
commit
6f528835bf
@ -39,8 +39,9 @@ public class RestAppConfig {
|
|||||||
.securityMatcher("/**")
|
.securityMatcher("/**")
|
||||||
.addFilterAfter(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class)
|
.addFilterAfter(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class)
|
||||||
.authorizeHttpRequests(auth -> auth
|
.authorizeHttpRequests(auth -> auth
|
||||||
.requestMatchers(mvc.pattern("/api/restful/users/")).permitAll()
|
|
||||||
.requestMatchers(mvc.pattern("/api/restful/authenticate")).permitAll()
|
.requestMatchers(mvc.pattern("/api/restful/authenticate")).permitAll()
|
||||||
|
.requestMatchers(mvc.pattern("/api/restful/users/")).permitAll()
|
||||||
|
.requestMatchers(mvc.pattern("/api/restful/maps/*/document/xml-pub")).permitAll()
|
||||||
.requestMatchers(mvc.pattern("/api/restful/users/resetPassword")).permitAll()
|
.requestMatchers(mvc.pattern("/api/restful/users/resetPassword")).permitAll()
|
||||||
.requestMatchers(mvc.pattern("/api/restful/oauth2/googlecallback")).permitAll()
|
.requestMatchers(mvc.pattern("/api/restful/oauth2/googlecallback")).permitAll()
|
||||||
.requestMatchers(mvc.pattern("/api/restful/oauth2/confirmaccountsync")).permitAll()
|
.requestMatchers(mvc.pattern("/api/restful/oauth2/confirmaccountsync")).permitAll()
|
||||||
|
@ -250,7 +250,7 @@ public class MindmapController extends BaseController {
|
|||||||
@NotNull
|
@NotNull
|
||||||
private Mindmap findMindmapById(int id) throws MapCouldNotFoundException, AccessDeniedSecurityException {
|
private Mindmap findMindmapById(int id) throws MapCouldNotFoundException, AccessDeniedSecurityException {
|
||||||
// Has enough permissions ?
|
// Has enough permissions ?
|
||||||
final User user = Utils.getUser(true);
|
final User user = Utils.getUser();
|
||||||
if (!mindmapService.hasPermissions(user, id, CollaborationRole.VIEWER)) {
|
if (!mindmapService.hasPermissions(user, id, CollaborationRole.VIEWER)) {
|
||||||
throw new AccessDeniedSecurityException(id, user);
|
throw new AccessDeniedSecurityException(id, user);
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user