Commit c63e0750 authored by Sreenidhi Iyangar's avatar Sreenidhi Iyangar
Browse files

retaining URL as /users

parent 47f70c1b
......@@ -46,7 +46,7 @@ public class EnableSecurityConfig extends ResourceServerConfigurerAdapter {
public void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers(AUTH_WHITELIST).permitAll()
.antMatchers("/registryUsers/**").hasRole("ADMIN")
.antMatchers("/users/**").hasRole("ADMIN")
.antMatchers(HttpMethod.POST).hasAnyRole("EDITOR", "ADMIN")
.antMatchers(HttpMethod.PUT).hasAnyRole("EDITOR", "ADMIN")
.antMatchers(HttpMethod.PATCH).hasAnyRole("EDITOR", "ADMIN")
......
......@@ -19,10 +19,10 @@ package uk.ac.ebi.ampt2d.registry.repositories;
import org.springframework.data.repository.PagingAndSortingRepository;
import org.springframework.data.repository.query.Param;
import org.springframework.stereotype.Repository;
import org.springframework.data.rest.core.annotation.RepositoryRestResource;
import uk.ac.ebi.ampt2d.registry.entities.RegistryUser;
@Repository
@RepositoryRestResource(collectionResourceRel = "users", path = "users")
public interface RegistryUserRepository extends PagingAndSortingRepository<RegistryUser, String> {
RegistryUser findByEmail(@Param("email") String email);
......
......@@ -318,10 +318,10 @@ public class PropertyRegistryServiceApplicationTests {
.andExpect(status().isNoContent());
//Change of Role can be performed by ADMIN only
mockMvc.perform(put("/registryUsers/testUser@gmail.com")
mockMvc.perform(put("/users/testUser@gmail.com")
.content("{\"role\": \"ROLE_EDITOR\"}").with(oAuthHelper.bearerToken("testEditor@gmail.com")))
.andExpect(status().isForbidden());
mockMvc.perform(put("/registryUsers/testUser@gmail.com")
mockMvc.perform(put("/users/testUser@gmail.com")
.content("{\"role\": \"ROLE_EDITOR\"}").with(oAuthHelper.bearerToken("testAdmin@gmail.com")))
.andExpect(status().isNoContent());
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment