feat: forbid access to report if not logged in

author: Paul-Christian Volkmer 2024-02-05 07:18:31 +0100
committer: Paul-Christian Volkmer 2024-02-05 07:18:31 +0100
commit: 329be65d1a8e3daa1939087a359fd403d699c6ef (patch)
tree: b7c10a74e58cab0be610e88abe36191774748ca1 /src/main/kotlin/dev
parent: 91fe3d1c23d9367ac788837cadfd750dcb68afb2 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/src/main/kotlin/dev/dnpm/etl/processor/config/AppSecurityConfiguration.kt b/src/main/kotlin/dev/dnpm/etl/processor/config/AppSecurityConfiguration.kt
index 750ccbc..6017aab 100644
--- a/src/main/kotlin/dev/dnpm/etl/processor/config/AppSecurityConfiguration.kt
+++ b/src/main/kotlin/dev/dnpm/etl/processor/config/AppSecurityConfiguration.kt
@@ -82,6 +82,7 @@ class AppSecurityConfiguration(
             authorizeRequests {
                 authorize("/configs/**", hasRole("ADMIN"))
                 authorize("/mtbfile/**", hasAnyRole("MTBFILE"))
+                authorize("/report/**", fullyAuthenticated)
                 authorize(anyRequest, permitAll)
             }
             httpBasic {
@@ -105,6 +106,7 @@ class AppSecurityConfiguration(
             authorizeRequests {
                 authorize("/configs/**", hasRole("ADMIN"))
                 authorize("/mtbfile/**", hasAnyRole("MTBFILE"))
+                authorize("/report/**", hasRole("ADMIN"))
                 authorize(anyRequest, permitAll)
             }
             httpBasic {
author	Paul-Christian Volkmer	2024-02-05 07:18:31 +0100
committer	Paul-Christian Volkmer	2024-02-05 07:18:31 +0100
commit	329be65d1a8e3daa1939087a359fd403d699c6ef (patch)
tree	b7c10a74e58cab0be610e88abe36191774748ca1 /src/main/kotlin/dev
parent	91fe3d1c23d9367ac788837cadfd750dcb68afb2 (diff)