Merge pull request #48 from CCC-MF/issue_36

Freigabe und Berechtigung für OIDC-Benutzer
author: Paul-Christian Volkmer 2024-03-01 14:09:06 +0100
committer: GitHub 2024-03-01 14:09:06 +0100
commit: 5928d52237cd5935fb751b3f667617e84b5bbae2 (patch)
tree: 9ab899a2581ebd037320a7c951db1711392e129c /src/main/resources/templates/index.html
parent: 0b6decf88d9084616874d65827e7eb1e8050d1c5 (diff)
parent: 1eb40b40c99b4aed31da983332e8b44275c19dd9 (diff)
1 files changed, 5 insertions, 5 deletions
diff --git a/src/main/resources/templates/index.html b/src/main/resources/templates/index.html
index 3951f66..be3123b 100644
--- a/src/main/resources/templates/index.html
+++ b/src/main/resources/templates/index.html
@@ -53,17 +53,17 @@
                         <td th:style="${request.type.value == 'delete'} ? 'color: red;'"><small>[[ ${request.type} ]]</small></td>
                         <td th:if="not ${request.report}">[[ ${request.uuid} ]]</td>
                         <td th:if="${request.report}">
-                            <th:block sec:authorize="not authenticated">[[ ${request.uuid} ]]</th:block>
-                            <a th:href="@{/report/{id}(id=${request.uuid})}" sec:authorize="authenticated">[[ ${request.uuid} ]]</a>
+                            <a th:href="@{/report/{id}(id=${request.uuid})}" sec:authorize="hasRole('USER') or hasRole('ADMIN')">[[ ${request.uuid} ]]</a>
+                            <th:block sec:authorize="not (hasRole('USER') or hasRole('ADMIN'))">[[ ${request.uuid} ]]</th:block>
                         </td>
                         <td><time th:datetime="${request.processedAt}">[[ ${request.processedAt} ]]</time></td>
-                        <td class="patient-id" th:if="${patientId != null}" sec:authorize="authenticated">
+                        <td class="patient-id" th:if="${patientId != null}" sec:authorize="hasRole('USER') or hasRole('ADMIN')">
                             [[ ${request.patientId} ]]
                         </td>
-                        <td class="patient-id" th:if="${patientId == null}" sec:authorize="authenticated">
+                        <td class="patient-id" th:if="${patientId == null}" sec:authorize="hasRole('USER') or hasRole('ADMIN')">
                             <a th:href="@{/patient/{pid}(pid=${request.patientId})}">[[ ${request.patientId} ]]</a>
                         </td>
-                        <td class="patient-id" sec:authorize="not authenticated">***</td>
+                        <td class="patient-id" sec:authorize="not (hasRole('USER') or hasRole('ADMIN'))">***</td>
                     </tr>
                 </tbody>
             </table>
author	Paul-Christian Volkmer	2024-03-01 14:09:06 +0100
committer	GitHub	2024-03-01 14:09:06 +0100
commit	5928d52237cd5935fb751b3f667617e84b5bbae2 (patch)
tree	9ab899a2581ebd037320a7c951db1711392e129c /src/main/resources/templates/index.html
parent	0b6decf88d9084616874d65827e7eb1e8050d1c5 (diff)
parent	1eb40b40c99b4aed31da983332e8b44275c19dd9 (diff)