diff options
| author | Paul-Christian Volkmer | 2024-03-01 09:30:07 +0100 |
|---|---|---|
| committer | Paul-Christian Volkmer | 2024-03-01 09:30:07 +0100 |
| commit | 5c15ad4518f70e4523405fa67635c4dff1a73e43 (patch) | |
| tree | dda919da7733b3b63cafc9e71fe1dea0f37f18d3 /src/main/resources/templates/index.html | |
| parent | 0b6decf88d9084616874d65827e7eb1e8050d1c5 (diff) | |
feat: add user role database table and role-based permissions
Diffstat (limited to 'src/main/resources/templates/index.html')
| -rw-r--r-- | src/main/resources/templates/index.html | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/src/main/resources/templates/index.html b/src/main/resources/templates/index.html index 3951f66..be3123b 100644 --- a/src/main/resources/templates/index.html +++ b/src/main/resources/templates/index.html @@ -53,17 +53,17 @@ <td th:style="${request.type.value == 'delete'} ? 'color: red;'"><small>[[ ${request.type} ]]</small></td> <td th:if="not ${request.report}">[[ ${request.uuid} ]]</td> <td th:if="${request.report}"> - <th:block sec:authorize="not authenticated">[[ ${request.uuid} ]]</th:block> - <a th:href="@{/report/{id}(id=${request.uuid})}" sec:authorize="authenticated">[[ ${request.uuid} ]]</a> + <a th:href="@{/report/{id}(id=${request.uuid})}" sec:authorize="hasRole('USER') or hasRole('ADMIN')">[[ ${request.uuid} ]]</a> + <th:block sec:authorize="not (hasRole('USER') or hasRole('ADMIN'))">[[ ${request.uuid} ]]</th:block> </td> <td><time th:datetime="${request.processedAt}">[[ ${request.processedAt} ]]</time></td> - <td class="patient-id" th:if="${patientId != null}" sec:authorize="authenticated"> + <td class="patient-id" th:if="${patientId != null}" sec:authorize="hasRole('USER') or hasRole('ADMIN')"> [[ ${request.patientId} ]] </td> - <td class="patient-id" th:if="${patientId == null}" sec:authorize="authenticated"> + <td class="patient-id" th:if="${patientId == null}" sec:authorize="hasRole('USER') or hasRole('ADMIN')"> <a th:href="@{/patient/{pid}(pid=${request.patientId})}">[[ ${request.patientId} ]]</a> </td> - <td class="patient-id" sec:authorize="not authenticated">***</td> + <td class="patient-id" sec:authorize="not (hasRole('USER') or hasRole('ADMIN'))">***</td> </tr> </tbody> </table> |