feat: allow access to MTBFile endpoint for non-token users

author: Paul-Christian Volkmer 2024-05-27 12:19:24 +0200
committer: Paul-Christian Volkmer 2024-05-27 12:19:24 +0200
commit: fb5a3c062c4e328143ff49bc26fabd292d04fe0a (patch)
tree: 1614e68a4b45f30930106f8cdc77437fa3c0e867 /src/main
parent: 8fc0609aa40575e7eefd288f5571d76458348b73 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/src/main/kotlin/dev/dnpm/etl/processor/config/AppSecurityConfiguration.kt b/src/main/kotlin/dev/dnpm/etl/processor/config/AppSecurityConfiguration.kt
index 0da9398..6b063bd 100644
--- a/src/main/kotlin/dev/dnpm/etl/processor/config/AppSecurityConfiguration.kt
+++ b/src/main/kotlin/dev/dnpm/etl/processor/config/AppSecurityConfiguration.kt
@@ -89,7 +89,7 @@ class AppSecurityConfiguration(
         http {
             authorizeRequests {
                 authorize("/configs/**", hasRole("ADMIN"))
-                authorize("/mtbfile/**", hasAnyRole("MTBFILE"))
+                authorize("/mtbfile/**", hasAnyRole("MTBFILE", "ADMIN", "USER"))
                 authorize("/report/**", hasAnyRole("ADMIN", "USER"))
                 authorize("*.css", permitAll)
                 authorize("*.ico", permitAll)
@@ -147,7 +147,7 @@ class AppSecurityConfiguration(
         http {
             authorizeRequests {
                 authorize("/configs/**", hasRole("ADMIN"))
-                authorize("/mtbfile/**", hasAnyRole("MTBFILE"))
+                authorize("/mtbfile/**", hasAnyRole("MTBFILE", "ADMIN"))
                 authorize("/report/**", hasRole("ADMIN"))
                 authorize(anyRequest, permitAll)
             }
author	Paul-Christian Volkmer	2024-05-27 12:19:24 +0200
committer	Paul-Christian Volkmer	2024-05-27 12:19:24 +0200
commit	fb5a3c062c4e328143ff49bc26fabd292d04fe0a (patch)
tree	1614e68a4b45f30930106f8cdc77437fa3c0e867 /src/main
parent	8fc0609aa40575e7eefd288f5571d76458348b73 (diff)