From e0dba6f4ee1550c55e2765adeabf334200984543 Mon Sep 17 00:00:00 2001
From: Paul-Christian Volkmer
Date: Thu, 6 Apr 2023 14:42:35 +0200
Subject: Issue #24: Füge Annotationen und Spring-AOP Aspect zum Absichern von
 Methodenaufrufen hinzu

---
 src/main/java/DNPM/security/PersonPoolBasedPermissionEvaluator.java | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'src/main/java/DNPM/security/PersonPoolBasedPermissionEvaluator.java')

diff --git a/src/main/java/DNPM/security/PersonPoolBasedPermissionEvaluator.java b/src/main/java/DNPM/security/PersonPoolBasedPermissionEvaluator.java
index 4d895e4..2eac69c 100644
--- a/src/main/java/DNPM/security/PersonPoolBasedPermissionEvaluator.java
+++ b/src/main/java/DNPM/security/PersonPoolBasedPermissionEvaluator.java
@@ -6,6 +6,7 @@ import org.springframework.jdbc.core.JdbcTemplate;
 import org.springframework.security.access.PermissionEvaluator;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.stereotype.Component;
 
 import javax.sql.DataSource;
 import java.io.Serializable;
@@ -14,6 +15,7 @@ import java.util.List;
 /**
  * Permission-Evaluator zur Auswertung der Berechtigung auf Objekte aufgrund der Personenstammberechtigung
  */
+@Component
 public class PersonPoolBasedPermissionEvaluator implements PermissionEvaluator {
 
     private final JdbcTemplate jdbcTemplate;
@@ -71,7 +73,7 @@ public class PersonPoolBasedPermissionEvaluator implements PermissionEvaluator {
         var userDetails = (UserDetails)authentication.getPrincipal();
 
         return jdbcTemplate
-                .query(sql, new Object[]{userDetails.getUsername()}, (rs, rowNum) -> rs.getString("id"));
+                .query(sql, new Object[]{userDetails.getUsername()}, (rs, rowNum) -> rs.getString("kennung"));
     }
 
 
-- 
cgit v1.2.3