Changeset 08f82ec for jobvista-backend/src/main/java/mk/ukim/finki/predmeti/internettehnologii/jobvistabackend/config
- Timestamp:
- 06/20/24 11:57:13 (2 weeks ago)
- Branches:
- main
- Children:
- 0f0add0
- Parents:
- befb988
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
jobvista-backend/src/main/java/mk/ukim/finki/predmeti/internettehnologii/jobvistabackend/config/SecurityConfiguration.java
rbefb988 r08f82ec 31 31 http.csrf(AbstractHttpConfigurer::disable) 32 32 .authorizeHttpRequests(request -> request 33 // TO DO: FIX PERMISSIONS 34 .requestMatchers("/api/job-advertisements/**", 35 "/api/job-advertisements/view/**", 33 .requestMatchers( 34 "/api/auth/**", 35 "/api/job-advertisements/**", 36 "/api/applications/**", 36 37 "/api/recruiter/**", 37 "/api/job-seeker/**", 38 "/api/recruiter/{id}/info", 39 "/api/recruiter/{id}/edit-info", 40 "/api/job-advertisements/apply/**", 41 "/api/auth/**", 42 "/api/resume/**", 43 "/api/my-applications/**", 44 "/api/applications/{id}/update", 45 "/api/admin/**").permitAll() 46 // .requestMatchers("/api/recruiter").hasAnyAuthority(Role.ROLE_RECRUITER.name()) 38 "/api/job-seeker/**" 39 ).permitAll() 40 .requestMatchers("/api/admin/**").hasAnyAuthority(Role.ROLE_ADMIN.name()) 41 .requestMatchers("/api/recruiter/{id}/edit-info").hasAnyAuthority(Role.ROLE_RECRUITER.name()) 42 .requestMatchers("/api/recruiter/submit-logo").hasAnyAuthority(Role.ROLE_RECRUITER.name()) 43 .requestMatchers("/api/job-seeker/{id}/edit-info").hasAnyAuthority(Role.ROLE_RECRUITER.name()) 44 .requestMatchers("/api/job-seeker/submit-profile-pic").hasAnyAuthority(Role.ROLE_JOBSEEKER.name()) 45 .requestMatchers("/api/job-advertisements/add").hasAnyAuthority(Role.ROLE_RECRUITER.name()) 46 .requestMatchers("/api/job-advertisements/edit/{id}").hasAnyAuthority(Role.ROLE_RECRUITER.name()) 47 .requestMatchers("/api/job-advertisements/delete/{id}").hasAnyAuthority(Role.ROLE_RECRUITER.name()) 48 .requestMatchers("/api/applications/{id}/update").hasAnyAuthority(Role.ROLE_RECRUITER.name()) 49 .requestMatchers("/api/job-advertisements/{advertisement_id}/applications").hasAnyAuthority(Role.ROLE_RECRUITER.name()) 50 .requestMatchers("/api/applications/submit").hasAnyAuthority(Role.ROLE_JOBSEEKER.name()) 51 .requestMatchers("/api/my-applications/{id}").hasAnyAuthority(Role.ROLE_JOBSEEKER.name()) 47 52 .anyRequest().authenticated()) 48 53 .sessionManagement(manager -> manager.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
Note:
See TracChangeset
for help on using the changeset viewer.