Move couple of classes to services

Improve label security.

wise-webapp/src/main/java/com/wisemapping/config/MethodSecurityConfig.java

@@ -12,7 +12,6 @@ import org.springframework.security.config.annotation.method.configuration.Enabl
 
 @Configuration
 @EnableMethodSecurity(
-        prePostEnabled = true,
         securedEnabled = true,
         jsr250Enabled = true)
 public class MethodSecurityConfig  {

wise-webapp/src/main/java/com/wisemapping/service/LabelServiceImpl.java

@@ -24,6 +24,7 @@ import com.wisemapping.model.User;
 import org.jetbrains.annotations.NotNull;
 import org.jetbrains.annotations.Nullable;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Propagation;
 import org.springframework.transaction.annotation.Transactional;
@@ -38,7 +39,8 @@ public class LabelServiceImpl implements LabelService {
     private LabelManager labelManager;
 
     @Override
-    public void addLabel(@NotNull final Label label, @NotNull final User user) throws WiseMappingException {
+    @PreAuthorize("hasAnyRole('USER', 'ADMIN') && hasPermission(#user, 'WRITE')")
+    public void addLabel(@NotNull final Label label, @NotNull final User user) {
 
         label.setCreator(user);
         labelManager.addLabel(label);
@@ -46,22 +48,26 @@ public class LabelServiceImpl implements LabelService {
 
     @NotNull
     @Override
+    @PreAuthorize("hasAnyRole('USER', 'ADMIN') && hasPermission(#user, 'READ')")
     public List<Label> getAll(@NotNull final User user) {
         return labelManager.getAllLabels(user);
     }
 
-    @Override @Nullable
+    @Override
+    @PreAuthorize("hasAnyRole('USER', 'ADMIN') && hasPermission(#user, 'READ')")
     public Label findLabelById(int id, @NotNull final User user) {
         return labelManager.getLabelById(id, user);
     }
 
     @Nullable
     @Override
+    @PreAuthorize("hasAnyRole('USER', 'ADMIN') && hasPermission(#user, 'READ')")
     public Label getLabelByTitle(@NotNull String title, @NotNull final User user) {
         return labelManager.getLabelByTitle(title, user);
     }
 
     @Override
+    @PreAuthorize("hasAnyRole('USER', 'ADMIN') && hasPermission(#user, 'WRITE')")
     public void removeLabel(@NotNull Label label, @NotNull User user) throws WiseMappingException {
         if (label.getCreator().equals(user)) {
             labelManager.removeLabel(label);

wise-webapp/src/main/java/com/wisemapping/service/RecaptchaService.java

@@ -29,21 +29,27 @@ import org.apache.http.client.fluent.Request;
 import org.jetbrains.annotations.Nullable;
 
 import jakarta.validation.constraints.NotNull;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Service;
+
 import java.io.IOException;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 
-
+@Service
 public class RecaptchaService {
 
     final private static Logger logger = LogManager.getLogger();
+
     final private static String GOOGLE_RECAPTCHA_VERIFY_URL =
             "https://www.google.com/recaptcha/api/siteverify";
 
     private final static ObjectMapper objectMapper = new ObjectMapper();
     public static final String CATCH_ERROR_CODE_TIMEOUT_OR_DUPLICATE = "timeout-or-duplicate";
     public static final String CATCHA_ERROR_CODE_INPUT_RESPONSE = "invalid-input-response";
+
+    @Value("${google.recaptcha2.secretKey}")
     private String recaptchaSecret;
 
     @Nullable

wise-webapp/src/main/java/com/wisemapping/util/VelocityEngineWrapper.java

@@ -21,7 +21,9 @@ import org.apache.commons.collections.ExtendedProperties;
 import org.apache.velocity.app.VelocityEngine;
 import org.apache.velocity.runtime.RuntimeConstants;
 import org.jetbrains.annotations.NotNull;
+import org.springframework.stereotype.Component;
 
+@Component
 public class VelocityEngineWrapper {
     private final VelocityEngine velocityEngine;