Clean up.
This commit is contained in:
@@ -1,39 +0,0 @@
|
||||
/*
|
||||
* Copyright [2022] [wisemapping]
|
||||
*
|
||||
* Licensed under WiseMapping Public License, Version 1.0 (the "License").
|
||||
* It is basically the Apache License, Version 2.0 (the "License") plus the
|
||||
* "powered by wisemapping" text requirement on every single page;
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the license at
|
||||
*
|
||||
* http://www.wisemapping.org/license
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package com.wisemapping.config.rest;
|
||||
|
||||
import com.wisemapping.filter.RequestPropertiesInterceptor;
|
||||
import org.jetbrains.annotations.NotNull;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.ComponentScan;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
|
||||
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
|
||||
|
||||
@Configuration
|
||||
@ComponentScan(basePackageClasses = RequestPropertiesInterceptor.class)
|
||||
public class InterceptorsConfig implements WebMvcConfigurer {
|
||||
@Autowired
|
||||
private RequestPropertiesInterceptor requestPropertiesInterceptor;
|
||||
|
||||
@Override
|
||||
public void addInterceptors(@NotNull final InterceptorRegistry registry) {
|
||||
registry.addInterceptor(requestPropertiesInterceptor);
|
||||
}
|
||||
|
||||
}
|
@@ -8,7 +8,6 @@ import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.boot.autoconfigure.SpringBootApplication;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Import;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
|
||||
@@ -21,8 +20,7 @@ import org.springframework.web.servlet.handler.HandlerMappingIntrospector;
|
||||
import static org.springframework.security.config.Customizer.withDefaults;
|
||||
|
||||
|
||||
@SpringBootApplication(scanBasePackageClasses = MindmapController.class)
|
||||
@Import({InterceptorsConfig.class})
|
||||
@SpringBootApplication(scanBasePackageClasses = {MindmapController.class, JwtAuthenticationFilter.class})
|
||||
@EnableWebSecurity
|
||||
public class RestAppConfig {
|
||||
|
||||
@@ -43,12 +41,13 @@ public class RestAppConfig {
|
||||
.securityMatcher("/**")
|
||||
.addFilterAfter(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class)
|
||||
.authorizeHttpRequests(auth -> auth
|
||||
.requestMatchers(mvc.pattern("/error")).permitAll()
|
||||
.requestMatchers(mvc.pattern("/api/restful/authenticate")).permitAll()
|
||||
.requestMatchers(mvc.pattern("/api/restful/users/")).permitAll()
|
||||
.requestMatchers(mvc.pattern("/api/restful/maps/*/document/xml-pub")).permitAll()
|
||||
.requestMatchers(mvc.pattern("/api/restful/users/resetPassword")).permitAll()
|
||||
.requestMatchers(mvc.pattern("/api/restful/oauth2/googlecallback")).permitAll()
|
||||
.requestMatchers(mvc.pattern("/api/restful/oauth2/confirmaccountsync")).permitAll()
|
||||
.requestMatchers(mvc.pattern("/api/oauth2/googlecallback")).permitAll()
|
||||
.requestMatchers(mvc.pattern("/api/oauth2/confirmaccountsync")).permitAll()
|
||||
.requestMatchers(mvc.pattern("/api/restful/admin/**")).hasAnyRole("ADMIN")
|
||||
.requestMatchers(mvc.pattern("/**")).hasAnyRole("USER", "ADMIN")
|
||||
.anyRequest().authenticated()
|
||||
|
Reference in New Issue
Block a user