Updating Intersection and Report Controllers to use new auth tags

CDOT-CV · Jul 16, 2024 · 332201b · 332201b
1 parent b60141d
commit 332201b
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 5 deletions.
diff --git a/...sualizer-api/src/main/java/us/dot/its/jpo/ode/api/controllers/IntersectionController.java b/...sualizer-api/src/main/java/us/dot/its/jpo/ode/api/controllers/IntersectionController.java
@@ -23,7 +23,7 @@ public class IntersectionController {
 
     @CrossOrigin(origins = "http://localhost:3000")
     @RequestMapping(value = "/intersection/list", method = RequestMethod.GET, produces = "application/json")
-    @PreAuthorize("hasRole('USER') || hasRole('ADMIN')")
+    @PreAuthorize("@PermissionService.hasRole('USER') || @PermissionService.hasRole('ADMIN')")
     public ResponseEntity<List<IntersectionReferenceData>> getIntersections(
             @RequestParam(name = "test", required = false, defaultValue = "false") boolean testData) {
 
@@ -46,7 +46,7 @@ public ResponseEntity<List<IntersectionReferenceData>> getIntersections(
 
     @CrossOrigin(origins = "http://localhost:3000")
     @RequestMapping(value = "/intersection/list/location", method = RequestMethod.GET, produces = "application/json")
-    @PreAuthorize("hasRole('USER') || hasRole('ADMIN')")
+    @PreAuthorize("@PermissionService.hasRole('USER') || @PermissionService.hasRole('ADMIN')")
     public ResponseEntity<List<IntersectionReferenceData>> getIntersectionsByLocation(
             @RequestParam(name = "longitude", required = true, defaultValue = "false") Double longitude,
             @RequestParam(name = "latitude", required = true, defaultValue = "false") Double latitude,

diff --git a/...lictvisualizer-api/src/main/java/us/dot/its/jpo/ode/api/controllers/ReportController.java b/...lictvisualizer-api/src/main/java/us/dot/its/jpo/ode/api/controllers/ReportController.java
@@ -44,7 +44,7 @@ public String getCurrentTime() {
 
     @CrossOrigin(origins = "http://localhost:3000")
     @RequestMapping(value = "/reports/generate", method = RequestMethod.GET, produces = "application/octet-stream")
-    @PreAuthorize("hasRole('USER') || hasRole('ADMIN')")
+    @PreAuthorize("@PermissionService.hasIntersection(#intersectionID) and (@PermissionService.hasRole('USER') || @PermissionService.hasRole('ADMIN'))")
     public byte[] generateReport(
             @RequestParam(name = "intersection_id", required = true) int intersectionID,
             @RequestParam(name = "road_regulator_id", required = false) Integer roadRegulatorID,
@@ -64,7 +64,7 @@ public byte[] generateReport(
 
     @CrossOrigin(origins = "http://localhost:3000")
     @RequestMapping(value = "/reports/list", method = RequestMethod.GET, produces = "application/json")
-    @PreAuthorize("hasRole('USER') || hasRole('ADMIN')")
+    @PreAuthorize("@PermissionService.hasRole('USER') || @PermissionService.hasRole('ADMIN')")
     public ResponseEntity<List<ReportDocument>> listReports(
             @RequestParam(name = "report_name", required = false) String reportName,
             @RequestParam(name = "intersection_id", required = false) int intersectionID,
@@ -88,7 +88,7 @@ public ResponseEntity<List<ReportDocument>> listReports(
 
     @CrossOrigin(origins = "http://localhost:3000")
     @RequestMapping(value = "/reports/download", method = RequestMethod.GET, produces = "application/octet-stream")
-    @PreAuthorize("hasRole('USER') || hasRole('ADMIN')")
+    @PreAuthorize("@PermissionService.hasRole('USER') || @PermissionService.hasRole('ADMIN')")
     public ResponseEntity<byte[]> downloadReport(
             @RequestParam(name = "report_name", required = true) String reportName) {