neviyn/booru
1
0
Fork 0
Code Issues Releases Activity

Moved @Secured to the class level for MemberController & UploadController

Browse Source
This commit is contained in:
neviyn 2021-05-13 19:55:17 +01:00
parent 6025642bbb
commit a97df591a7
1 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/main/kotlin/uk/co/neviyn/booru/Controller.kt
View File

@ -172,6 +172,7 @@ class ImageController
@Controller @Controller
@RequestMapping("/user") @RequestMapping("/user")
@Secured
class MemberController class MemberController
@Autowired constructor( @Autowired constructor(
val memberRepository: MemberRepository val memberRepository: MemberRepository
@ -186,7 +187,6 @@ class MemberController
} }
@PostMapping @PostMapping
@Secured
fun updateLoggedInUser(@Valid @ModelAttribute userData: DisplayUser, @AuthenticationPrincipal userDetails: CustomUserDetails, model: Model): String { fun updateLoggedInUser(@Valid @ModelAttribute userData: DisplayUser, @AuthenticationPrincipal userDetails: CustomUserDetails, model: Model): String {
if (userData.id == userDetails.getId() && passwordEncoder().matches(userData.oldPassword, userDetails.password)) { if (userData.id == userDetails.getId() && passwordEncoder().matches(userData.oldPassword, userDetails.password)) {
val user = memberRepository.findById(userDetails.getId()).get() val user = memberRepository.findById(userDetails.getId()).get()
@ -205,6 +205,7 @@ class MemberController
@Controller @Controller
@RequestMapping("/upload") @RequestMapping("/upload")
@Secured
class UploadController class UploadController
@Autowired constructor( @Autowired constructor(
val imageRepository: ImageRepository, val imageRepository: ImageRepository,
@ -221,7 +222,6 @@ class UploadController
} }
@PostMapping @PostMapping
@Secured
fun uploadFile( fun uploadFile(
@AuthenticationPrincipal userDetails: CustomUserDetails, @AuthenticationPrincipal userDetails: CustomUserDetails,
@RequestParam file: MultipartFile, @RequestParam file: MultipartFile,
@ -240,7 +240,6 @@ class UploadController
} }
@DeleteMapping("/d/{imageID}") @DeleteMapping("/d/{imageID}")
@Secured
@Transactional @Transactional
fun deleteUpload(@PathVariable imageID: Long, @AuthenticationPrincipal userDetails: CustomUserDetails): String { fun deleteUpload(@PathVariable imageID: Long, @AuthenticationPrincipal userDetails: CustomUserDetails): String {
val target = imageRepository.findById(imageID) val target = imageRepository.findById(imageID)