diff --git a/pom.xml b/pom.xml
index fa89c6f..5705802 100644
--- a/pom.xml
+++ b/pom.xml
@@ -31,21 +31,25 @@
org.springframework.boot
spring-boot-starter-security
+
+ org.springframework.boot
+ spring-boot-starter-data-jpa
+
org.springframework
spring-jdbc
-
- org.springframework.data
- spring-data-jpa
-
org.springframework
spring-beans
+
+
+ org.springframework.data
+ spring-data-jpa
- org.springframework.boot
- spring-boot-starter-data-jpa
+ org.springframework.security
+ spring-security-core
diff --git a/src/main/java/com/itdominator/api/controller/BaseController.java b/src/main/java/com/itdominator/api/controller/BaseController.java
index fbe7814..9a2eff9 100644
--- a/src/main/java/com/itdominator/api/controller/BaseController.java
+++ b/src/main/java/com/itdominator/api/controller/BaseController.java
@@ -1,38 +1,27 @@
package com.itdominator.api.controller;
-import java.util.List;
-
import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PathVariable;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RestController;
-import com.itdominator.api.dto.ThumbnailDto;
-import com.itdominator.api.dto.ThumbnailSearchCriteria;
-import com.itdominator.api.services.ThumbnailerService;
-
-import jakarta.validation.Valid;
-import jakarta.validation.constraints.Max;
-import jakarta.validation.constraints.Min;
-import jakarta.validation.constraints.Pattern;
-
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
@RestController
+@EnableMethodSecurity(securedEnabled = true, prePostEnabled = true)
@RequiredArgsConstructor
@Slf4j
@Validated
public class BaseController {
- @PreAuthorize("hashPermission('User')")
+ @PreAuthorize("hasRole('User')")
+ // @PreAuthorize("hashPermission('User')")
@GetMapping("/")
public String root() {
return "Hello, World!
";
diff --git a/src/main/java/com/itdominator/api/controller/ThumbnailerApiController.java b/src/main/java/com/itdominator/api/controller/ThumbnailerApiController.java
index c4e105a..31d450f 100644
--- a/src/main/java/com/itdominator/api/controller/ThumbnailerApiController.java
+++ b/src/main/java/com/itdominator/api/controller/ThumbnailerApiController.java
@@ -4,6 +4,7 @@ package com.itdominator.api.controller;
import java.util.List;
import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
@@ -26,6 +27,7 @@ import lombok.extern.slf4j.Slf4j;
@RestController
+@EnableMethodSecurity(securedEnabled = true, prePostEnabled = true)
@RequiredArgsConstructor
@Slf4j
@Validated
@@ -34,7 +36,7 @@ public class ThumbnailerApiController {
private final ThumbnailerService thumbnailerService;
- @PreAuthorize("hashPermission('User')")
+ @PreAuthorize("hasRole('User')")
@PostMapping("/get-thumbnail/id/{id}")
public ThumbnailDto getThumbnailById(
@PathVariable
@@ -44,7 +46,7 @@ public class ThumbnailerApiController {
return thumbnailerService.getThumbnailById(id);
}
- @PreAuthorize("hashPermission('User')")
+ @PreAuthorize("hasRole('User')")
@PostMapping("/get-thumbnail/hash/{fileHash}")
public ThumbnailDto getThumbnailByHash(
@Pattern(regexp = "[a-zA-Z0-9]{32}*$") @PathVariable("fileHash") final String fileHash
@@ -53,7 +55,7 @@ public class ThumbnailerApiController {
}
- @PreAuthorize("hashPermission('User')")
+ @PreAuthorize("hasRole('User')")
@PostMapping("/get-thumbnail")
public ThumbnailDto getThumbnailByIdOrHashQuery(
@Valid @RequestBody ThumbnailSearchCriteria criteria
@@ -61,7 +63,7 @@ public class ThumbnailerApiController {
return thumbnailerService.getThumbnailByIdOrHashQuery(criteria);
}
- @PreAuthorize("hashPermission('User') and hashPermission('Admin')")
+ @PreAuthorize("hasRole('Admin')")
@GetMapping("/get-all-thumbnails")
public List getAllThumbnails() {
return thumbnailerService.getAllThumbnails();
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index 24b7eb3..b7b6611 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -2,7 +2,7 @@ server.port=8999
spring.security.user.name=root
spring.security.user.password=toor
-spring.security.user.roles=USER
+spring.security.user.roles=User,Admin
spring.jpa.properties.hibernate.current_session_context_class=org.springframework.orm.hibernate5.SpringJtaSessionContext
diff --git a/src/main/resources/persistence.properties b/src/main/resources/persistence.properties
index 0882a79..e69de29 100644
--- a/src/main/resources/persistence.properties
+++ b/src/main/resources/persistence.properties
@@ -1,8 +0,0 @@
-driverClassName=org.sqlite.JDBC
-#url=jdbc:sqlite:memory:myDb?cache=shared
-url=jdbc:sqlite:src/main/resource/static/db/database.db?cache=shared
-username=
-password=
-spring.jpa.database-platform=org.hibernate.community.dialect.SQLiteDialect
-hibernate.hbm2ddl.auto=create-drop
-hibernate.show_sql=true