Fix access control: HAS_AUTH_READ_TARGET -> IS_CONTROLLER or HAS_AUTH_READ_TARGET (shall be accessibly by targets when confirmation base is requested) Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
This commit is contained in:
@@ -61,7 +61,8 @@ public interface ConfirmationManagement {
|
|||||||
* @return instance of {@link AutoConfirmationStatus} wrapped in an
|
* @return instance of {@link AutoConfirmationStatus} wrapped in an
|
||||||
* {@link Optional}. Present if active and empty if disabled.
|
* {@link Optional}. Present if active and empty if disabled.
|
||||||
*/
|
*/
|
||||||
@PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_READ_TARGET)
|
@PreAuthorize(SpPermission.SpringEvalExpressions.IS_CONTROLLER + SpPermission.SpringEvalExpressions.HAS_AUTH_OR +
|
||||||
|
SpPermission.SpringEvalExpressions.HAS_AUTH_READ_TARGET)
|
||||||
Optional<AutoConfirmationStatus> getStatus(@NotEmpty String controllerId);
|
Optional<AutoConfirmationStatus> getStatus(@NotEmpty String controllerId);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
Reference in New Issue
Block a user