Fix missuse of system admin permission.

Signed-off-by: kaizimmerm <kai.zimmermann@bosch-si.com>
This commit is contained in:
kaizimmerm
2017-05-18 15:46:39 +02:00
parent 21fca55b0e
commit aefa6a3c81
3 changed files with 4 additions and 12 deletions

View File

@@ -60,7 +60,7 @@ public interface SystemManagement {
* @param consumer
* to run as teanant
*/
@PreAuthorize(SpringEvalExpressions.HAS_AUTH_SYSTEM_ADMIN)
@PreAuthorize(SpringEvalExpressions.IS_SYSTEM_CODE)
void forEachTenant(Consumer<String> consumer);
/**

View File

@@ -24,10 +24,11 @@ public interface TenantStatsManagement {
*
* @return collected statistics
*/
@PreAuthorize(SpringEvalExpressions.HAS_AUTH_READ_REPOSITORY + SpringEvalExpressions.HAS_AUTH_OR
@PreAuthorize(SpringEvalExpressions.HAS_AUTH_SYSTEM_ADMIN + SpringEvalExpressions.HAS_AUTH_OR
+ SpringEvalExpressions.HAS_AUTH_READ_REPOSITORY + SpringEvalExpressions.HAS_AUTH_OR
+ SpringEvalExpressions.HAS_AUTH_READ_TARGET + SpringEvalExpressions.HAS_AUTH_OR
+ SpringEvalExpressions.HAS_AUTH_TENANT_CONFIGURATION + SpringEvalExpressions.HAS_AUTH_OR
+ SpringEvalExpressions.IS_SYSTEM_CODE)
TenantUsage getStatsOfTenant();
}
}