Commit 58864c69 authored by Matija Obreza's avatar Matija Obreza

Spring security: principal.id == #userId

- Principal is BasicUser<>, we can access #id directly
parent 17db3ff2
......@@ -46,7 +46,7 @@ public interface UserService extends BasicUserService<UserRole, User> {
UserWrapper getWrappedById(long userId) throws UserException;
@PreAuthorize("hasRole('ADMINISTRATOR') || principal.user.id == #userId")
@PreAuthorize("hasRole('ADMINISTRATOR') || principal.id == #userId")
User updateData(long userId, String name, String email) throws UserException;
User getSystemUser(String string);
......
......@@ -189,7 +189,7 @@ public class UserServiceImpl extends BasicUserServiceImpl<UserRole, User> implem
}
@Override
@PreAuthorize("hasRole('ADMINISTRATOR') || principal.user.id == #userId")
@PreAuthorize("hasRole('ADMINISTRATOR') || principal.id == #userId")
@Transactional(readOnly = false, rollbackFor = NotUniqueUserException.class)
public User updateData(long userId, String name, String email) throws UserException {
final User user = userRepository.findOne(userId);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment