Commit d369b250 authored by Matija Obreza's avatar Matija Obreza
Browse files

Authorize content actions

parent a40766b8
......@@ -36,6 +36,7 @@ import org.springframework.data.domain.Page;
import org.springframework.data.domain.PageRequest;
import org.springframework.data.domain.Pageable;
import org.springframework.data.domain.Sort.Direction;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
......@@ -98,6 +99,7 @@ public class ContentServiceImpl implements ContentService {
*/
@Override
@Transactional(readOnly = false)
@PreAuthorize("hasRole('ADMINISTRATOR')")
public Article updateArticle(EntityId entity, String slug, String title, String body, Locale locale) {
// return
// articleRepository.findByClassPkAndTargetIdAndSlugAndLang(getClassPk(clazz),
......@@ -107,6 +109,7 @@ public class ContentServiceImpl implements ContentService {
@Override
@Transactional(readOnly = false)
@PreAuthorize("hasRole('ADMINISTRATOR')")
public Article updateArticle(Class<?> clazz, Long id, String slug, String title, String body, Locale locale) {
Article article = getArticle(clazz, id, slug, locale);
if (article == null || article.getLang() != locale.getLanguage()) {
......@@ -126,6 +129,7 @@ public class ContentServiceImpl implements ContentService {
@Override
@Transactional(readOnly=false)
@PreAuthorize("hasRole('ADMINISTRATOR')")
public Article updateArticle(long id, String title, String body) {
Article article = articleRepository.findOne(id);
article.setTitle(title);
......@@ -165,6 +169,7 @@ public class ContentServiceImpl implements ContentService {
*/
@Override
@Transactional(readOnly = false)
@PreAuthorize("hasRole('ADMINISTRATOR')")
public ActivityPost createActivityPost(String title, String body) {
ActivityPost newPost = new ActivityPost();
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment