added cors config

2024-08-22 17:29:15 +05:30
parent 95dfafb876
commit 65feafca3f
6 changed files with 44 additions and 24 deletions
--- a/src/main/java/net/gepafin/tendermanagement/web/rest/api/CallApi.java
+++ b/src/main/java/net/gepafin/tendermanagement/web/rest/api/CallApi.java
@@ -13,6 +13,7 @@ import net.gepafin.tendermanagement.model.util.Response;
 import net.gepafin.tendermanagement.web.rest.api.errors.ErrorConstants;
 import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;

@@ -30,6 +31,7 @@ public interface CallApi {
                            @ExampleObject(value = ErrorConstants.BADREQUEST_ERROR_EXAMPLE) }))
            })
    @PostMapping(value = "", produces = MediaType.APPLICATION_JSON_VALUE, consumes = MediaType.APPLICATION_JSON_VALUE)
+    @PreAuthorize("hasRole('SUPER_ADMIN')")
    public ResponseEntity<Response<CreateCallResponseBean>> createCall(HttpServletRequest request,
            @Parameter(description = "Call request object", required = true)
            @Valid @RequestBody CreateCallRequest createCallRequest);
--- a/src/main/java/net/gepafin/tendermanagement/web/rest/api/RoleApi.java
+++ b/src/main/java/net/gepafin/tendermanagement/web/rest/api/RoleApi.java
@@ -21,7 +21,7 @@ import java.util.List;
@Validated
 public interface RoleApi {

-    @Operation(summary = "API to create role",
+    @Operation(summary = "Api to create role",
            responses = {
                    @ApiResponse(responseCode = "200", description = "OK"),
                    @ApiResponse(responseCode = "404", description = "Not Found", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = {
@@ -36,7 +36,7 @@ public interface RoleApi {
            @Parameter(description = " Role request object", required = true) @Valid @RequestBody RoleReq roleReq);


-    @Operation(summary = "API to update role",
+    @Operation(summary = "Api to update role",
            responses = {
                    @ApiResponse(responseCode = "200", description = "OK"),
                    @ApiResponse(responseCode = "404", description = "Not Found", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = {
@@ -51,7 +51,7 @@ public interface RoleApi {
            @Parameter(description = "The role ID", required = true) @PathVariable("roleId") Long roleId,
            @Parameter(description = "Role request object", required = true) @Valid @RequestBody RoleReq roleReq);

-    @Operation(summary = "API to get role by id",
+    @Operation(summary = "Api to get role by id",
            responses = {
                    @ApiResponse(responseCode = "200", description = "OK"),
                    @ApiResponse(responseCode = "404", description = "Not Found", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = {
@@ -65,7 +65,7 @@ public interface RoleApi {
    ResponseEntity<Response<RoleEntity>> getRoleById(
            @Parameter(description = "The role ID", required = true) @PathVariable("roleId") Long roleId);

-    @Operation(summary = "API to get all roles",
+    @Operation(summary = "Api to get all roles",
            responses = {
                    @ApiResponse(responseCode = "200", description = "OK"),
                    @ApiResponse(responseCode = "404", description = "Not Found", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = {
@@ -78,7 +78,7 @@ public interface RoleApi {
            produces = { "application/json" })
    ResponseEntity<Response<List<RoleResponseBean>>> getAllRoles();

-    @Operation(summary = "API to delete role",
+    @Operation(summary = "Api to delete role",
            responses = {
                    @ApiResponse(responseCode = "200", description = "OK"),
                    @ApiResponse(responseCode = "404", description = "Not Found", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = {
--- a/src/main/java/net/gepafin/tendermanagement/web/rest/api/errors/GlobalExceptionHandler.java
+++ b/src/main/java/net/gepafin/tendermanagement/web/rest/api/errors/GlobalExceptionHandler.java
@@ -16,6 +16,7 @@ import org.springframework.web.bind.annotation.ResponseBody;
 import org.springframework.web.bind.annotation.ResponseStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.authentication.BadCredentialsException;
+import org.springframework.security.authorization.AuthorizationDeniedException;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.validation.FieldError;
 import org.springframework.validation.ObjectError;
@@ -59,7 +60,7 @@ public class GlobalExceptionHandler {
    }

    @ResponseStatus(value = HttpStatus.UNAUTHORIZED)
-    @ExceptionHandler(UnauthorizedAccessException.class)
+    @ExceptionHandler({ UnauthorizedAccessException.class, AuthorizationDeniedException.class })
    @ResponseBody
    public Response<Object> unauthorizedAccessException(final Throwable ex) {
        log.error(ex.getMessage());