diff --git a/MoviesWebApp/src/main/java/at/technikumwien/movies/ActorResource.java b/MoviesWebApp/src/main/java/at/technikumwien/movies/ActorResource.java index cce26e1..8f68038 100644 --- a/MoviesWebApp/src/main/java/at/technikumwien/movies/ActorResource.java +++ b/MoviesWebApp/src/main/java/at/technikumwien/movies/ActorResource.java @@ -11,7 +11,6 @@ import java.net.URI; import java.util.List; @Path("/actor") -@RolesAllowed("MoviesUserRole") public class ActorResource { @Inject private ActorsService actorsService; @@ -24,6 +23,7 @@ public class ActorResource { MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML }) + @RolesAllowed("MSRead") public List retrieveAll() { return actorsService.findAllActors(); } @@ -34,12 +34,14 @@ public class ActorResource { MediaType.APPLICATION_XML }) @Path("/{id}") + @RolesAllowed("MSRead") public Actor retrieve(@PathParam("id") long id) { return actorsService.findActorById(id); } @DELETE @Path("/{id}") + @RolesAllowed("MSWrite") public void delete(@PathParam("id") long id) { actorsService.removeActorById(id); } @@ -49,6 +51,7 @@ public class ActorResource { MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML }) + @RolesAllowed("MSWrite") public Response create(Actor actor) { actor.setId(null); // Make sure that a new actor is added, not overwriting existing one List newActors = actorsService.saveActor(List.of(actor)); @@ -63,6 +66,7 @@ public class ActorResource { MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML }) + @RolesAllowed("MSWrite") @Path("/{id}") public void update(@PathParam("id") long id, Actor actor) { actor.setId(id); diff --git a/MoviesWebApp/src/main/java/at/technikumwien/movies/ActorsService.java b/MoviesWebApp/src/main/java/at/technikumwien/movies/ActorsService.java index dbce070..45baddd 100644 --- a/MoviesWebApp/src/main/java/at/technikumwien/movies/ActorsService.java +++ b/MoviesWebApp/src/main/java/at/technikumwien/movies/ActorsService.java @@ -14,7 +14,6 @@ import java.util.logging.Logger; @Stateless @TransactionManagement(value=TransactionManagementType.CONTAINER) -@RolesAllowed("MoviesUserRole") public class ActorsService { private static final Logger LOGGER = Logger.getLogger(ActorsService.class.getName()); diff --git a/MoviesWebApp/src/main/java/at/technikumwien/movies/StudioResource.java b/MoviesWebApp/src/main/java/at/technikumwien/movies/StudioResource.java index c1dadee..bc74116 100644 --- a/MoviesWebApp/src/main/java/at/technikumwien/movies/StudioResource.java +++ b/MoviesWebApp/src/main/java/at/technikumwien/movies/StudioResource.java @@ -41,6 +41,7 @@ public class StudioResource { @DELETE @Path("/{id}") + @RolesAllowed("MSWrite") public void delete(@PathParam("id") long id) { studiosService.removeStudioById(id); } @@ -50,6 +51,7 @@ public class StudioResource { MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML }) + @RolesAllowed("MSWrite") public Response create(Studio studio) { studio.setId(null); // Make sure that a new studio is added, not overwriting existing one List newStudios = studiosService.saveStudio(List.of(studio)); @@ -65,6 +67,7 @@ public class StudioResource { MediaType.APPLICATION_XML }) @Path("/{id}") + @RolesAllowed("MSWrite") public void update(@PathParam("id") long id, Studio studio) { studio.setId(id); studiosService.saveStudio(List.of(studio)); diff --git a/MoviesWebApp/src/main/java/at/technikumwien/movies/StudiosService.java b/MoviesWebApp/src/main/java/at/technikumwien/movies/StudiosService.java index a2d1288..7c4526e 100644 --- a/MoviesWebApp/src/main/java/at/technikumwien/movies/StudiosService.java +++ b/MoviesWebApp/src/main/java/at/technikumwien/movies/StudiosService.java @@ -14,7 +14,6 @@ import java.util.logging.Logger; @Stateless @TransactionManagement(value=TransactionManagementType.CONTAINER) -@RolesAllowed("MoviesUserRole") public class StudiosService { private static final Logger LOGGER = Logger.getLogger(StudiosService.class.getName());