byte/expensetracker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Encapsulated methods that are allowed only for admins. Removed ability to add new user, new user must be registered using auth.

Browse Source
This commit is contained in:
Dmitrii Cravcenco
2023-10-07 10:18:02 +03:00
parent 128a1fabc1
commit 19ac92f268
6 changed files with 31 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/main/java/com/faf223/expensetrackerfaf/controller/IncomeController.java
View File

@@ -6,8 +6,8 @@ import com.faf223.expensetrackerfaf.dto.mappers.IncomeMapper;
import com.faf223.expensetrackerfaf.model.Income;
import com.faf223.expensetrackerfaf.service.IncomeService;
import lombok.RequiredArgsConstructor;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.validation.BindingResult;
import org.springframework.web.bind.annotation.*;
@@ -23,6 +23,7 @@ public class IncomeController {
private final IncomeMapper incomeMapper;
@GetMapping()
@PreAuthorize("hasRole('ADMIN')")
public ResponseEntity<List<IncomeDTO>> getAllIncomes() {
List<IncomeDTO> incomes = incomeService.getIncomes().stream().map(incomeMapper::toDto).collect(Collectors.toList());
if (!incomes.isEmpty()) return ResponseEntity.ok(incomes);