more security on endpoint

2025-07-16 12:45:44 +02:00
parent 682de82447
commit 2a13daaf30
2 changed files with 8 additions and 3 deletions
--- a/src/main/java/fr/eni/demo/security/SecurityConfig.java
+++ b/src/main/java/fr/eni/demo/security/SecurityConfig.java
@@ -38,6 +38,11 @@ public class SecurityConfig {
                .authorizeHttpRequests(auth -> auth
                        .requestMatchers("/api/auth/login").permitAll()
                        .requestMatchers("/api/clients/**").hasRole("EMPLOYE")
+                        .requestMatchers("/api/address/**").hasRole("EMPLOYE")
+                        .requestMatchers("/api/facture/**").hasRole("EMPLOYE")
+                        .requestMatchers("/api/gametype/**").hasRole("EMPLOYE")
+                        .requestMatchers("/api/location/**").hasRole("EMPLOYE")
+                        .requestMatchers("/api/stock/search/**").permitAll()
                        .anyRequest().authenticated()
                )
                .sessionManagement(sess -> sess.sessionCreationPolicy(SessionCreationPolicy.STATELESS))