From a9061f4d9b3a7820b9b13f46570259a262623f0d Mon Sep 17 00:00:00 2001
From: jleroy <johan.leroy2023@campus-eni.fr>
Date: Wed, 24 Apr 2024 09:37:33 +0200
Subject: [PATCH] patch web security

---
 src/main/java/fr/eni/enchere/security/WebSecurityConfig.java | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/main/java/fr/eni/enchere/security/WebSecurityConfig.java b/src/main/java/fr/eni/enchere/security/WebSecurityConfig.java
index 076a4fd..d08bf58 100644
--- a/src/main/java/fr/eni/enchere/security/WebSecurityConfig.java
+++ b/src/main/java/fr/eni/enchere/security/WebSecurityConfig.java
@@ -17,9 +17,9 @@ public class WebSecurityConfig{
     public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
         http.authorizeHttpRequests((requests) -> requests
                         .requestMatchers("/", "/accueil").permitAll()
-                        .requestMatchers("/accueil", "/login", "/inscription/**", "/searchArticle", "/article/**", "/change-language", "/profile/**").permitAll()
+                        .requestMatchers("/accueil", "/login", "/inscription/**", "/searchArticle", "/article/**", "/change-language").permitAll()
                         .requestMatchers("/css/**", "/images/**", "/assets/**", "/img/**", "/js/**").permitAll()
-                        .requestMatchers("/profile/**").authenticated()
+                        .requestMatchers("/profil/**", "/article/new/**", "/article/update", "/article/delete").authenticated()
                         .requestMatchers("/admin").hasRole("ADMIN")
                         .anyRequest().authenticated())
                 .formLogin((form) -> form.loginPage("/login").defaultSuccessUrl("/", true))