Skip to content

Commit 01c27ba

Browse files
bprize15bprize15
committed
fix security config for sample endpoint
1 parent 609c411 commit 01c27ba

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

src/main/java/org/mskcc/cbio/oncokb/config/SecurityConfiguration.java

+1-1
Original file line numberDiff line numberDiff line change
@@ -96,6 +96,7 @@ public void configure(HttpSecurity http) throws Exception {
9696
.antMatchers("/api/v1/v2/api-docs").permitAll()
9797
.antMatchers("/api/private/utils/data/**").hasAnyAuthority(AuthoritiesConstants.DATA_DOWNLOAD)
9898

99+
.antMatchers("/api/v1/annotate/sample").hasAnyAuthority(AuthoritiesConstants.PREMIUM_USER, AuthoritiesConstants.ADMIN) // Order matters here
99100
.antMatchers("/api/v1/annotate/**").hasAnyAuthority(AuthoritiesConstants.API, AuthoritiesConstants.ROLE_SERVICE_ACCOUNT)
100101

101102
.antMatchers("/api/v1/genes/lookup").hasAnyAuthority(AuthoritiesConstants.PUBLIC_WEBSITE, AuthoritiesConstants.USER, AuthoritiesConstants.ADMIN)
@@ -110,7 +111,6 @@ public void configure(HttpSecurity http) throws Exception {
110111
.antMatchers("/api/v1/utils/cancerGeneList.json").permitAll()
111112

112113
.antMatchers("/api/v1/annotation/search").hasAnyAuthority(AuthoritiesConstants.PREMIUM_USER, AuthoritiesConstants.ADMIN)
113-
.antMatchers("/api/v1/annotation/sample").hasAnyAuthority(AuthoritiesConstants.PREMIUM_USER, AuthoritiesConstants.ADMIN)
114114
.antMatchers("/api/v1/drugs").hasAnyAuthority(AuthoritiesConstants.PREMIUM_USER, AuthoritiesConstants.ADMIN)
115115
.antMatchers("/api/v1/utils/allActionableVariants").hasAnyAuthority(AuthoritiesConstants.PREMIUM_USER, AuthoritiesConstants.ADMIN)
116116
.antMatchers("/api/v1/utils/allActionableVariants.txt").hasAnyAuthority(AuthoritiesConstants.PREMIUM_USER, AuthoritiesConstants.ADMIN)

0 commit comments

Comments
 (0)