Skip to content

Commit

Permalink
showing "add owner" button only to admin (it is done by using url access
Browse files Browse the repository at this point in the history 
control -easier than with roles-)
  • Loading branch information
@cmullercejas
cmullercejas committed Feb 6, 2020
1 parent 2e54ddb commit 6c0790e
Show file tree
Hide file tree
Showing 2 changed files with 41 additions and 34 deletions.
1 change: 1 addition & 0 deletions src/main/java/org/springframework/samples/petclinic/configuration/SecurityConfiguration.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,7 @@ protected void configure(HttpSecurity http) throws Exception {
.antMatchers("/resources/**","/webjars/**","/h2-console/**").permitAll()
.antMatchers(HttpMethod.GET, "/","/oups").permitAll()
.antMatchers("/users/new").permitAll()
.antMatchers("/admin/**").hasAnyAuthority("admin")
.antMatchers("/owners/**").hasAnyAuthority("owner","admin")
.antMatchers("/vets/**").authenticated()
.anyRequest().denyAll()
Expand Down
74 changes: 40 additions & 34 deletions src/main/webapp/WEB-INF/jsp/owners/findOwners.jsp
View file
Original file line number Diff line number Diff line change
@@ -1,34 +1,40 @@
<%@ page session="false" trimDirectiveWhitespaces="true" %>
<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt" %>
<%@ taglib prefix="form" uri="http://www.springframework.org/tags/form" %>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
<%@ taglib prefix="petclinic" tagdir="/WEB-INF/tags" %>

<petclinic:layout pageName="owners">

<h2>Find Owners</h2>


<form:form modelAttribute="owner" action="/owners" method="get" class="form-horizontal"
id="search-owner-form">
<div class="form-group">
<div class="control-group" id="lastName">
<label class="col-sm-2 control-label">Last name </label>
<div class="col-sm-10">
<form:input class="form-control" path="lastName" size="30" maxlength="80"/>
<span class="help-inline"><form:errors path="*"/></span>
</div>
</div>
</div>
<div class="form-group">
<div class="col-sm-offset-2 col-sm-10">
<button type="submit" class="btn btn-default">Find Owner</button>
</div>
</div>

</form:form>

<br/>
<a class="btn btn-default" href='<spring:url value="/owners/new" htmlEscape="true"/>'>Add Owner</a>
</petclinic:layout>
<%@ page session="false" trimDirectiveWhitespaces="true" %>
<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt" %>
<%@ taglib prefix="form" uri="http://www.springframework.org/tags/form" %>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
<%@ taglib prefix="petclinic" tagdir="/WEB-INF/tags" %>
<%@ taglib prefix="sec"
uri="http://www.springframework.org/security/tags"%>
<!-- >%@ taglib prefix="sec" uri="http://www.springframework.org/security/tags"%-->

<petclinic:layout pageName="owners">

<h2>Find Owners</h2>


<form:form modelAttribute="owner" action="/owners" method="get" class="form-horizontal"
id="search-owner-form">
<div class="form-group">
<div class="control-group" id="lastName">
<label class="col-sm-2 control-label">Last name </label>
<div class="col-sm-10">
<form:input class="form-control" path="lastName" size="30" maxlength="80"/>
<span class="help-inline"><form:errors path="*"/></span>
</div>
</div>
</div>
<div class="form-group">
<div class="col-sm-offset-2 col-sm-10">
<button type="submit" class="btn btn-default">Find Owner</button>
</div>
</div>

</form:form>

<br/>
<sec:authorize url="/admin">
<a class="btn btn-default" href='<spring:url value="/owners/new" htmlEscape="true"/>'>Add Owner</a>
</sec:authorize>

</petclinic:layout>

0 comments on commit 6c0790e

Please sign in to comment.