Package eu.rarogsoftware.rarog.platform.api.security

Annotation Interface AdminOnly

@Target({METHOD,TYPE})
@Retention(RUNTIME)
@Inherited
@Documented
@PreAuthorize("hasAuthority(\'ROLE_ADMIN\')")
public @interface AdminOnly

Enforces access restriction to endpoint(s) to users with role admin.

It enforce role requirements with PreAuthorize using Spring login and documents this behaviour with SecurityRequirement for OpenAPI.

Code annotated with AdminOnly

          @GetMapping("test")
          @AdminOnly
          ResponseEntity testMethod()
     

is equivalent of code annotated with both PreAuthorize and SecurityRequirement

          @GetMapping("test")
          @PreAuthorize("hasRole('ROLE_ADMIN')")
          @SecurityRequirement(name = "admin")
          ResponseEntity testMethod()