switch must read default resource access to true #EA-3815

europeana · Apr 29, 2024 · 401ef0f · 401ef0f
1 parent bbe80b2
commit 401ef0f
Showing 1 changed file with 20 additions and 20 deletions.
diff --git a/...rc/main/java/eu/europeana/api/commons/service/authorization/BaseAuthorizationService.java b/...rc/main/java/eu/europeana/api/commons/service/authorization/BaseAuthorizationService.java
@@ -133,15 +133,6 @@ private Authentication authorizeReadByJwtToken(HttpServletRequest request)
     return authentication;
   }
 
-  /**
-   * Indicate if the resource access needs to be verified for read operations (e.g. private user sets)
-   * @return true if the resourceAceess field needs to be processed for read access
-   */
-  protected  boolean mustVerifyResourceAccessForRead() {
-    return false;
-  }
-
-
   /*
    * (non-Javadoc)
    *
@@ -287,17 +278,6 @@ private boolean isOperationAuthorized(String operation, List<GrantedAuthority> a
     return false;
   }
 
-  /**
-   * Method to indicate if the resource access (i.e. user has the role which grants permissions for the operation) is required.
-   * Client authentication is mandatory, but apis might grant access to all users if the token is valid
-   * Api should overwrite this method in order to disable resource access verification
-   *
-   * @return true if the resource access needs to be verified
-   */
-  protected boolean isResourceAccessVerificationRequired(String operation) {
-    return true;
-  }
-
   /**
    * Check if a write lock is in effect. Returns HttpStatus.LOCKED in case the write lock is active.
    * To be used for preventing access to the write operations when the application is locked Needs
@@ -341,6 +321,26 @@ protected boolean isMaintenanceOperation(String operationName) {
     return getMaintenanceOperations().contains(operationName);
   }
 
+  /**
+   * Indicate if the resource access needs to be verified for read operations. This indicates if the resourceAccess is available in jwt tokens used for the current API
+   * Default is true.
+   * @return true if the resourceAceess field needs to be processed for read access
+   */
+  protected  boolean mustVerifyResourceAccessForRead() {
+    return true;
+  }
+
+  /**
+   * Method to indicate if the resource access (i.e. user has the role which grants permissions for the operation) is required.
+   * Client authentication is mandatory, but apis might grant access to all users if the token is valid
+   * Api should overwrite this method in order to disable resource access verification
+   *
+   * @return true if the resource access needs to be verified
+   */
+  protected boolean isResourceAccessVerificationRequired(String operation) {
+    return true;
+  }
+
   /**
    * Returns the list of
    *