From c3d889c92d8eacfd93bab2dbc2e9a4db61d9aae7 Mon Sep 17 00:00:00 2001
From: Vitaly Takmazov
Date: Fri, 20 Mar 2020 15:18:29 +0300
Subject: enable spring boot actuator for admin users

---
 src/main/java/com/juick/server/configuration/SecurityConfig.java | 1 +
 1 file changed, 1 insertion(+)

(limited to 'src/main/java/com/juick/server')

diff --git a/src/main/java/com/juick/server/configuration/SecurityConfig.java b/src/main/java/com/juick/server/configuration/SecurityConfig.java
index 2713cc56..23a41e11 100644
--- a/src/main/java/com/juick/server/configuration/SecurityConfig.java
+++ b/src/main/java/com/juick/server/configuration/SecurityConfig.java
@@ -189,6 +189,7 @@ public class SecurityConfig {
                     .authorizeRequests()
                     .antMatchers("/settings", "/pm/**", "/**/bl", "/_twitter", "/post", "/post2", "/comment")
                     .authenticated()
+                    .antMatchers("/actuator/**").hasRole("ADMIN")
                     .anyRequest().permitAll()
                     .and()
                     .anonymous().principal(JuickUser.ANONYMOUS_USER).authorities(JuickUser.ANONYMOUS_AUTHORITY)
-- 
cgit v1.2.3