changes for uri check

a31038cb · shishir suman · edea9692 · a31038cb · a31038cb
Commit a31038cb authored 1 year ago by shishir suman
Hide whitespace changes
Inline Side-by-side

Showing

with 25 additions and 2 deletions
+25 -2
--- a/src/main/java/com/tarento/upsmf/examsAndAdmissions/util/AccessTokenValidator.java
+++ b/src/main/java/com/tarento/upsmf/examsAndAdmissions/util/AccessTokenValidator.java
@@ -37,6 +37,12 @@ public class AccessTokenValidator {
 	@Value("${admin.allowed.endpoints}")
 	private String adminAllowedEndpoints;

+	@Value("${institute.allowed.endpoints}")
+	private String instituteAllowedEndpoints;
+
+	@Value("${student.allowed.endpoints}")
+	private String studentAllowedEndpoints;
+
 	@Value("${user.roles}")
 	private String userRoles;

@@ -76,13 +82,28 @@ public class AccessTokenValidator {
 		log.debug("Role matched - {}", roleMatches);
 		if(roleMatches) {
 			log.info("Role matched for userId - {}", userId);
-			boolean isAdmin = roles.stream().anyMatch(x -> "admin".contains(x.toLowerCase()));
+			boolean isAdmin = roles.stream().anyMatch(x -> "exams_admin".equalsIgnoreCase(x));
+			boolean isSuperAdmin = roles.stream().anyMatch(x -> "admin_superadmin".equalsIgnoreCase(x));
 			if(isAdmin) {
 				List<String> adminEndpoints = Arrays.asList(adminAllowedEndpoints.split(","));
 				if(!adminEndpoints.contains(uri)) {
 					return Constants.Parameters.UNAUTHORIZED;
 				}
 			}
+			boolean isInstitute = roles.stream().anyMatch(x -> "exams_institute".equalsIgnoreCase(x));
+			if(isInstitute) {
+				List<String> adminEndpoints = Arrays.asList(instituteAllowedEndpoints.split(","));
+				if(!adminEndpoints.contains(uri)) {
+					return Constants.Parameters.UNAUTHORIZED;
+				}
+			}
+			boolean isStudent = roles.stream().anyMatch(x -> "exams_student".equalsIgnoreCase(x.toLowerCase()));
+			if(isStudent) {
+				List<String> adminEndpoints = Arrays.asList(studentAllowedEndpoints.split(","));
+				if(!adminEndpoints.contains(uri)) {
+					return Constants.Parameters.UNAUTHORIZED;
+				}
+			}
 			return userId;
 		}
 		return Constants.Parameters.UNAUTHORIZED;

--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -109,4 +109,6 @@ spring.redis.port=6379
 spring.redis.timeout=60000
 user.redis.hash.key=USER
 user.roles=admin_superadmin,exams_admin,exams_institute,exams_student
-admin.allowed.endpoints=/payment
\ No newline at end of file
+admin.allowed.endpoints=/payment
+institute.allowed.endpoints=
+student.allowed.endpoints=
\ No newline at end of file