Method level @PreAuthorize does not overwrite a type level one [DATAREST-1579] #1914

spring-projects-issues · 2020-10-31T09:16:22Z

yerzhant opened DATAREST-1579 and commented

According to docs method level security settings must overwrite repository level settings. But it fails when it comes to URI conversion:

Failed to convert from type [java.net.URI] to type [kz.toyville.back.catalog.domain.entity.Category] for value '/category/1'; nested exception is org.springframework.security.access.AccessDeniedException: Access is denied"},"message":"Failed to convert /category/1 into kz.toyville.back.catalog.domain.entity.Category!

How To Reproduce

Run the "List toys for a category" test in the sample (link is below).

Expected behavior
Test List toys for a category (in CatalogWebTest) must not fail.

Sample
https://github.com/yerzhant/spring-rest-data-security

Reference URL: https://github.com/yerzhant/spring-rest-data-security

The text was updated successfully, but these errors were encountered:

spring-projects-issues · 2020-10-31T09:19:20Z

yerzhant commented

FYI spring-projects/spring-security#9164

spring-projects-issues added type: bug in: repository labels Dec 31, 2020

spring-projects-issues assigned odrotbohm Dec 31, 2020

Method level @PreAuthorize does not overwrite a type level one [DATAREST-1579] #1914

Method level @PreAuthorize does not overwrite a type level one [DATAREST-1579] #1914

spring-projects-issues commented Oct 31, 2020

spring-projects-issues commented Oct 31, 2020

Method level @PreAuthorize does not overwrite a type level one [DATAREST-1579] #1914

Method level @PreAuthorize does not overwrite a type level one [DATAREST-1579] #1914

Comments

spring-projects-issues commented Oct 31, 2020

spring-projects-issues commented Oct 31, 2020