diff --git a/src/main/java/cat/udl/eps/softarch/demo/config/WebSecurityConfig.java b/src/main/java/cat/udl/eps/softarch/demo/config/WebSecurityConfig.java index 64114139..dfcd2d5a 100644 --- a/src/main/java/cat/udl/eps/softarch/demo/config/WebSecurityConfig.java +++ b/src/main/java/cat/udl/eps/softarch/demo/config/WebSecurityConfig.java @@ -60,6 +60,9 @@ protected SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exce .requestMatchers(HttpMethod.GET, "/portfolios/search/findByVisibility").permitAll() .requestMatchers(HttpMethod.GET, "/portfolios/*/owner").permitAll() .requestMatchers(HttpMethod.GET, "/portfolios/**").authenticated() + // Tags + .requestMatchers(HttpMethod.POST, "/tags").hasRole("ADMIN") + .requestMatchers(HttpMethod.DELETE, "/tags/*").hasRole("ADMIN") // Profile .requestMatchers(HttpMethod.POST, "/profiles").hasRole("CREATOR") // Default