Hugging Face's logo

Spaces:
dalabsai
/
da-discovery-dev
Build error

App Files Community
da-discovery-dev
File size: 1,559 Bytes 
442299c
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
 
package com.dalab.discovery.client.rest;

import org.springframework.boot.test.context.TestConfiguration;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Primary;
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.web.SecurityFilterChain;

/**
 * Test security configuration for integration tests.
 * Provides HTTP Basic authentication instead of OAuth2/JWT for simplicity.
 */
@TestConfiguration
@EnableWebSecurity
@EnableMethodSecurity(prePostEnabled = true)
public class TestWebSecurityConfiguration {

    @Bean
    @Primary
    public SecurityFilterChain testFilterChain(HttpSecurity http) throws Exception {
        http
            .authorizeHttpRequests(authorize -> authorize
                .requestMatchers("/api/v1/discovery/config/**").hasRole("ADMIN")
                .requestMatchers("/api/v1/discovery/stats/**").hasAnyRole("ADMIN", "USER")
                .requestMatchers("/api/v1/discovery/scans/**").hasAnyRole("ADMIN", "DATA_STEWARD", "USER")
                .requestMatchers("/api/v1/discovery/jobs/**").hasAnyRole("ADMIN", "DATA_STEWARD", "USER")
                .anyRequest().authenticated()
            )
            .csrf(csrf -> csrf.disable())
            .httpBasic(basic -> {});
        
        return http.build();
    }
}