From fd1db06efd1648010fa32bea62cfd2eadaf1ced6 Mon Sep 17 00:00:00 2001 From: Habin Song <83588265+boulce@users.noreply.github.com> Date: Wed, 7 Feb 2024 16:41:21 +0900 Subject: [PATCH] Typo: Update authorize-http-requests.adoc 'patters' -> 'pattern' ----- 'db' -> "db", 'ADMIN' -> "ADMIN" They should be string type ----- There is no semicolon. I added it. ----- There is no semicolon at the end of the sentence. So I added --- .../servlet/authorization/authorize-http-requests.adoc | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/modules/ROOT/pages/servlet/authorization/authorize-http-requests.adoc b/docs/modules/ROOT/pages/servlet/authorization/authorize-http-requests.adoc index efc29212f5..7cb7fab321 100644 --- a/docs/modules/ROOT/pages/servlet/authorization/authorize-http-requests.adoc +++ b/docs/modules/ROOT/pages/servlet/authorization/authorize-http-requests.adoc @@ -258,7 +258,7 @@ void endpointWhenNotUserAuthorityThenForbidden() { @Test void anyWhenUnauthenticatedThenUnauthorized() { this.mvc.perform(get("/any")) - .andExpect(status().isUnauthorized()) + .andExpect(status().isUnauthorized()); } ---- ====== @@ -387,7 +387,7 @@ void endpointWhenNotUserAuthorityThenForbidden() { @Test void anyWhenUnauthenticatedThenUnauthorized() { this.mvc.perform(get("/any")) - .andExpect(status().isUnauthorized()) + .andExpect(status().isUnauthorized()); } ---- ====== @@ -521,7 +521,7 @@ void getWhenNoReadAuthorityThenForbidden() { @Test void postWhenWriteAuthorityThenAuthorized() { this.mvc.perform(post("/any").with(csrf())) - .andExpect(status().isOk()) + .andExpect(status().isOk()); } @WithMockUser(authorities="read") @@ -737,7 +737,7 @@ SecurityFilterChain web(HttpSecurity http) throws Exception { .dispatcherTypeMatchers(FORWARD, ERROR).permitAll() // <2> .requestMatchers("/static/**", "/signup", "/about").permitAll() // <3> .requestMatchers("/admin/**").hasRole("ADMIN") // <4> - .requestMatchers("/db/**").access(allOf(hasAuthority('db'), hasRole('ADMIN'))) // <5> + .requestMatchers("/db/**").access(allOf(hasAuthority("db"), hasRole("ADMIN"))) // <5> .anyRequest().denyAll() // <6> ); @@ -805,7 +805,7 @@ Xml:: ---- ====== -<1> We specified a URL patters that any user can access. +<1> We specified a URL pattern that any user can access. Specifically, any user can access a request if the URL starts with "/static/". <2> Any URL that starts with "/admin/" will be restricted to users who have the role "ROLE_ADMIN". You will notice that since we are invoking the `hasRole` method we do not need to specify the "ROLE_" prefix.