From 1aaff5edc3bcedb9e8c3f4f085a06d164521a340 Mon Sep 17 00:00:00 2001 From: TTalex Date: Fri, 20 Sep 2024 18:54:28 +0200 Subject: [PATCH] Allow Maas Backend Role read rights on get /v1/subscriptions --- api/src/controllers/subscription.controller.ts | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/api/src/controllers/subscription.controller.ts b/api/src/controllers/subscription.controller.ts index ffefa70..0a39851 100644 --- a/api/src/controllers/subscription.controller.ts +++ b/api/src/controllers/subscription.controller.ts @@ -62,6 +62,7 @@ import { StatusCode, SECURITY_SPEC_KC_PASSWORD, SECURITY_SPEC_KC_CREDENTIALS_KC_PASSWORD, + SECURITY_SPEC_JWT_KC_PASSWORD_KC_CREDENTIALS, INCENTIVE_TYPE, Roles, SUBSCRIPTION_STATUS, @@ -448,11 +449,11 @@ export class SubscriptionController { * @param citizenId the citizen id * @returns subscription list */ - @authorize({allowedRoles: [Roles.MAAS, Roles.MANAGERS, Roles.CITIZENS]}) + @authorize({allowedRoles: [Roles.MAAS, Roles.MANAGERS, Roles.CITIZENS, Roles.MAAS_BACKEND]}) @get('/v1/subscriptions', { 'x-controller-name': 'Subscriptions', summary: 'Retourne les souscriptions', - security: SECURITY_SPEC_JWT_KC_PASSWORD, + security: SECURITY_SPEC_JWT_KC_PASSWORD_KC_CREDENTIALS, responses: { [StatusCode.Success]: { description: 'La liste des souscriptions',