[NCL-8155] Require role to blocklist artifact

The role name is: pnc-users-da-admin
project-ncl · Aug 30, 2023 · 5656702 · 5656702
1 parent ef558bd
commit 5656702
Showing 1 changed file with 14 additions and 0 deletions.
diff --git a/reports-rest/src/main/webapp/WEB-INF/web.xml b/reports-rest/src/main/webapp/WEB-INF/web.xml
@@ -31,6 +31,17 @@
         </web-resource-collection>
     </security-constraint>
 
+    <security-constraint>
+        <web-resource-collection>
+            <web-resource-name>Access to lookups for all users on POST</web-resource-name>
+            <url-pattern>/rest/v-${version.reports.rest}/listings/blacklist/gav</url-pattern>
+            <http-method>POST</http-method>
+            <http-method>DELETE</http-method>
+        </web-resource-collection>
+        <auth-constraint>
+            <role-name>pnc-users-da-admin</role-name>
+        </auth-constraint>
+    </security-constraint>
 
     <!-- Allow all logged users to access the other endpoints -->
     <security-constraint>
@@ -50,6 +61,9 @@
     <security-role>
         <role-name>*</role-name>
     </security-role>
+    <security-role>
+        <role-name>pnc-users-da-admin</role-name>
+    </security-role>
     <!-- SECURITY -->
 
     <filter>