API Usuários

Status:

Aguardando requisição...

Body:

Aguardando requisição...

Controller - UserController.java

package com.exemplo.apiusuarios.controller;

import com.exemplo.apiusuarios.model.User;
import com.exemplo.apiusuarios.repository.UserRepository;

import jakarta.annotation.security.PermitAll;
import jakarta.annotation.security.RolesAllowed;
import org.springframework.web.bind.annotation.*;

import java.util.List;

@RestController
@RequestMapping("/api/usuarios")
public class UserController {

    private final UserRepository repository;

    public UserController(UserRepository repository) {
        this.repository = repository;
    }

    @PermitAll
    @GetMapping
    public List<User> listar() {
        return repository.findAll();
    }

    @RolesAllowed("ADMIN")
    @PostMapping
    public User criar(@RequestBody User user) {
        return repository.save(user);
    }
}
  

Configuração de Segurança - SecurityConfig.java

package com.exemplo.apiusuarios.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.web.SecurityFilterChain;

@Configuration
@EnableMethodSecurity(jsr250Enabled = true)
public class SecurityConfig {

    @Bean
    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
        http
            .csrf().disable()
            .authorizeHttpRequests(auth -> auth
                .anyRequest().authenticated()
            )
            .httpBasic();

        return http.build();
    }
}