From d14d8ba0f3ce54c7f5c7519a16e75aed59c9d897 Mon Sep 17 00:00:00 2001
From: William Harrington <kb0iic@berzerkula.org>
Date: Wed, 12 Feb 2025 20:51:49 -0600
Subject: Add CONSTANTS for ROLES.

---
 src/main/java/org/berzerkula/builddb/BuilddbConstants.java    |  3 +++
 .../java/org/berzerkula/builddb/config/SecurityConfig.java    | 11 ++++++-----
 2 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/src/main/java/org/berzerkula/builddb/BuilddbConstants.java b/src/main/java/org/berzerkula/builddb/BuilddbConstants.java
index 6f4922b..f3ab15b 100644
--- a/src/main/java/org/berzerkula/builddb/BuilddbConstants.java
+++ b/src/main/java/org/berzerkula/builddb/BuilddbConstants.java
@@ -2,6 +2,9 @@ package org.berzerkula.builddb;
 
 public class BuilddbConstants {
 
+    public static final String ROLE_ADMIN = "admin";
+    public static final String ROLE_CLIENT = "client";
+
     private BuilddbConstants() {
         throw new IllegalStateException("Utility class");
     }
diff --git a/src/main/java/org/berzerkula/builddb/config/SecurityConfig.java b/src/main/java/org/berzerkula/builddb/config/SecurityConfig.java
index dbaacd5..b346b59 100644
--- a/src/main/java/org/berzerkula/builddb/config/SecurityConfig.java
+++ b/src/main/java/org/berzerkula/builddb/config/SecurityConfig.java
@@ -1,5 +1,6 @@
 package org.berzerkula.builddb.config;
 
+import org.berzerkula.builddb.BuilddbConstants;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
@@ -19,12 +20,12 @@ public class SecurityConfig {
         return http
                 .authorizeHttpRequests( auth -> auth
                 		.requestMatchers("/").permitAll()
-						.requestMatchers("/actuator/**").hasRole("admin")
-						.requestMatchers("/env/**").hasRole("admin")
-						.requestMatchers("/health/**").hasRole("admin")
-						.requestMatchers("/info/**").hasRole("admin")
+						.requestMatchers("/actuator/**").hasRole(BuilddbConstants.ROLE_ADMIN)
+						.requestMatchers("/env/**").hasRole(BuilddbConstants.ROLE_ADMIN)
+						.requestMatchers("/health/**").hasRole(BuilddbConstants.ROLE_ADMIN)
+						.requestMatchers("/info/**").hasRole(BuilddbConstants.ROLE_ADMIN)
                 		.requestMatchers("/contact").permitAll()
-	                    .requestMatchers("/pkgs/**").hasRole("client")
+	                    .requestMatchers("/pkgs/**").hasRole(BuilddbConstants.ROLE_CLIENT)
 	                    .requestMatchers("/register").permitAll()
 	                    .requestMatchers("/login").permitAll()
 	                    .requestMatchers("/logout").permitAll()
-- 
cgit v1.2.3-54-g00ecf