2453 Added access in read mode to admin end-points for SPECIALIST role (

#2517)

src/main/kotlin/com/epam/brn/controller/CloudController.kt

@@ -35,7 +35,7 @@ class CloudController(
 
     @GetMapping("/upload")
     @Operation(summary = "Get cloud upload form")
-    @RolesAllowed(BrnRole.ADMIN)
+    @RolesAllowed(BrnRole.ADMIN, BrnRole.SPECIALIST)
     @Throws(Exception::class)
     fun signatureForClientDirectUpload(@RequestParam filePath: String?): ResponseEntity<BrnResponse<Map<String, Any>>> {
         if (filePath.isNullOrEmpty())
@@ -58,7 +58,7 @@ class CloudController(
 
     @GetMapping("/folders")
     @Operation(summary = "Get cloud folder structure")
-    @RolesAllowed(BrnRole.ADMIN)
+    @RolesAllowed(BrnRole.ADMIN, BrnRole.SPECIALIST)
     @Throws(Exception::class)
     fun listBucket(): ResponseEntity<BrnResponse<List<String>>> =
         ResponseEntity.ok(BrnResponse(cloudService.getStorageFolders()))

src/main/kotlin/com/epam/brn/controller/ExerciseController.kt

@@ -1,13 +1,13 @@
 package com.epam.brn.controller
 
-import com.epam.brn.service.RoleService
 import com.epam.brn.dto.ExerciseDto
 import com.epam.brn.dto.request.ExerciseRequest
 import com.epam.brn.dto.request.exercise.ExerciseCreateDto
-import com.epam.brn.dto.response.ExerciseWithWordsResponse
 import com.epam.brn.dto.response.BrnResponse
+import com.epam.brn.dto.response.ExerciseWithWordsResponse
 import com.epam.brn.enums.BrnRole
 import com.epam.brn.service.ExerciseService
+import com.epam.brn.service.RoleService
 import com.epam.brn.upload.CsvUploadService
 import io.swagger.v3.oas.annotations.Operation
 import io.swagger.v3.oas.annotations.Parameter
@@ -75,7 +75,7 @@ class ExerciseController(
 
     @GetMapping(value = ["/byWord"])
     @Operation(summary = "Get exercises containing specified word")
-    @RolesAllowed(BrnRole.ADMIN)
+    @RolesAllowed(BrnRole.ADMIN, BrnRole.SPECIALIST)
     fun getExercisesByWord(
         @RequestParam(
             value = "word",

src/main/kotlin/com/epam/brn/controller/UserDetailController.kt

@@ -1,9 +1,9 @@
 package com.epam.brn.controller
 
 import com.epam.brn.dto.HeadphonesDto
+import com.epam.brn.dto.UserAccountDto
 import com.epam.brn.dto.request.UserAccountChangeRequest
 import com.epam.brn.dto.response.BrnResponse
-import com.epam.brn.dto.UserAccountDto
 import com.epam.brn.enums.BrnRole
 import com.epam.brn.service.DoctorService
 import com.epam.brn.service.UserAccountService
@@ -39,7 +39,7 @@ class UserDetailController(
 ) {
     @GetMapping
     @Operation(summary = "Get all users with/without analytic data")
-    @RolesAllowed(BrnRole.ADMIN)
+    @RolesAllowed(BrnRole.ADMIN, BrnRole.SPECIALIST)
     fun getUsers(
         @RequestParam("withAnalytics", defaultValue = "false") withAnalytics: Boolean,
         @RequestParam("role", defaultValue = "USER") role: String,
@@ -52,7 +52,7 @@ class UserDetailController(
 
     @GetMapping(value = ["/{userId}"])
     @Operation(summary = "Get user by id")
-    @RolesAllowed(BrnRole.ADMIN)
+    @RolesAllowed(BrnRole.ADMIN, BrnRole.SPECIALIST)
     fun findUserById(@PathVariable("userId") id: Long): ResponseEntity<BrnResponse<List<UserAccountDto>>> {
         return ResponseEntity.ok()
             .body(BrnResponse(data = listOf(userAccountService.findUserDtoById(id))))
@@ -102,7 +102,7 @@ class UserDetailController(
 
     @GetMapping(value = ["/{userId}/headphones"])
     @Operation(summary = "Get all user's headphones")
-    @RolesAllowed(BrnRole.ADMIN)
+    @RolesAllowed(BrnRole.ADMIN, BrnRole.SPECIALIST)
     fun getAllHeadphonesForUser(
         @PathVariable("userId", required = true) userId: Long
     ) = ResponseEntity