Allow public room types list

2026-01-27 17:12:50 +05:30
parent d4f8ea96e0
commit 2b01ed3859
3 changed files with 5 additions and 2 deletions
--- a/src/main/kotlin/com/android/trisolarisserver/controller/RoomTypes.kt
+++ b/src/main/kotlin/com/android/trisolarisserver/controller/RoomTypes.kt
@@ -40,8 +40,9 @@ class RoomTypes(
        @PathVariable propertyId: UUID,
        @AuthenticationPrincipal principal: MyPrincipal?
    ): List<RoomTypeResponse> {
-        requirePrincipal(principal)
-        propertyAccess.requireMember(propertyId, principal!!.userId)
+        if (principal != null) {
+            propertyAccess.requireMember(propertyId, principal.userId)
+        }
        return roomTypeRepo.findByPropertyIdOrderByCode(propertyId).map { it.toResponse() }
    }

--- a/src/main/kotlin/com/android/trisolarisserver/security/FirebaseAuthFilter.kt
+++ b/src/main/kotlin/com/android/trisolarisserver/security/FirebaseAuthFilter.kt
@@ -26,6 +26,7 @@ class FirebaseAuthFilter(
            return true
        }
        return path.matches(Regex("^/properties/[^/]+/rooms/[^/]+/images/[^/]+/file$"))
+            || path.matches(Regex("^/properties/[^/]+/room-types$"))
    }

    override fun doFilterInternal(
--- a/src/main/kotlin/com/android/trisolarisserver/security/SecurityConfig.kt
+++ b/src/main/kotlin/com/android/trisolarisserver/security/SecurityConfig.kt
@@ -27,6 +27,7 @@ class SecurityConfig(
            .authorizeHttpRequests {
                it.requestMatchers("/", "/health", "/auth/**").permitAll()
                it.requestMatchers("/properties/*/rooms/*/images/*/file").permitAll()
+                it.requestMatchers("/properties/*/room-types").permitAll()
                it.anyRequest().authenticated()
            }
            .exceptionHandling {