From 5b1564cdb3e658024d7b05fe4fd6a8b232391501 Mon Sep 17 00:00:00 2001
From: androidlover5842 <androidlover5842@gmail.com>
Date: Tue, 27 Jan 2026 19:08:17 +0530
Subject: [PATCH] Allow public image tag list

---
 .../com/android/trisolarisserver/controller/RoomImageTags.kt     | 1 -
 .../com/android/trisolarisserver/security/FirebaseAuthFilter.kt  | 1 +
 .../com/android/trisolarisserver/security/SecurityConfig.kt      | 1 +
 3 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/main/kotlin/com/android/trisolarisserver/controller/RoomImageTags.kt b/src/main/kotlin/com/android/trisolarisserver/controller/RoomImageTags.kt
index 5cfde8b..2977b6b 100644
--- a/src/main/kotlin/com/android/trisolarisserver/controller/RoomImageTags.kt
+++ b/src/main/kotlin/com/android/trisolarisserver/controller/RoomImageTags.kt
@@ -33,7 +33,6 @@ class RoomImageTags(
     fun listTags(
         @AuthenticationPrincipal principal: MyPrincipal?
     ): List<RoomImageTagResponse> {
-        requirePrincipal(principal)
         return roomImageTagRepo.findAllByOrderByName().map { it.toResponse() }
     }
 
diff --git a/src/main/kotlin/com/android/trisolarisserver/security/FirebaseAuthFilter.kt b/src/main/kotlin/com/android/trisolarisserver/security/FirebaseAuthFilter.kt
index d4b1bfd..6064425 100644
--- a/src/main/kotlin/com/android/trisolarisserver/security/FirebaseAuthFilter.kt
+++ b/src/main/kotlin/com/android/trisolarisserver/security/FirebaseAuthFilter.kt
@@ -27,6 +27,7 @@ class FirebaseAuthFilter(
         }
         return path.matches(Regex("^/properties/[^/]+/rooms/[^/]+/images/[^/]+/file$"))
             || path.matches(Regex("^/properties/[^/]+/room-types$"))
+            || path == "/image-tags"
     }
 
     override fun doFilterInternal(
diff --git a/src/main/kotlin/com/android/trisolarisserver/security/SecurityConfig.kt b/src/main/kotlin/com/android/trisolarisserver/security/SecurityConfig.kt
index 592277b..367c98d 100644
--- a/src/main/kotlin/com/android/trisolarisserver/security/SecurityConfig.kt
+++ b/src/main/kotlin/com/android/trisolarisserver/security/SecurityConfig.kt
@@ -28,6 +28,7 @@ class SecurityConfig(
                 it.requestMatchers("/", "/health", "/auth/**").permitAll()
                 it.requestMatchers("/properties/*/rooms/*/images/*/file").permitAll()
                 it.requestMatchers("/properties/*/room-types").permitAll()
+                it.requestMatchers("/image-tags").permitAll()
                 it.anyRequest().authenticated()
             }
             .exceptionHandling {