Use Spring Security's authorities instead of roles.

No functional changes.

Author: php-coder

src/main/java/ru/mystamps/web/service/CountryServiceImpl.java

@@ -46,7 +46,7 @@ public CountryServiceImpl(CountryDao countryDao) {
 
 	@Override
 	@Transactional
-	@PreAuthorize("hasAuthority('ROLE_USER')")
+	@PreAuthorize("hasAuthority('CREATE_COUNTRY')")
 	public Country add(AddCountryDto dto, User user) {
 		Validate.isTrue(dto != null, "DTO should be non null");
 		Validate.isTrue(dto.getName() != null, "Country name should be non null");

src/main/java/ru/mystamps/web/service/SeriesServiceImpl.java

@@ -59,7 +59,7 @@ public SeriesServiceImpl(SeriesDao seriesDao, ImageService imageService) {
 
 	@Override
 	@Transactional
-	@PreAuthorize("hasAuthority('ROLE_USER')")
+	@PreAuthorize("hasAuthority('CREATE_SERIES')")
 	public Series add(AddSeriesDto dto, User user) {
 		Validate.isTrue(dto != null, "DTO must be non null");
 		Validate.isTrue(dto.getQuantity() != null, "Stamps quantity must be non null");

src/main/java/ru/mystamps/web/support/spring/security/CustomUserDetailsService.java

@@ -18,7 +18,8 @@
 package ru.mystamps.web.support.spring.security;
 
 import java.util.Collection;
-import java.util.Collections;
+import java.util.LinkedList;
+import java.util.List;
 
 import javax.inject.Inject;
 
@@ -70,7 +71,10 @@ public UserDetails loadUserByUsername(String login) {
 	}
 
 	private static Collection<? extends GrantedAuthority> getAuthorities() {
-		return Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER"));
+		List<SimpleGrantedAuthority> authorities = new LinkedList<SimpleGrantedAuthority>();
+		authorities.add(new SimpleGrantedAuthority("CREATE_COUNTRY"));
+		authorities.add(new SimpleGrantedAuthority("CREATE_SERIES"));
+		return authorities;
 	}
 
 }

src/main/resources/spring/security.xml

@@ -30,8 +30,8 @@
 
 		<access-denied-handler error-page="/error/401" />
 
-		<intercept-url pattern="/country/add" access="hasRole('ROLE_USER')" />
-		<intercept-url pattern="/series/add" access="hasRole('ROLE_USER')" />
+		<intercept-url pattern="/country/add" access="hasAuthority('CREATE_COUNTRY')" />
+		<intercept-url pattern="/series/add" access="hasAuthority('CREATE_SERIES')" />
 
 		<intercept-url pattern="/**" access="permitAll" />
 	</http>

src/main/webapp/WEB-INF/tiles/body/site/index.jsp

@@ -4,12 +4,16 @@
 <spring:url var="addSeriesUrl" value="<%= Url.ADD_SERIES_PAGE %>" />
 <spring:url var="addCountryUrl" value="<%= Url.ADD_COUNTRY_PAGE %>" />
 
-<sec:authorize access="hasRole('ROLE_USER')">
+<sec:authorize access="hasAnyAuthority('CREATE_COUNTRY', 'CREATE_SERIES')">
 	<spring:message code="t_you_may" />:
 	<nav>
 		<ul>
-			<li><a href="${addSeriesUrl}"><spring:message code="t_add_series" /></a></li>
-			<li><a href="${addCountryUrl}"><spring:message code="t_add_country" /></a></li>
+			<sec:authorize access="hasAuthority('CREATE_SERIES')">
+				<li><a href="${addSeriesUrl}"><spring:message code="t_add_series" /></a></li>
+			</sec:authorize>
+			<sec:authorize access="hasAuthority('CREATE_COUNTRY')">
+				<li><a href="${addCountryUrl}"><spring:message code="t_add_country" /></a></li>
+			</sec:authorize>
 		</ul>
 	</nav>
 </sec:authorize>