From 54cf0352486254e4872fb1879ef8a49ef7a4271f Mon Sep 17 00:00:00 2001
From: miferreiro <miguel.ferreiro.diaz@gmail.com>
Date: Thu, 21 Feb 2019 17:44:44 +0100
Subject: [PATCH] Added authentication control for the pet path

---
 .../uvigo/esei/daa/filters/AuthorizationFilter.java  | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/src/test/java/es/uvigo/esei/daa/filters/AuthorizationFilter.java b/src/test/java/es/uvigo/esei/daa/filters/AuthorizationFilter.java
index b2144df..49a932d 100644
--- a/src/test/java/es/uvigo/esei/daa/filters/AuthorizationFilter.java
+++ b/src/test/java/es/uvigo/esei/daa/filters/AuthorizationFilter.java
@@ -59,6 +59,13 @@ public class AuthorizationFilter implements ContainerRequestFilter {
 						} else {
 							requestContext.setSecurityContext(new UserSecurityContext(user));
 						}
+						
+						if (isPetsPath(requestContext) && !user.getRole().equals("ADMIN")) {
+							requestContext.abortWith(createResponse());
+						} else {
+							requestContext.setSecurityContext(new UserSecurityContext(user));
+						}						
+						
 					} else {
 						requestContext.abortWith(createResponse());
 					}
@@ -76,6 +83,11 @@ public class AuthorizationFilter implements ContainerRequestFilter {
 		return !pathSegments.isEmpty() && pathSegments.get(0).getPath().equals("people");
 	}
 	
+	private static boolean isPetsPath(ContainerRequestContext context) {
+		final List<PathSegment> pathSegments = context.getUriInfo().getPathSegments();
+		return !pathSegments.isEmpty() && pathSegments.get(0).getPath().equals("pets");
+	}
+	
 	private static Response createResponse() {
 		return Response.status(Status.UNAUTHORIZED)
 			.header(HttpHeaders.WWW_AUTHENTICATE, "Basic realm=\"DAAExample\"")
-- 
2.18.1