From 092b5c7c774f9c6267d51a04c196be9f0fa5ebc6 Mon Sep 17 00:00:00 2001
From: Matthias Lindinger <matthias.lindinger@bsb-muenchen.de>
Date: Fri, 4 Jun 2021 13:49:12 +0200
Subject: [PATCH] Add more security restriction

---
 .../cudami/admin/config/SpringConfigSecurityWebapp.java         | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dc-cudami-admin/src/main/java/de/digitalcollections/cudami/admin/config/SpringConfigSecurityWebapp.java b/dc-cudami-admin/src/main/java/de/digitalcollections/cudami/admin/config/SpringConfigSecurityWebapp.java
index cc39e060b2..e9427ba82f 100644
--- a/dc-cudami-admin/src/main/java/de/digitalcollections/cudami/admin/config/SpringConfigSecurityWebapp.java
+++ b/dc-cudami-admin/src/main/java/de/digitalcollections/cudami/admin/config/SpringConfigSecurityWebapp.java
@@ -52,7 +52,7 @@ protected void configure(HttpSecurity http) throws Exception {
 
     http.authorizeRequests()
         .antMatchers("/users/updatePassword")
-        .permitAll()
+        .hasAnyAuthority(Role.ADMIN.getAuthority(), Role.CONTENT_MANAGER.getAuthority())
         .antMatchers("/users/**")
         .hasAnyAuthority(Role.ADMIN.getAuthority())
         .anyRequest()