From 9039e3d3f65466181fa61e251955424ed48f28b8 Mon Sep 17 00:00:00 2001
From: Arthur Wambst <your-username@users.noreply.github.com>
Date: Tue, 29 Jul 2025 18:12:02 +0200
Subject: [PATCH] feat: added roles requirement for critical ji operations

---
 src/main/java/fr/la_banquise/backend/rest/JiResource.java | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/main/java/fr/la_banquise/backend/rest/JiResource.java b/src/main/java/fr/la_banquise/backend/rest/JiResource.java
index 2934cde..4de930a 100644
--- a/src/main/java/fr/la_banquise/backend/rest/JiResource.java
+++ b/src/main/java/fr/la_banquise/backend/rest/JiResource.java
@@ -37,6 +37,7 @@ public class JiResource {
 
     @POST
     @Path("/create")
+    @RolesAllowed("root")
     public Response createJi(@QueryParam("name") String name, @QueryParam("desc") String desc, @QueryParam("address") String address, @QueryParam("respo") String respo, @QueryParam("site") String name_site) {
         try {
             Ji jsp = jiService.createJi(name, desc, address, respo, name_site);
@@ -60,9 +61,10 @@ public class JiResource {
 
     @DELETE
     @Path("/del")
+    @RolesAllowed("root")
     @APIResponses({
-    @APIResponse(responseCode = "200", description = "Successfully deleted"),
-    @APIResponse(responseCode = "500", description = "Internal server error, usually site not found")
+        @APIResponse(responseCode = "200", description = "Successfully deleted"),
+        @APIResponse(responseCode = "500", description = "Internal server error, usually site not found")
 })
     public Response deleteJiByName(@QueryParam("name") String name) {
         try {