From 068b0c59ead1134d0924c3a5ad84e058efe41648 Mon Sep 17 00:00:00 2001
From: Dario <darionuberu@gmail.com>
Date: Wed, 24 Apr 2024 17:42:52 +0200
Subject: [PATCH] fix: actuator post

---
 .../main/java/lab/en2b/quizapi/auth/config/SecurityConfig.java | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/api/src/main/java/lab/en2b/quizapi/auth/config/SecurityConfig.java b/api/src/main/java/lab/en2b/quizapi/auth/config/SecurityConfig.java
index 5e7ed38a..46be4f1b 100644
--- a/api/src/main/java/lab/en2b/quizapi/auth/config/SecurityConfig.java
+++ b/api/src/main/java/lab/en2b/quizapi/auth/config/SecurityConfig.java
@@ -58,13 +58,14 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http, Authentication
                 .cors(Customizer.withDefaults())
                 .sessionManagement(configuration -> configuration.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
                 .authorizeHttpRequests(authorize -> authorize
+                        .requestMatchers(HttpMethod.GET, "/actuator/**").permitAll()
+                        .requestMatchers(HttpMethod.POST, "/actuator/**").permitAll()
                         .requestMatchers(HttpMethod.POST,"/questions/**").permitAll()
                         .requestMatchers(HttpMethod.GET,"/questions/**").permitAll()
                         .requestMatchers(HttpMethod.GET,"/users/details").authenticated()
                         .requestMatchers(HttpMethod.GET,"/users","/users/**").permitAll()
                         .requestMatchers(HttpMethod.GET,"/auth/logout").authenticated()
                         .requestMatchers(HttpMethod.POST,"/auth/**").permitAll()
-                        .requestMatchers(HttpMethod.GET, "/actuator/**").permitAll()
                         .requestMatchers(HttpMethod.GET, "/swagger/**").permitAll()
                         .anyRequest().authenticated())
                 .csrf(AbstractHttpConfigurer::disable)