Skip to content

Commit a661045

Browse files
Luis-CruzLuis-Cruz
committed
Only allow managers
1 parent b23261d commit a661045

File tree

1 file changed

+2
-1
lines changed

1 file changed

+2
-1
lines changed

bennu-core/src/main/java/org/fenixedu/bennu/core/api/UserResource.java

+2-1
Original file line numberDiff line numberDiff line change
@@ -40,9 +40,10 @@ public class UserResource extends BennuRestResource {
4040
public JsonElement findUser(@QueryParam("query") String query,
4141
@QueryParam("includeInactive") @DefaultValue("false") Boolean includeInactive,
4242
@QueryParam("maxHits") @DefaultValue("20") Integer maxHits) {
43-
if (query == null || Authenticate.getUser() == null) {
43+
if (query == null) {
4444
throw new WebApplicationException(Status.BAD_REQUEST);
4545
}
46+
accessControl(Group.managers());
4647
Stream<User> results =
4748
Stream.concat(Stream.of(User.findByUsername(query)),
4849
UserProfile.searchByName(query, Integer.MAX_VALUE).map(UserProfile::getUser)).filter(Objects::nonNull)

0 commit comments

Comments
 (0)