search

mercedes-benz / sechub

SecHub provides a central API to test software with different security tools.
https://mercedes-benz.github.io/sechub/
MIT License
259 stars 58 forks source link

Reduce complexity in RoleConstants by using only role names and no authorities inside constants #3085

Closed de-jcup closed 2 months ago

de-jcup commented 2 months ago

Situation

Inside Role constants we differ between "ROLE_$ROLENAME" and "$ROLENAME".

An example:

RoleConstnats.ROLE_USER="ROLE_USER"
RoleConstnats.USER="USER"

The ROLE_* is necessary when we use authorities inside annotations etc.

It is a little bit confusing that we have different constants etc.

Wanted

RoleConstants shall only contain the role names without the "ROLE_*" prefix variants. And where possible we should always use the role name instead the authorization part.