- private boolean userHasPermissions(FnUser user, HttpServletResponse response, String invocator) {
- if (!adminRolesService.isSuperAdmin(user) && !adminRolesService.isAccountAdmin(user)) {
- EcompPortalUtils.setBadPermissions(user, response, invocator);
- return false;
- }
- return true;
- }
-
- @RequestMapping(value = {"/portalApi/widgets"}, method = {RequestMethod.POST}, produces = "application/json")
- public FieldsValidator postOnboardingWidget(Principal principal, HttpServletRequest request,
- @RequestBody OnboardingWidget onboardingWidget, HttpServletResponse response) {
+ @PostMapping(value = {"/portalApi/widgets"}, produces = MediaType.APPLICATION_JSON_VALUE)
+ @PreAuthorize("hasRole('System_Administrator') and hasRole('Account_Administrator')")
+ public FieldsValidator postOnboardingWidget(Principal principal, HttpServletResponse response,
+ @RequestBody OnboardingWidget onboardingWidget) {