Only check authorities if not anonymous

SouthGreenPlatform · Jan 9, 2025 · 99d30f4 · 99d30f4
1 parent 9ee5289
commit 99d30f4
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/src/main/webapp/WEB-INF/jsp/import.jsp b/src/main/webapp/WEB-INF/jsp/import.jsp
@@ -30,7 +30,7 @@
 <c:set var="supervisorRoleSuffix" value='<%= "$" + IRoleDefinition.ROLE_DB_SUPERVISOR %>' />
 <c:set var="loggedUser" value="<%=SecurityContextHolder.getContext().getAuthentication().getPrincipal()%>" />
 <c:set var='dbCreatorRole' value='<%= IRoleDefinition.ROLE_DB_CREATOR %>' />
-<c:set var="hasDbCreatorRole" value="false" /><c:forEach var="authority" items="${loggedUser.authorities}"><c:if test="${authority == dbCreatorRole}"><c:set var="hasDbCreatorRole" value="true" /></c:if></c:forEach>
+<c:set var="hasDbCreatorRole" value="false" /><c:if test="${'anonymousUser' != loggedUser}"><c:forEach var="authority" items="${loggedUser.authorities}"><c:if test="${authority == dbCreatorRole}"><c:set var="hasDbCreatorRole" value="true" /></c:if></c:forEach></c:if>
 <sec:authorize access="hasRole('ROLE_ADMIN')" var="isAdmin"/>
 <sec:authorize access="hasRole('ROLE_ANONYMOUS')" var="isAnonymous"/>