Don't require authentication to approve/deny a copy request. Possession of the token is sufficient.

2025-10-07 01:54:22 +00:00 · 2022-09-16 11:08:15 -04:00
parent a4cb9bd129
commit 692fefcbac
1 changed files with 1 additions and 1 deletions
--- a/dspace-server-webapp/src/main/java/org/dspace/app/rest/repository/RequestItemRepository.java
+++ b/dspace-server-webapp/src/main/java/org/dspace/app/rest/repository/RequestItemRepository.java
@@ -218,7 +218,7 @@ public class RequestItemRepository
    }

    @Override
-    @PreAuthorize("isAuthenticated()")
+    @PreAuthorize("permitAll()")
    public RequestItemRest put(Context context, HttpServletRequest request,
            String apiCategory, String model, String token, JsonNode requestBody)
            throws AuthorizeException {