From 78cd1017e26337d7a01fcf2c8ddbc054017f669c Mon Sep 17 00:00:00 2001
From: Lars Maronde <Lars.Maronde@Student.reutlingen-university.de>
Date: Mon, 14 Dec 2020 14:44:12 +0100
Subject: [PATCH] authorization bugfix

---
 .../ebdapo/backend/security/auth/AuthenticationController.java  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Backend/src/main/java/com/ebdapo/backend/security/auth/AuthenticationController.java b/Backend/src/main/java/com/ebdapo/backend/security/auth/AuthenticationController.java
index 001d52d..b73b0cd 100644
--- a/Backend/src/main/java/com/ebdapo/backend/security/auth/AuthenticationController.java
+++ b/Backend/src/main/java/com/ebdapo/backend/security/auth/AuthenticationController.java
@@ -49,7 +49,7 @@ public class AuthenticationController {
         }
         //check if the user is related to the apotheke if yes he is authorized to see the data
         Benutzer b  = benutzerRepo.getBenutzerWithApotheke(username, apothekeId);
-        return b != null || isAdmin();
+        return b != null;// || isAdmin();
     }
 
     private boolean isAdmin() {
-- 
GitLab