From f864ac14405586c695bde16876f1f50ec74d32d9 Mon Sep 17 00:00:00 2001
From: mlm483 <128052931+mlm483@users.noreply.github.com>
Date: Tue, 26 Sep 2023 09:37:21 -0400
Subject: [PATCH] [BI-1340] - updated endpoint authorization

made getSubscribedOntology (GET) accessible to any authenticated user
---
 .../api/v1/controller/OntologyController.java               | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/main/java/org/breedinginsight/api/v1/controller/OntologyController.java b/src/main/java/org/breedinginsight/api/v1/controller/OntologyController.java
index 093d9c0da..b4d675075 100644
--- a/src/main/java/org/breedinginsight/api/v1/controller/OntologyController.java
+++ b/src/main/java/org/breedinginsight/api/v1/controller/OntologyController.java
@@ -4,6 +4,8 @@
 import io.micronaut.http.HttpStatus;
 import io.micronaut.http.MediaType;
 import io.micronaut.http.annotation.*;
+import io.micronaut.security.annotation.Secured;
+import io.micronaut.security.rules.SecurityRule;
 import lombok.extern.slf4j.Slf4j;
 import org.breedinginsight.api.auth.ProgramSecured;
 import org.breedinginsight.api.auth.ProgramSecuredRole;
@@ -81,7 +83,7 @@ public HttpResponse<Response<DataResponse<SharedOntology>>> getAvailablePrograms
     }
 
     /**
-     * Accepts a list of programs to shared the ontology with.
+     * Accepts a list of programs to share the ontology with.
      * @param programId
      * @return List of programs successfully shared to with acceptable status
      * {
@@ -210,7 +212,7 @@ public HttpResponse unsubscribeOntology(
     @Get("/programs/{programId}/ontology/subscribe")
     @Produces(MediaType.APPLICATION_JSON)
     @AddMetadata
-    @ProgramSecured(roles = {ProgramSecuredRole.BREEDER})
+    @Secured(SecurityRule.IS_AUTHENTICATED)
     public HttpResponse<Response<DataResponse<SubscribedOntology>>> getSubscribedOntology(
             @PathVariable UUID programId) {
         try {