universi-me · julio-ufpb · Oct 10, 2024 · Oct 1, 2024 · Oct 2, 2024 · NiiMiyo
diff --git a/src/main/java/me/universi/api/entities/Response.java b/src/main/java/me/universi/api/entities/Response.java
@@ -86,7 +86,7 @@ public static Response buildResponse(ThrowingConsumer<Response> completionHandle
                 }
             } else {
                 // unknown exception occurred
-                response.message = "Ocorreu um erro interno por parte do servidor." + (UserService.getInstance().isProduction() ? "" : "\n (" + e.getMessage() + ")");
+                response.message = "Ocorreu um erro interno por parte do servidor." + ((UserService.getInstance().isProduction() || !UserService.getInstance().isUserDevSession()) ? "" : "\n (" + e.getMessage() + ")");
                 response.alertOptions.put("html", response.message + "<br/><br/><img src=\"https://i.imgur.com/OWV6eKo.gif\" width='70%'/>");
             }
 

diff --git a/src/main/java/me/universi/user/services/UserService.java b/src/main/java/me/universi/user/services/UserService.java
@@ -420,23 +420,38 @@ public boolean userIsLoggedIn() {
     }
 
     // check if user has authority following springsecurity hierarchy
-    public boolean userHasAuthority(User user, Authority authority) {
+    public boolean userHasAuthority(User user, Authority authority, boolean equal) {
+        if(equal) {
+            return user.getAuthority().equals(authority);
+        }
         Collection<? extends GrantedAuthority> reachableRoles = roleHierarchy.getReachableGrantedAuthorities(user.getAuthorities());
         return reachableRoles.contains(new SimpleGrantedAuthority(authority.toString()));
     }
 
-    public boolean isUserAdmin(User userSession) {
+    public boolean isUserRole(User user, Authority role, boolean equal) {
         try {
-            return userHasAuthority(userSession, Authority.ROLE_ADMIN);
+            return userHasAuthority(user, role, equal);
         } catch (Exception e) {
             return false;
         }
     }
 
+    public boolean isUserAdmin(User userSession) {
+        return isUserRole(userSession, Authority.ROLE_ADMIN, false);
+    }
+
+    public boolean isUserDev(User userSession) {
+        return isUserRole(userSession, Authority.ROLE_DEV, false);
+    }
+
     public boolean isUserAdminSession() {
         return isUserAdmin(getUserInSession());
     }
 
+    public boolean isUserDevSession() {
+        return isUserDev(getUserInSession());
+    }
+
     public boolean userNeedAnProfile(User user, boolean checkAdmin) {
         try {
             if(checkAdmin && isUserAdmin(user)) {

diff --git a/src/main/resources/spring-security.xml b/src/main/resources/spring-security.xml
@@ -123,7 +123,7 @@
     <beans:bean id="roleHierarchy" class="org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl">
         <beans:property name="hierarchy">
             <beans:value>
-                ROLE_ADMIN > ROLE_DEV > ROLE_USER
+                ROLE_DEV > ROLE_ADMIN > ROLE_USER
             </beans:value>
         </beans:property>
     </beans:bean>