Fix the comparison for when both xfcc and apikey are enabled for auth… (#78)

Author: elhametemad

README.md

@@ -19,7 +19,7 @@ Set postgres password by
 export POSTGRES_PASSWORD=<my db password>
 ```
 
-If config ```acdc.auth.enabled = true``` is enabled, authorization api-keys are SHA-256 hashed.  The REST enb-points should include a http header key ```x-api-key``` with appropriate value.
+If config ```acdc.auth.enabled = true``` is enabled, authorization api-keys are SHA-256 hashed.  The REST endpoints should include a http header key ```x-api-key``` with appropriate value.
 
 Set an environment variable for the authorized x-api-key hashed string.  Example:
 

acdc-ws/app/utils/Authorization.scala

@@ -23,9 +23,12 @@ class Authorization(private var authorizationSettings: AuthorizationSettings) {
   def getRoles(request: Request[_]): List[String] = {
     (authorizationSettings.apiKeyAuthEnabled, authorizationSettings.xfccKeyAuthEnabled) match {
       case (true, true) =>
-        if (getKeyRoles(request.headers.get(authorizationSettings.apiKeyAuthHeader)) ==
-          getXfccRoles(request.headers.get(authorizationSettings.xfccAuthHeader))) {
-          List(Admin)
+        if (!getKeyRoles(request.headers.get(authorizationSettings.apiKeyAuthHeader)).isEmpty) {
+          if (!getXfccRoles(request.headers.get(authorizationSettings.xfccAuthHeader)).isEmpty) {
+            List(Admin)
+          } else {
+            List.empty
+          }
         } else {
           List.empty
         }

version.sbt

@@ -1 +1 @@
- ThisBuild / version := "0.11.0"
+ ThisBuild / version := "0.11.1"