Support per method security requirement in RepositoryRestResource

[bschoenmaeckers]

Is your feature request related to a problem? Please describe.
I'm using spring-data-rest to export rest endpoints for a repository. This works great but the @securityrequirement annotation does only work on the class level. I would like to give each method a different security requirement.

Example:

@RepositoryRestResource(excerptProjection = UserBasicProjection.class)
public interface UserRepository extends JpaRepository<User, Long> {

    @Override
    @IsAuthenticated
    Optional<User> findById(Long id);

    @IsAuthenticated
    Optional<User> findOneByEmailAndDeletedIsFalse(String email);

    @Override
    @IsAdmin
    Page<User> findAll(Pageable pageable);

    @IsAdmin
    List<User> findByDebtIsGreaterThan(double debt);
 
    ....
}

@IsAdmin infers @SecurityRequirement(name = OAUTH2_SECURITY_SCHEME, scopes = "api_admin")
@IsAuthenticated infers @SecurityRequirement(name = OAUTH2_SECURITY_SCHEME, scopes = "api_full")

Describe the solution you'd like

The DataRestTagsService should check the actual repository method in addition to the repository type.

springdoc-openapi/springdoc-openapi-data-rest/src/main/java/org/springdoc/data/rest/core/DataRestTagsService.java

Line 113 in 4a25acf

Set<io.swagger.v3.oas.annotations.security.SecurityRequirement> allSecurityTags = securityParser.getSecurityRequirementsForClass(repositoryType);

[bnasslahsen]

@bschoenmaeckers,

The support is now added.
You can test it using the latest snapshot.

[bschoenmaeckers]

Works as expected. Thanks!