fix misconfigured authentication manager

core/src/main/java/de/bstly/we/businesslogic/PermissionManager.java

@@ -458,6 +458,14 @@ public class PermissionManager implements UserDataProvider {
 		return permissions;
 	}
 
+	public void cleanupPermissionStart() {
+		for (Permission permission : permissionRepository.findAll(qPermission.expires.after(Instant.now())
+				.and(qPermission.starts.isNotNull().and(qPermission.starts.before(Instant.now()))))) {
+			permission.setStarts(null);
+			permissionRepository.save(permission);
+		}
+	}
+
 	/*
 	 * @see de.bstly.we.businesslogic.UserDataProvider#getId()
 	 */

core/src/main/java/de/bstly/we/controller/PermissionManagementController.java

@@ -50,14 +50,18 @@ public class PermissionManagementController extends BaseController {
 	@PreAuthorize("hasRole('ROLE_ADMIN')")
 	@GetMapping("/{username}")
 	public List<Permission> getPermissionsForUser(@PathVariable("username") String username,
-			@RequestParam("sort") Optional<String> sort) {
+			@RequestParam("sort") Optional<String> sort, @RequestParam("ignoreStart") Optional<Boolean> ignoreStart) {
 		User user = userManager.getByUsername(username);
 
 		if (user == null) {
 			throw new EntityResponseStatusException(HttpStatus.NO_CONTENT);
 		}
 
-		return permissionManager.getNotExpiresByTargetIgnoreStart(user.getId(), sort.orElse(null));
+		if (ignoreStart.orElse(true)) {
+			return permissionManager.getNotExpiresByTargetIgnoreStart(user.getId(), sort.orElse(null));
+		} else {
+			return permissionManager.getNotExpiresByTarget(user.getId(), sort.orElse(null));
+		}
 	}
 
 	/**

core/src/main/java/de/bstly/we/security/SecurityConfig.java

@@ -84,18 +84,6 @@ public class SecurityConfig {
 
 	public static final String KEEP_PARAM = "keep";
 
-	/**
-	 * Configure authentication.
-	 *
-	 * @param auth the auth
-	 * @throws Exception the exception
-	 */
-	@Autowired
-	public void configureAuthentication(AuthenticationManagerBuilder auth) throws Exception {
-		localAuthenticationProvider.setPasswordEncoder(passwordEncoder);
-		auth.authenticationProvider(localAuthenticationProvider);
-	}
-
 	@Bean
 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 		http
@@ -209,8 +197,12 @@ public class SecurityConfig {
 
 	@Bean
 	public AuthenticationManager authenticationManager(HttpSecurity http) throws Exception {
-		return http.getSharedObject(AuthenticationManagerBuilder.class).userDetailsService(localUserDetailsService)
+		AuthenticationManagerBuilder authenticationManagerBuilder = http
-				.passwordEncoder(passwordEncoder).and().build();
+				.getSharedObject(AuthenticationManagerBuilder.class);
+		localAuthenticationProvider.setUserDetailsService(localUserDetailsService);
+		localAuthenticationProvider.setPasswordEncoder(passwordEncoder);
+		authenticationManagerBuilder.authenticationProvider(localAuthenticationProvider);
+		return authenticationManagerBuilder.build();
 	}
 
 	/**

pom.xml

@@ -12,14 +12,14 @@
 	<properties>
 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
 		<java.version>11</java.version>
-		<log4j2.version>2.19.0</log4j2.version>
+		<log4j2.version>2.20.0</log4j2.version>
-		<revision>2.0.5-SNAPSHOT</revision>
+		<revision>2.0.6-SNAPSHOT</revision>
 	</properties>
 
 	<parent>
 		<groupId>org.springframework.boot</groupId>
 		<artifactId>spring-boot-starter-parent</artifactId>
-		<version>2.7.6</version>
+		<version>2.7.9</version>
 		<relativePath />
 	</parent>