Enhance CORS configuration and add PUT/PATCH restrictions for admin r…

…oles in SecurityConfiguration

src/main/java/leonardo/labutilities/qualitylabpro/configs/security/CorsConfig.java

@@ -10,9 +10,11 @@ public class CorsConfig implements WebMvcConfigurer {
 
 	@Override
 	public void addCorsMappings(@NonNull CorsRegistry registry) {
-		registry.addMapping("/**").allowedOrigins(
-				"http://localhost:3000, https://quality-lab-pro.vercel.app, https://68.183.141.155, https://68.183.141.155, https://leomeireles-dev.xyz, https://leomeireles-dev.xyz")
-				.allowedMethods("GET", "POST").allowedHeaders("*").allowCredentials(true)
+		registry.addMapping("/**")
+				.allowedOrigins("http://localhost:3000", "https://quality-lab-pro.vercel.app",
+						"https://68.183.141.155", "https://leomeireles-dev.xyz")
+				.allowedMethods("GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS", "HEAD")
+				.allowedHeaders("*").exposedHeaders("Authorization").allowCredentials(true)
 				.maxAge(3600);
 	}
 }

src/main/java/leonardo/labutilities/qualitylabpro/configs/security/SecurityConfiguration.java

@@ -49,6 +49,7 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
 
 					// Add PUT and PATCH restrictions for admin
 					req.requestMatchers(HttpMethod.PUT, "/generic-analytics/**").hasRole("ADMIN");
+
 					req.requestMatchers(HttpMethod.PUT, "/biochemistry-analytics/**")
 							.hasRole("ADMIN");
 					req.requestMatchers(HttpMethod.PUT, "/hematology-analytics/**")
@@ -57,6 +58,7 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
 							.hasRole("ADMIN");
 
 					req.requestMatchers(HttpMethod.PATCH, "/generic-analytics/**").hasRole("ADMIN");
+
 					req.requestMatchers(HttpMethod.PATCH, "/biochemistry-analytics/**")
 							.hasRole("ADMIN");
 					req.requestMatchers(HttpMethod.PATCH, "/hematology-analytics/**")