Integrate security into navigation

This also simplifies the template quite a bit, as it previously
contained some redundancy.

src/main/resources/templates/navigation.html

@@ -6,128 +6,23 @@
 	<body>
 		<nav th:fragment="navigation">
 			<div class="ui menu">
-				<a
-					class="item"
-					href="welcome.html"
-					th:href="@{/}"
-					th:text="Startseite"
-				>
-					Startseite
-				</a>
-
-				<!--prototype-paul-simon-->
-				<!--sec:authorize="hasRole('CUSTOMER')"-->
-				<a
-					class="item"
-					href="register.html"
-					th:href="@{/register}"
-					th:text="Registrierung"
-				>
-					Registrierung
-				</a>
-
-				<!--sec:authorize="hasAnyRole('BOSS','CUSTOMER')"-->
-				<a
-					class="item"
-					href="login.html"
-					th:href="@{/login}"
-					th:text="Login"
-				>
-					Login
-				</a>
-
-				<!--sec:authorize="hasRole('BOSS')"-->
-				<a
-					class="item"
-					href="inventory.html"
-					th:href="@{/inventory}"
-					th:text="Inventar"
-				>
-					Inventar
-				</a>
-
-				<a
-					class="item"
-					href="catalog.html"
-					th:href="@{/catalog}"
-					th:text="Katalog"
-				>
-					Katalog
-				</a>
-
-
-				<!--prototype-eren-denis-->
-				<!--sec:authorize="hasRole('BOSS')"-->
-				<a
-					class="item"
-					href="staff.html"
-					th:href="@{/staff}"
-					th:text="Angestellte"
-				>
-					Angestellte
-				</a>
-
-				<!--sec:authorize="hasRole('BOSS')"-->
-				<a
-					class="item"
-					href="customer.html"
-					th:href="@{/customer}"
-					th:text="Kunden"
-				>
-					Kunden
-				</a>
-
-				<!--sec:authorize="hasAnyRole('BOSS','CUSTOMER')"-->
-				<a
-					class="item"
-					href="profile.html"
-					th:href="@{/profile}"
-					th:text="Profil"
-				>
-					Registrierung
-				</a>
-
-
-				<!--prototype-eric-mathis-->
-				<!--sec:authorize="hasAnyRole('BOSS','CUSTOMER')"-->
-				<a
-					class="item"
-					href="orders.html"
-					th:href="@{/orders}"
-					th:text="Bestellungen"
-				>
-					Bestellungen
-				</a>
-
-				<!--sec:authorize="hasAnyRole('BOSS','CUSTOMER')"-->
-				<a
-					class="item"
-					href="event.html"
-					th:href="@{/event}"
-					th:text="'Event planen'"
-				>
-					Events
-				</a>
-
-				<!--prototpye-theo-->
-				<!--sec:authorize="hasRole('BOSS')"-->
-				<a
-					class="item"
-					href="orders.calender.html"
-					th:href="@{/orders/calender}"
-					th:text="Kalender"
-				>
-					Kalender der Bestellungen
-				</a>
+				<a class="item" th:href="@{/}">Startseite</a>
+				<a class="item" th:href="@{/inventory}" sec:authorize="hasRole('ADMIN')">Inventar</a>
+				<a class="item" th:href="@{/catalog}">Katalog</a>
+				<a class="item" th:href="@{/staff}" sec:authorize="hasRole('ADMIN')">Angestellte</a>
+				<a class="item" th:href="@{/customer}" sec:authorize="hasRole('ADMIN')">Kunden</a>
+				<a class="item" th:href="@{/orders}" sec:authorize="isAuthenticated()">Bestellungen</a>
+				<a class="item" th:href="@{/event}" sec:authorize="hasRole('CUSTOMER')">Event planen</a>
+				<a class="item" th:href="@{/orders/calender}" sec:authorize="hasRole('ADMIN')">Kalender</a>
 
 				<div class="right menu">
-					<a class="item" th:href="@{/login}" sec:authorize="isAuthenticated()" th:text="#{nav.login}">Login</a>
-					<form class="item" sec:authorize="isAuthenticated()" th:action="@{/logout}" method="post">
-						<button type="submit" class="ui button" th:text="#{nav.logout}">Logout</button>
-					</form>
+					<a class="item" th:href="@{/login}" sec:authorize="!isAuthenticated()">Login</a>
+					<a class="item" th:href="@{/register}" sec:authorize="!isAuthenticated()">Registrierung</a>
+					<a class="item" th:href="@{/profile}" sec:authorize="isAuthenticated()">Profil</a>
+					<a class="item" th:href="@{/logout}" sec:authorize="isAuthenticated()">Logout</a>
 				</div>
 			</div>
-		<br/>
+			<br/>
 		</nav>
 	</body>
 </html>