From ec4fc90cbc2868c663fa5bf35aeeac328e9623e0 Mon Sep 17 00:00:00 2001
From: joshua bauer <josh@wurrly.com>
Date: Mon, 22 May 2017 17:37:01 -0700
Subject: [PATCH] Add security to methods if not defined on controller class.

---
 .../proteus/server/handlers/HandlerGenerator.java         | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/main/java/io/sinistral/proteus/server/handlers/HandlerGenerator.java b/src/main/java/io/sinistral/proteus/server/handlers/HandlerGenerator.java
index 03e2e91..5264433 100644
--- a/src/main/java/io/sinistral/proteus/server/handlers/HandlerGenerator.java
+++ b/src/main/java/io/sinistral/proteus/server/handlers/HandlerGenerator.java
@@ -1101,8 +1101,7 @@ else if (producesContentType.contains(MediaType.TEXT_HTML))
 			
 			List<String> securityDefinitions = new ArrayList<>();
 			
-			securityDefinitions.addAll(typeLevelSecurityDefinitions);
-			
+ 			
 			if( Optional.ofNullable(m.getAnnotation(io.swagger.annotations.ApiOperation.class)).isPresent() )
 			{
 				io.swagger.annotations.ApiOperation apiOperationAnnotation = m.getAnnotation(io.swagger.annotations.ApiOperation.class);
@@ -1119,6 +1118,11 @@ else if (producesContentType.contains(MediaType.TEXT_HTML))
 					}
 				} 
 			}
+			
+			if(securityDefinitions.isEmpty())
+			{
+				securityDefinitions.addAll(typeLevelSecurityDefinitions);
+			}
 
 			
 			if (wrapAnnotation.isPresent() || typeLevelHandlerWrapperMap.size() > 0 || securityDefinitions.size() > 0)