파일다운로드 변경, 파일다운로드 로그 저장 변경, 라벨 다운로드 이력 추가, 라벨 다운로드 추가
This commit is contained in:
@@ -1,8 +1,8 @@
|
||||
package com.kamco.cd.kamcoback.config;
|
||||
|
||||
import com.fasterxml.jackson.databind.ObjectMapper;
|
||||
import com.kamco.cd.kamcoback.auth.CustomUserDetails;
|
||||
import com.kamco.cd.kamcoback.common.utils.HeaderUtil;
|
||||
import com.kamco.cd.kamcoback.common.utils.UserUtil;
|
||||
import com.kamco.cd.kamcoback.config.api.ApiLogFunction;
|
||||
import com.kamco.cd.kamcoback.menu.dto.MenuDto;
|
||||
import com.kamco.cd.kamcoback.menu.service.MenuService;
|
||||
@@ -17,7 +17,6 @@ import java.util.Objects;
|
||||
import java.util.UUID;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
import org.springframework.stereotype.Component;
|
||||
import org.springframework.web.servlet.HandlerInterceptor;
|
||||
|
||||
@@ -27,24 +26,39 @@ public class FileDownloadInteceptor implements HandlerInterceptor {
|
||||
|
||||
private final AuditLogRepository auditLogRepository;
|
||||
private final MenuService menuService;
|
||||
private final UserUtil userUtil;
|
||||
|
||||
@Autowired private ObjectMapper objectMapper;
|
||||
|
||||
public FileDownloadInteceptor(AuditLogRepository auditLogRepository, MenuService menuService) {
|
||||
public FileDownloadInteceptor(
|
||||
AuditLogRepository auditLogRepository, MenuService menuService, UserUtil userUtil) {
|
||||
this.auditLogRepository = auditLogRepository;
|
||||
this.menuService = menuService;
|
||||
this.userUtil = userUtil;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void afterCompletion(
|
||||
HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) {
|
||||
public boolean preHandle(
|
||||
HttpServletRequest request, HttpServletResponse response, Object handler) {
|
||||
|
||||
if (!request.getRequestURI().contains("/download")) return true;
|
||||
|
||||
if (request.getDispatcherType() != jakarta.servlet.DispatcherType.REQUEST) {
|
||||
return true;
|
||||
}
|
||||
|
||||
saveLog(request, response);
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
private void saveLog(HttpServletRequest request, HttpServletResponse response) {
|
||||
// 파일 다운로드 API만 필터링
|
||||
if (!request.getRequestURI().contains("/download")) {
|
||||
return;
|
||||
}
|
||||
|
||||
Long userId = extractUserId(request);
|
||||
Long userId = userUtil.getId();
|
||||
String ip = ApiLogFunction.getClientIp(request);
|
||||
|
||||
List<?> list = menuService.getFindAll();
|
||||
@@ -81,12 +95,4 @@ public class FileDownloadInteceptor implements HandlerInterceptor {
|
||||
|
||||
auditLogRepository.save(log);
|
||||
}
|
||||
|
||||
private Long extractUserId(HttpServletRequest request) {
|
||||
if (request.getUserPrincipal() instanceof UsernamePasswordAuthenticationToken auth
|
||||
&& auth.getPrincipal() instanceof CustomUserDetails userDetails) {
|
||||
return userDetails.getMember().getId();
|
||||
}
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -3,6 +3,8 @@ package com.kamco.cd.kamcoback.config;
|
||||
import com.kamco.cd.kamcoback.auth.CustomAuthenticationProvider;
|
||||
import com.kamco.cd.kamcoback.auth.JwtAuthenticationFilter;
|
||||
import com.kamco.cd.kamcoback.auth.MenuAuthorizationManager;
|
||||
import com.kamco.cd.kamcoback.common.download.DownloadPaths;
|
||||
import jakarta.servlet.DispatcherType;
|
||||
import java.util.List;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
@@ -44,9 +46,11 @@ public class SecurityConfig {
|
||||
.authorizeHttpRequests(
|
||||
auth ->
|
||||
auth
|
||||
|
||||
// .requestMatchers("/chunk_upload_test.html").authenticated()
|
||||
.requestMatchers("/monitor/health", "/monitor/health/**")
|
||||
.permitAll()
|
||||
|
||||
// 맵시트 영역 전체 허용 (우선순위 최상단)
|
||||
.requestMatchers("/api/mapsheet/**")
|
||||
.permitAll()
|
||||
@@ -67,13 +71,25 @@ public class SecurityConfig {
|
||||
.requestMatchers("/api/test/review")
|
||||
.hasAnyRole("ADMIN", "REVIEWER")
|
||||
|
||||
// ASYNC/ERROR 재디스패치는 막지 않기 (다운로드/스트리밍에서 필수)
|
||||
.dispatcherTypeMatchers(DispatcherType.ASYNC, DispatcherType.ERROR)
|
||||
.permitAll()
|
||||
|
||||
// 다운로드는 인증 필요
|
||||
.requestMatchers(HttpMethod.GET, DownloadPaths.PATTERNS)
|
||||
.authenticated()
|
||||
|
||||
// 메뉴 등록 ADMIN만 가능
|
||||
.requestMatchers(HttpMethod.POST, "/api/menu/auth")
|
||||
.hasAnyRole("ADMIN")
|
||||
|
||||
// 에러 경로는 항상 허용 (이미 있지만 유지)
|
||||
.requestMatchers("/error")
|
||||
.permitAll()
|
||||
|
||||
// preflight 허용
|
||||
.requestMatchers(HttpMethod.OPTIONS, "/**")
|
||||
.permitAll() // preflight 허용
|
||||
.permitAll()
|
||||
.requestMatchers(
|
||||
"/api/auth/signin",
|
||||
"/api/auth/refresh",
|
||||
@@ -90,6 +106,7 @@ public class SecurityConfig {
|
||||
"/api/layer/tile-url",
|
||||
"/api/layer/tile-url-year")
|
||||
.permitAll()
|
||||
|
||||
// 로그인한 사용자만 가능 IAM
|
||||
.requestMatchers(
|
||||
"/api/user/**",
|
||||
@@ -98,16 +115,11 @@ public class SecurityConfig {
|
||||
"/api/training-data/label/**",
|
||||
"/api/training-data/review/**")
|
||||
.authenticated()
|
||||
.anyRequest()
|
||||
.access(menuAuthorizationManager)
|
||||
|
||||
// .authenticated()
|
||||
)
|
||||
.addFilterBefore(
|
||||
jwtAuthenticationFilter,
|
||||
UsernamePasswordAuthenticationFilter
|
||||
.class) // 요청 들어오면 먼저 JWT 토큰 검사 후 security context 에 사용자 정보 저장.
|
||||
;
|
||||
// 나머지는 메뉴권한
|
||||
.anyRequest()
|
||||
.access(menuAuthorizationManager))
|
||||
.addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
|
||||
|
||||
return http.build();
|
||||
}
|
||||
@@ -118,23 +130,18 @@ public class SecurityConfig {
|
||||
return configuration.getAuthenticationManager();
|
||||
}
|
||||
|
||||
/**
|
||||
* CORS 설정
|
||||
*
|
||||
* @return
|
||||
*/
|
||||
/** CORS 설정 */
|
||||
@Bean
|
||||
public CorsConfigurationSource corsConfigurationSource() {
|
||||
CorsConfiguration config = new CorsConfiguration(); // CORS 객체 생성
|
||||
config.setAllowedOriginPatterns(List.of("*")); // 도메인 허용
|
||||
CorsConfiguration config = new CorsConfiguration();
|
||||
config.setAllowedOriginPatterns(List.of("*"));
|
||||
config.setAllowedMethods(List.of("GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS"));
|
||||
config.setAllowedHeaders(List.of("*")); // 헤더요청 Authorization, Content-Type, X-Custom-Header
|
||||
config.setAllowCredentials(true); // 쿠키, Authorization 헤더, Bearer Token 등 자격증명 포함 요청을 허용할지 설정
|
||||
config.setAllowedHeaders(List.of("*"));
|
||||
config.setAllowCredentials(true);
|
||||
config.setExposedHeaders(List.of("Content-Disposition"));
|
||||
|
||||
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
|
||||
/** "/**" → 모든 API 경로에 대해 이 CORS 규칙을 적용 /api/** 같이 특정 경로만 지정 가능. */
|
||||
source.registerCorsConfiguration("/**", config); // CORS 정책을 등록
|
||||
source.registerCorsConfiguration("/**", config);
|
||||
return source;
|
||||
}
|
||||
|
||||
|
||||
@@ -2,6 +2,7 @@ package com.kamco.cd.kamcoback.config;
|
||||
|
||||
import com.fasterxml.jackson.databind.ObjectMapper;
|
||||
import com.fasterxml.jackson.databind.module.SimpleModule;
|
||||
import com.kamco.cd.kamcoback.common.download.DownloadPaths;
|
||||
import com.kamco.cd.kamcoback.common.utils.geometry.GeometryDeserializer;
|
||||
import com.kamco.cd.kamcoback.common.utils.geometry.GeometrySerializer;
|
||||
import org.locationtech.jts.geom.Geometry;
|
||||
@@ -39,9 +40,6 @@ public class WebConfig implements WebMvcConfigurer {
|
||||
|
||||
@Override
|
||||
public void addInterceptors(InterceptorRegistry registry) {
|
||||
registry
|
||||
.addInterceptor(fileDownloadInteceptor)
|
||||
.addPathPatterns("/api/inference/download/**") // 추론 파일 다운로드
|
||||
.addPathPatterns("/api/training-data/stage/download/**"); // 학습데이터 다운로드
|
||||
registry.addInterceptor(fileDownloadInteceptor).addPathPatterns(DownloadPaths.PATTERNS);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
package com.kamco.cd.kamcoback.config.api;
|
||||
|
||||
import com.kamco.cd.kamcoback.common.download.DownloadPaths;
|
||||
import jakarta.servlet.FilterChain;
|
||||
import jakarta.servlet.ServletException;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
@@ -16,6 +17,14 @@ public class ApiLogFilter extends OncePerRequestFilter {
|
||||
protected void doFilterInternal(
|
||||
HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
|
||||
throws ServletException, IOException {
|
||||
|
||||
String uri = request.getRequestURI();
|
||||
|
||||
if (DownloadPaths.matches(uri)) {
|
||||
filterChain.doFilter(request, response);
|
||||
return;
|
||||
}
|
||||
|
||||
ContentCachingRequestWrapper wrappedRequest = new ContentCachingRequestWrapper(request);
|
||||
|
||||
ContentCachingResponseWrapper wrappedResponse = new ContentCachingResponseWrapper(response);
|
||||
|
||||
Reference in New Issue
Block a user