From 7a585e70d7d0cc888e768feff166190ac3b6f57c Mon Sep 17 00:00:00 2001 From: teddy Date: Fri, 19 Dec 2025 16:22:07 +0900 Subject: [PATCH] =?UTF-8?q?=EB=A9=94=EB=89=B4=20=EA=B6=8C=ED=95=9C?= =?UTF-8?q?=EB=B3=84=20=EB=A0=88=EB=94=94=EC=8A=A4=EC=A0=80=EC=9E=A5=20?= =?UTF-8?q?=EA=B6=8C=ED=95=9C=20=EC=A1=B0=EA=B1=B4=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../java/com/kamco/cd/kamcoback/config/SecurityConfig.java | 4 ++++ .../com/kamco/cd/kamcoback/menu/MenuApiController.java | 3 +-- .../com/kamco/cd/kamcoback/menu/service/MenuService.java | 7 +------ 3 files changed, 6 insertions(+), 8 deletions(-) diff --git a/src/main/java/com/kamco/cd/kamcoback/config/SecurityConfig.java b/src/main/java/com/kamco/cd/kamcoback/config/SecurityConfig.java index 8c7909d9..cde685e5 100644 --- a/src/main/java/com/kamco/cd/kamcoback/config/SecurityConfig.java +++ b/src/main/java/com/kamco/cd/kamcoback/config/SecurityConfig.java @@ -60,6 +60,10 @@ public class SecurityConfig { // ADMIN, REVIEWER 접근 .requestMatchers("/api/test/review") .hasAnyRole("ADMIN", "REVIEWER") + + // 메뉴 등록 ADMIN만 가능 + .requestMatchers(HttpMethod.POST, "/api/menu/auth") + .hasAnyRole("ADMIN") .requestMatchers("/error") .permitAll() .requestMatchers(HttpMethod.OPTIONS, "/**") diff --git a/src/main/java/com/kamco/cd/kamcoback/menu/MenuApiController.java b/src/main/java/com/kamco/cd/kamcoback/menu/MenuApiController.java index baff5190..93dd3dfe 100644 --- a/src/main/java/com/kamco/cd/kamcoback/menu/MenuApiController.java +++ b/src/main/java/com/kamco/cd/kamcoback/menu/MenuApiController.java @@ -12,7 +12,6 @@ import io.swagger.v3.oas.annotations.media.Schema; import io.swagger.v3.oas.annotations.responses.ApiResponse; import io.swagger.v3.oas.annotations.responses.ApiResponses; import io.swagger.v3.oas.annotations.tags.Tag; -import java.nio.file.AccessDeniedException; import java.util.LinkedHashMap; import java.util.List; import lombok.RequiredArgsConstructor; @@ -86,7 +85,7 @@ public class MenuApiController { @ApiResponse(responseCode = "500", description = "서버 오류", content = @Content) }) @PostMapping("/auth") - public ApiResponseDto getFindByRoleRedis() throws AccessDeniedException { + public ApiResponseDto getFindByRoleRedis() { menuService.getFindByRoleRedis(); return ApiResponseDto.createOK(null); } diff --git a/src/main/java/com/kamco/cd/kamcoback/menu/service/MenuService.java b/src/main/java/com/kamco/cd/kamcoback/menu/service/MenuService.java index be354c56..c817f0e3 100644 --- a/src/main/java/com/kamco/cd/kamcoback/menu/service/MenuService.java +++ b/src/main/java/com/kamco/cd/kamcoback/menu/service/MenuService.java @@ -7,7 +7,6 @@ import com.kamco.cd.kamcoback.common.enums.RoleType; import com.kamco.cd.kamcoback.common.utils.UserUtil; import com.kamco.cd.kamcoback.menu.dto.MenuDto; import com.kamco.cd.kamcoback.postgres.core.MenuCoreService; -import java.nio.file.AccessDeniedException; import java.util.ArrayList; import java.util.List; import lombok.RequiredArgsConstructor; @@ -34,11 +33,7 @@ public class MenuService { * * @return */ - public void getFindByRoleRedis() throws AccessDeniedException { - - if (!userUtil.getRole().equals(RoleType.ADMIN.getId())) { - throw new AccessDeniedException("권한을 확인해 주세요."); - } + public void getFindByRoleRedis() { for (RoleType role : RoleType.values()) { List menus = menuCoreService.getFindByRole(role.name());