메뉴 권한별 레디스저장 권한 조건 추가
This commit is contained in:
@@ -60,6 +60,10 @@ public class SecurityConfig {
|
|||||||
// ADMIN, REVIEWER 접근
|
// ADMIN, REVIEWER 접근
|
||||||
.requestMatchers("/api/test/review")
|
.requestMatchers("/api/test/review")
|
||||||
.hasAnyRole("ADMIN", "REVIEWER")
|
.hasAnyRole("ADMIN", "REVIEWER")
|
||||||
|
|
||||||
|
// 메뉴 등록 ADMIN만 가능
|
||||||
|
.requestMatchers(HttpMethod.POST, "/api/menu/auth")
|
||||||
|
.hasAnyRole("ADMIN")
|
||||||
.requestMatchers("/error")
|
.requestMatchers("/error")
|
||||||
.permitAll()
|
.permitAll()
|
||||||
.requestMatchers(HttpMethod.OPTIONS, "/**")
|
.requestMatchers(HttpMethod.OPTIONS, "/**")
|
||||||
|
|||||||
@@ -12,7 +12,6 @@ import io.swagger.v3.oas.annotations.media.Schema;
|
|||||||
import io.swagger.v3.oas.annotations.responses.ApiResponse;
|
import io.swagger.v3.oas.annotations.responses.ApiResponse;
|
||||||
import io.swagger.v3.oas.annotations.responses.ApiResponses;
|
import io.swagger.v3.oas.annotations.responses.ApiResponses;
|
||||||
import io.swagger.v3.oas.annotations.tags.Tag;
|
import io.swagger.v3.oas.annotations.tags.Tag;
|
||||||
import java.nio.file.AccessDeniedException;
|
|
||||||
import java.util.LinkedHashMap;
|
import java.util.LinkedHashMap;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import lombok.RequiredArgsConstructor;
|
import lombok.RequiredArgsConstructor;
|
||||||
@@ -86,7 +85,7 @@ public class MenuApiController {
|
|||||||
@ApiResponse(responseCode = "500", description = "서버 오류", content = @Content)
|
@ApiResponse(responseCode = "500", description = "서버 오류", content = @Content)
|
||||||
})
|
})
|
||||||
@PostMapping("/auth")
|
@PostMapping("/auth")
|
||||||
public ApiResponseDto<Void> getFindByRoleRedis() throws AccessDeniedException {
|
public ApiResponseDto<Void> getFindByRoleRedis() {
|
||||||
menuService.getFindByRoleRedis();
|
menuService.getFindByRoleRedis();
|
||||||
return ApiResponseDto.createOK(null);
|
return ApiResponseDto.createOK(null);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -7,7 +7,6 @@ import com.kamco.cd.kamcoback.common.enums.RoleType;
|
|||||||
import com.kamco.cd.kamcoback.common.utils.UserUtil;
|
import com.kamco.cd.kamcoback.common.utils.UserUtil;
|
||||||
import com.kamco.cd.kamcoback.menu.dto.MenuDto;
|
import com.kamco.cd.kamcoback.menu.dto.MenuDto;
|
||||||
import com.kamco.cd.kamcoback.postgres.core.MenuCoreService;
|
import com.kamco.cd.kamcoback.postgres.core.MenuCoreService;
|
||||||
import java.nio.file.AccessDeniedException;
|
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import lombok.RequiredArgsConstructor;
|
import lombok.RequiredArgsConstructor;
|
||||||
@@ -34,11 +33,7 @@ public class MenuService {
|
|||||||
*
|
*
|
||||||
* @return
|
* @return
|
||||||
*/
|
*/
|
||||||
public void getFindByRoleRedis() throws AccessDeniedException {
|
public void getFindByRoleRedis() {
|
||||||
|
|
||||||
if (!userUtil.getRole().equals(RoleType.ADMIN.getId())) {
|
|
||||||
throw new AccessDeniedException("권한을 확인해 주세요.");
|
|
||||||
}
|
|
||||||
|
|
||||||
for (RoleType role : RoleType.values()) {
|
for (RoleType role : RoleType.values()) {
|
||||||
List<MenuDto.Basic> menus = menuCoreService.getFindByRole(role.name());
|
List<MenuDto.Basic> menus = menuCoreService.getFindByRole(role.name());
|
||||||
|
|||||||
Reference in New Issue
Block a user