메뉴 권한별 레디스저장 권한 조건 추가

2025-12-19 16:22:07 +09:00
parent 2760cabdd5
commit 7a585e70d7
3 changed files with 6 additions and 8 deletions
--- a/src/main/java/com/kamco/cd/kamcoback/config/SecurityConfig.java
+++ b/src/main/java/com/kamco/cd/kamcoback/config/SecurityConfig.java
@@ -60,6 +60,10 @@ public class SecurityConfig {
                    // ADMIN, REVIEWER 접근
                    .requestMatchers("/api/test/review")
                    .hasAnyRole("ADMIN", "REVIEWER")
+
+                    // 메뉴 등록 ADMIN만 가능
+                    .requestMatchers(HttpMethod.POST, "/api/menu/auth")
+                    .hasAnyRole("ADMIN")
                    .requestMatchers("/error")
                    .permitAll()
                    .requestMatchers(HttpMethod.OPTIONS, "/**")
--- a/src/main/java/com/kamco/cd/kamcoback/menu/MenuApiController.java
+++ b/src/main/java/com/kamco/cd/kamcoback/menu/MenuApiController.java
@@ -12,7 +12,6 @@ import io.swagger.v3.oas.annotations.media.Schema;
 import io.swagger.v3.oas.annotations.responses.ApiResponse;
 import io.swagger.v3.oas.annotations.responses.ApiResponses;
 import io.swagger.v3.oas.annotations.tags.Tag;
-import java.nio.file.AccessDeniedException;
 import java.util.LinkedHashMap;
 import java.util.List;
 import lombok.RequiredArgsConstructor;
@@ -86,7 +85,7 @@ public class MenuApiController {
        @ApiResponse(responseCode = "500", description = "서버 오류", content = @Content)
      })
  @PostMapping("/auth")
-  public ApiResponseDto<Void> getFindByRoleRedis() throws AccessDeniedException {
+  public ApiResponseDto<Void> getFindByRoleRedis() {
    menuService.getFindByRoleRedis();
    return ApiResponseDto.createOK(null);
  }
--- a/src/main/java/com/kamco/cd/kamcoback/menu/service/MenuService.java
+++ b/src/main/java/com/kamco/cd/kamcoback/menu/service/MenuService.java
@@ -7,7 +7,6 @@ import com.kamco.cd.kamcoback.common.enums.RoleType;
 import com.kamco.cd.kamcoback.common.utils.UserUtil;
 import com.kamco.cd.kamcoback.menu.dto.MenuDto;
 import com.kamco.cd.kamcoback.postgres.core.MenuCoreService;
-import java.nio.file.AccessDeniedException;
 import java.util.ArrayList;
 import java.util.List;
 import lombok.RequiredArgsConstructor;
@@ -34,11 +33,7 @@ public class MenuService {
   *
   * @return
   */
-  public void getFindByRoleRedis() throws AccessDeniedException {
-
-    if (!userUtil.getRole().equals(RoleType.ADMIN.getId())) {
-      throw new AccessDeniedException("권한을 확인해 주세요.");
-    }
+  public void getFindByRoleRedis() {

    for (RoleType role : RoleType.values()) {
      List<MenuDto.Basic> menus = menuCoreService.getFindByRole(role.name());