MVPTeam/test
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

권한 테스트 api 수정

Browse Source
This commit is contained in:
teddy
2025-12-12 10:02:08 +09:00
parent 79267e82d7
commit 970d08ba44
5 changed files with 74 additions and 59 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/main/java/com/kamco/cd/kamcoback/auth/CustomUserDetails.java
View File

@@ -2,8 +2,9 @@ package com.kamco.cd.kamcoback.auth;
import com.kamco.cd.kamcoback.postgres.entity.MemberEntity; import com.kamco.cd.kamcoback.postgres.entity.MemberEntity;
import java.util.Collection; import java.util.Collection;
import java.util.Collections; import java.util.List;
import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetails;
public class CustomUserDetails implements UserDetails { public class CustomUserDetails implements UserDetails {
@@ -16,7 +17,7 @@ public class CustomUserDetails implements UserDetails {
@Override @Override
public Collection<? extends GrantedAuthority> getAuthorities() { public Collection<? extends GrantedAuthority> getAuthorities() {
return Collections.emptyList(); return List.of(new SimpleGrantedAuthority("ROLE_" + member.getUserRole()));
} }
@Override @Override

6
src/main/java/com/kamco/cd/kamcoback/common/enums/RoleType.java
View File

@@ -7,9 +7,9 @@ import lombok.Getter;
@Getter @Getter
@AllArgsConstructor @AllArgsConstructor
public enum RoleType implements EnumType { public enum RoleType implements EnumType {
ROLE_ADMIN("관리자"), ADMIN("관리자"),
ROLE_LABELER("라벨러"), LABELER("라벨러"),
ROLE_REVIEWER("검수자"); REVIEWER("검수자");
private final String desc; private final String desc;

17
src/main/java/com/kamco/cd/kamcoback/config/SecurityConfig.java
View File

@@ -42,13 +42,26 @@ public class SecurityConfig {
customAuthenticationProvider) // 로그인 패스워드 비교방식 스프링 기본 Provider 사용안함 커스텀 사용 customAuthenticationProvider) // 로그인 패스워드 비교방식 스프링 기본 Provider 사용안함 커스텀 사용
.authorizeHttpRequests( .authorizeHttpRequests(
auth -> auth ->
auth.requestMatchers(HttpMethod.OPTIONS, "/**") auth
// ADMIN만 접근
.requestMatchers("/api/test/admin")
.hasRole("ADMIN")
// ADMIN, LABELER 접근
.requestMatchers("/api/test/label")
.hasAnyRole("ADMIN", "LABELER")
// ADMIN, REVIEWER 접근
.requestMatchers("/api/test/review")
.hasAnyRole("ADMIN", "REVIEWER")
.requestMatchers(HttpMethod.OPTIONS, "/**")
.permitAll() // preflight 허용 .permitAll() // preflight 허용
.requestMatchers( .requestMatchers(
"/api/auth/signin", "/api/auth/signin",
"/api/auth/refresh", "/api/auth/refresh",
"/swagger-ui/**", "/swagger-ui/**",
"/api/members/{memberId}/password", "/api/members/*/password",
"/v3/api-docs/**") "/v3/api-docs/**")
.permitAll() .permitAll()
.anyRequest() .anyRequest()

4
src/main/java/com/kamco/cd/kamcoback/members/dto/MembersDto.java
View File

@@ -88,7 +88,7 @@ public class MembersDto {
public static class SearchReq { public static class SearchReq {
@Schema( @Schema(
description = "전체, 관리자(ROLE_ADMIN), 라벨러(ROLE_LABELER), 검수자(ROLE_REVIEWER)", description = "전체, 관리자(ADMIN), 라벨러(LABELER), 검수자(REVIEWER)",
example = "") example = "")
private String userRole; private String userRole;
@@ -111,7 +111,7 @@ public class MembersDto {
@Setter @Setter
public static class AddReq { public static class AddReq {
@Schema(description = "관리자 유형", example = "ROLE_ADMIN") @Schema(description = "관리자 유형", example = "ADMIN")
@NotBlank @NotBlank
@Size(max = 50) @Size(max = 50)
private String userRole; private String userRole;

13
src/main/java/com/kamco/cd/kamcoback/test/TestApiController.java
View File

@@ -1,5 +1,6 @@
package com.kamco.cd.kamcoback.test; package com.kamco.cd.kamcoback.test;
import com.kamco.cd.kamcoback.config.api.ApiResponseDto;
import io.swagger.v3.oas.annotations.Operation; import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.media.Content; import io.swagger.v3.oas.annotations.media.Content;
import io.swagger.v3.oas.annotations.media.Schema; import io.swagger.v3.oas.annotations.media.Schema;
@@ -30,8 +31,8 @@ public class TestApiController {
content = @Content(schema = @Schema(implementation = ErrorResponse.class))) content = @Content(schema = @Schema(implementation = ErrorResponse.class)))
}) })
@GetMapping("/admin") @GetMapping("/admin")
public String admin() { public ApiResponseDto<String> admin() {
return "I am administrator"; return ApiResponseDto.ok("I am administrator");
} }
@Operation(summary = "label test", description = "label test api") @Operation(summary = "label test", description = "label test api")
@@ -46,8 +47,8 @@ public class TestApiController {
content = @Content(schema = @Schema(implementation = ErrorResponse.class))) content = @Content(schema = @Schema(implementation = ErrorResponse.class)))
}) })
@GetMapping("/label") @GetMapping("/label")
public String label() { public ApiResponseDto<String> label() {
return "Labeling is available."; return ApiResponseDto.ok("Labeling is available.");
} }
@Operation(summary = "review test", description = "review test api") @Operation(summary = "review test", description = "review test api")
@@ -62,7 +63,7 @@ public class TestApiController {
content = @Content(schema = @Schema(implementation = ErrorResponse.class))) content = @Content(schema = @Schema(implementation = ErrorResponse.class)))
}) })
@GetMapping("/review") @GetMapping("/review")
public String review() { public ApiResponseDto<String> review() {
return "Review is available."; return ApiResponseDto.ok("Review is available.");
} }
} }