diff --git a/src/main/java/com/kamco/cd/kamcoback/auth/CustomUserDetails.java b/src/main/java/com/kamco/cd/kamcoback/auth/CustomUserDetails.java index 8efb073a..54802e13 100644 --- a/src/main/java/com/kamco/cd/kamcoback/auth/CustomUserDetails.java +++ b/src/main/java/com/kamco/cd/kamcoback/auth/CustomUserDetails.java @@ -2,8 +2,9 @@ package com.kamco.cd.kamcoback.auth; import com.kamco.cd.kamcoback.postgres.entity.MemberEntity; import java.util.Collection; -import java.util.Collections; +import java.util.List; import org.springframework.security.core.GrantedAuthority; +import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.userdetails.UserDetails; public class CustomUserDetails implements UserDetails { @@ -16,7 +17,7 @@ public class CustomUserDetails implements UserDetails { @Override public Collection getAuthorities() { - return Collections.emptyList(); + return List.of(new SimpleGrantedAuthority("ROLE_" + member.getUserRole())); } @Override diff --git a/src/main/java/com/kamco/cd/kamcoback/common/enums/RoleType.java b/src/main/java/com/kamco/cd/kamcoback/common/enums/RoleType.java index d1945c7e..1aeb0269 100644 --- a/src/main/java/com/kamco/cd/kamcoback/common/enums/RoleType.java +++ b/src/main/java/com/kamco/cd/kamcoback/common/enums/RoleType.java @@ -7,9 +7,9 @@ import lombok.Getter; @Getter @AllArgsConstructor public enum RoleType implements EnumType { - ROLE_ADMIN("관리자"), - ROLE_LABELER("라벨러"), - ROLE_REVIEWER("검수자"); + ADMIN("관리자"), + LABELER("라벨러"), + REVIEWER("검수자"); private final String desc; @@ -22,13 +22,4 @@ public enum RoleType implements EnumType { public String getText() { return desc; } - - public static RoleType from(String value) { - for (RoleType type : values()) { - if (type.name().equalsIgnoreCase(value)) { - return type; - } - } - return null; - } } diff --git a/src/main/java/com/kamco/cd/kamcoback/common/utils/Enums.java b/src/main/java/com/kamco/cd/kamcoback/common/utils/Enums.java new file mode 100644 index 00000000..98c4c727 --- /dev/null +++ b/src/main/java/com/kamco/cd/kamcoback/common/utils/Enums.java @@ -0,0 +1,19 @@ +package com.kamco.cd.kamcoback.common.utils; + +import com.kamco.cd.kamcoback.config.enums.EnumType; + +public class Enums { + + // code로 text + public static & EnumType> E fromId(Class enumClass, String id) { + if (id == null) { + return null; + } + for (E e : enumClass.getEnumConstants()) { + if (id.equalsIgnoreCase(e.getId())) { + return e; + } + } + return null; // 못 찾으면 null + } +} diff --git a/src/main/java/com/kamco/cd/kamcoback/config/GlobalExceptionHandler.java b/src/main/java/com/kamco/cd/kamcoback/config/GlobalExceptionHandler.java index a30842d5..bc7cdb74 100644 --- a/src/main/java/com/kamco/cd/kamcoback/config/GlobalExceptionHandler.java +++ b/src/main/java/com/kamco/cd/kamcoback/config/GlobalExceptionHandler.java @@ -168,12 +168,12 @@ public class GlobalExceptionHandler { errorLog.getId()); } - @ResponseStatus(HttpStatus.UNAUTHORIZED) + @ResponseStatus(HttpStatus.FORBIDDEN) @ExceptionHandler(AccessDeniedException.class) public ApiResponseDto handlerAccessDeniedException( AccessDeniedException e, HttpServletRequest request) { log.warn("[AccessDeniedException] resource :{} ", e.getMessage()); - String codeName = "UNAUTHORIZED"; + String codeName = "FORBIDDEN"; ErrorLogEntity errorLog = saveErrorLogData( request, diff --git a/src/main/java/com/kamco/cd/kamcoback/config/SecurityConfig.java b/src/main/java/com/kamco/cd/kamcoback/config/SecurityConfig.java index 2fecb1cd..eca8fcf7 100644 --- a/src/main/java/com/kamco/cd/kamcoback/config/SecurityConfig.java +++ b/src/main/java/com/kamco/cd/kamcoback/config/SecurityConfig.java @@ -42,13 +42,25 @@ public class SecurityConfig { customAuthenticationProvider) // 로그인 패스워드 비교방식 스프링 기본 Provider 사용안함 커스텀 사용 .authorizeHttpRequests( auth -> - auth.requestMatchers(HttpMethod.OPTIONS, "/**") + auth + // ADMIN만 접근 + .requestMatchers("/api/test/admin") + .hasRole("ADMIN") + + // ADMIN, LABELER 접근 + .requestMatchers("/api/test/label") + .hasAnyRole("ADMIN", "LABELER") + + // ADMIN, REVIEWER 접근 + .requestMatchers("/api/test/review") + .hasAnyRole("ADMIN", "REVIEWER") + .requestMatchers(HttpMethod.OPTIONS, "/**") .permitAll() // preflight 허용 .requestMatchers( "/api/auth/signin", "/api/auth/refresh", "/swagger-ui/**", - "/api/members/{memberId}/password", + "/api/members/*/password", "/v3/api-docs/**") .permitAll() .anyRequest() diff --git a/src/main/java/com/kamco/cd/kamcoback/config/enums/EnumType.java b/src/main/java/com/kamco/cd/kamcoback/config/enums/EnumType.java index 1be49253..274bfe72 100644 --- a/src/main/java/com/kamco/cd/kamcoback/config/enums/EnumType.java +++ b/src/main/java/com/kamco/cd/kamcoback/config/enums/EnumType.java @@ -5,17 +5,4 @@ public interface EnumType { String getId(); String getText(); - - // code로 text - static & EnumType> E fromId(Class enumClass, String id) { - if (id == null) { - return null; - } - for (E e : enumClass.getEnumConstants()) { - if (id.equalsIgnoreCase(e.getId())) { - return e; - } - } - return null; // 못 찾으면 null - } } diff --git a/src/main/java/com/kamco/cd/kamcoback/mapsheet/dto/MapSheetMngDto.java b/src/main/java/com/kamco/cd/kamcoback/mapsheet/dto/MapSheetMngDto.java index 98b4923c..aaf6594a 100644 --- a/src/main/java/com/kamco/cd/kamcoback/mapsheet/dto/MapSheetMngDto.java +++ b/src/main/java/com/kamco/cd/kamcoback/mapsheet/dto/MapSheetMngDto.java @@ -98,7 +98,6 @@ public class MapSheetMngDto { @JsonFormatDttm private ZonedDateTime rgstEndDttm; } - @Schema(name = "DmlReturn", description = "영상관리 DML 수행 후 리턴") @Getter @Setter diff --git a/src/main/java/com/kamco/cd/kamcoback/members/dto/MembersDto.java b/src/main/java/com/kamco/cd/kamcoback/members/dto/MembersDto.java index 7f6fe46c..f0de1810 100644 --- a/src/main/java/com/kamco/cd/kamcoback/members/dto/MembersDto.java +++ b/src/main/java/com/kamco/cd/kamcoback/members/dto/MembersDto.java @@ -2,8 +2,9 @@ package com.kamco.cd.kamcoback.members.dto; import com.kamco.cd.kamcoback.common.enums.RoleType; import com.kamco.cd.kamcoback.common.enums.StatusType; +import com.kamco.cd.kamcoback.common.utils.Enums; +import com.kamco.cd.kamcoback.common.utils.interfaces.EnumValid; import com.kamco.cd.kamcoback.common.utils.interfaces.JsonFormatDttm; -import com.kamco.cd.kamcoback.config.enums.EnumType; import io.swagger.v3.oas.annotations.media.Schema; import jakarta.validation.constraints.NotBlank; import jakarta.validation.constraints.Size; @@ -67,12 +68,12 @@ public class MembersDto { } private String getUserRoleName(String roleId) { - RoleType type = EnumType.fromId(RoleType.class, roleId); + RoleType type = Enums.fromId(RoleType.class, roleId); return type.getText(); } private String getStatusName(String status) { - StatusType type = EnumType.fromId(StatusType.class, status); + StatusType type = Enums.fromId(StatusType.class, status); return type.getText(); } } @@ -83,9 +84,7 @@ public class MembersDto { @AllArgsConstructor public static class SearchReq { - @Schema( - description = "전체, 관리자(ROLE_ADMIN), 라벨러(ROLE_LABELER), 검수자(ROLE_REVIEWER)", - example = "") + @Schema(description = "전체, 관리자(ADMIN), 라벨러(LABELER), 검수자(REVIEWER)", example = "") private String userRole; @Schema(description = "키워드", example = "홍길동") @@ -107,9 +106,9 @@ public class MembersDto { @Setter public static class AddReq { - @Schema(description = "관리자 유형", example = "ROLE_ADMIN") + @Schema(description = "관리자 유형", example = "ADMIN") @NotBlank - @Size(max = 50) + @EnumValid(enumClass = RoleType.class, message = "userRole은 ADMIN, LABELER, REVIEWER만 가능합니다.") private String userRole; @Schema(description = "이름", example = "홍길동") diff --git a/src/main/java/com/kamco/cd/kamcoback/test/TestApiController.java b/src/main/java/com/kamco/cd/kamcoback/test/TestApiController.java index ca2dfe53..672bc5f1 100644 --- a/src/main/java/com/kamco/cd/kamcoback/test/TestApiController.java +++ b/src/main/java/com/kamco/cd/kamcoback/test/TestApiController.java @@ -1,5 +1,6 @@ package com.kamco.cd.kamcoback.test; +import com.kamco.cd.kamcoback.config.api.ApiResponseDto; import io.swagger.v3.oas.annotations.Operation; import io.swagger.v3.oas.annotations.media.Content; import io.swagger.v3.oas.annotations.media.Schema; @@ -30,8 +31,8 @@ public class TestApiController { content = @Content(schema = @Schema(implementation = ErrorResponse.class))) }) @GetMapping("/admin") - public String admin() { - return "I am administrator"; + public ApiResponseDto admin() { + return ApiResponseDto.ok("I am administrator"); } @Operation(summary = "label test", description = "label test api") @@ -46,8 +47,8 @@ public class TestApiController { content = @Content(schema = @Schema(implementation = ErrorResponse.class))) }) @GetMapping("/label") - public String label() { - return "Labeling is available."; + public ApiResponseDto label() { + return ApiResponseDto.ok("Labeling is available."); } @Operation(summary = "review test", description = "review test api") @@ -62,7 +63,7 @@ public class TestApiController { content = @Content(schema = @Schema(implementation = ErrorResponse.class))) }) @GetMapping("/review") - public String review() { - return "Review is available."; + public ApiResponseDto review() { + return ApiResponseDto.ok("Review is available."); } }