From 00afc93c4f4becb051f0ecdf88652c8e90696995 Mon Sep 17 00:00:00 2001 From: teddy Date: Thu, 11 Dec 2025 17:23:34 +0900 Subject: [PATCH 1/7] =?UTF-8?q?AccessDeniedException=20401=20->=20403=20?= =?UTF-8?q?=EC=9C=BC=EB=A1=9C=20=EB=B3=80=EA=B2=BD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../config/GlobalExceptionHandler.java | 390 +++++++++--------- 1 file changed, 195 insertions(+), 195 deletions(-) diff --git a/src/main/java/com/kamco/cd/kamcoback/config/GlobalExceptionHandler.java b/src/main/java/com/kamco/cd/kamcoback/config/GlobalExceptionHandler.java index a30842d5..409e8ca4 100644 --- a/src/main/java/com/kamco/cd/kamcoback/config/GlobalExceptionHandler.java +++ b/src/main/java/com/kamco/cd/kamcoback/config/GlobalExceptionHandler.java @@ -45,197 +45,197 @@ public class GlobalExceptionHandler { @ResponseStatus(HttpStatus.UNPROCESSABLE_ENTITY) @ExceptionHandler(EntityNotFoundException.class) public ApiResponseDto handlerEntityNotFoundException( - EntityNotFoundException e, HttpServletRequest request) { + EntityNotFoundException e, HttpServletRequest request) { log.warn("[EntityNotFoundException] resource :{} ", e.getMessage()); String codeName = "NOT_FOUND_DATA"; ErrorLogEntity errorLog = - saveErrorLogData( - request, - ApiResponseCode.getCode(codeName), - HttpStatus.valueOf("UNPROCESSABLE_ENTITY"), - ErrorLogDto.LogErrorLevel.WARNING, - e.getStackTrace()); + saveErrorLogData( + request, + ApiResponseCode.getCode(codeName), + HttpStatus.valueOf("UNPROCESSABLE_ENTITY"), + ErrorLogDto.LogErrorLevel.WARNING, + e.getStackTrace()); return ApiResponseDto.createException( - ApiResponseCode.getCode(codeName), - ApiResponseCode.getMessage(codeName), - HttpStatus.valueOf("UNPROCESSABLE_ENTITY"), - errorLog.getId()); + ApiResponseCode.getCode(codeName), + ApiResponseCode.getMessage(codeName), + HttpStatus.valueOf("UNPROCESSABLE_ENTITY"), + errorLog.getId()); } @ResponseStatus(HttpStatus.BAD_REQUEST) @ExceptionHandler(HttpMessageNotReadableException.class) public ApiResponseDto handleUnreadable( - HttpMessageNotReadableException e, HttpServletRequest request) { + HttpMessageNotReadableException e, HttpServletRequest request) { log.warn("[HttpMessageNotReadableException] resource :{} ", e.getMessage()); String codeName = "BAD_REQUEST"; ErrorLogEntity errorLog = - saveErrorLogData( - request, - ApiResponseCode.getCode(codeName), - HttpStatus.valueOf(codeName), - ErrorLogDto.LogErrorLevel.WARNING, - e.getStackTrace()); + saveErrorLogData( + request, + ApiResponseCode.getCode(codeName), + HttpStatus.valueOf(codeName), + ErrorLogDto.LogErrorLevel.WARNING, + e.getStackTrace()); return ApiResponseDto.createException( - ApiResponseCode.getCode(codeName), - ApiResponseCode.getMessage(codeName), - HttpStatus.valueOf(codeName), - errorLog.getId()); + ApiResponseCode.getCode(codeName), + ApiResponseCode.getMessage(codeName), + HttpStatus.valueOf(codeName), + errorLog.getId()); } @ResponseStatus(HttpStatus.NOT_FOUND) @ExceptionHandler(NoSuchElementException.class) public ApiResponseDto handlerNoSuchElementException( - NoSuchElementException e, HttpServletRequest request) { + NoSuchElementException e, HttpServletRequest request) { log.warn("[NoSuchElementException] resource :{} ", e.getMessage()); String codeName = "NOT_FOUND_DATA"; ErrorLogEntity errorLog = - saveErrorLogData( - request, - ApiResponseCode.getCode(codeName), - HttpStatus.valueOf(codeName), - ErrorLogDto.LogErrorLevel.WARNING, - e.getStackTrace()); + saveErrorLogData( + request, + ApiResponseCode.getCode(codeName), + HttpStatus.valueOf(codeName), + ErrorLogDto.LogErrorLevel.WARNING, + e.getStackTrace()); return ApiResponseDto.createException( - ApiResponseCode.getCode(codeName), - ApiResponseCode.getMessage(codeName), - HttpStatus.valueOf("NOT_FOUND"), - errorLog.getId()); + ApiResponseCode.getCode(codeName), + ApiResponseCode.getMessage(codeName), + HttpStatus.valueOf("NOT_FOUND"), + errorLog.getId()); } @ResponseStatus(HttpStatus.BAD_REQUEST) @ExceptionHandler(IllegalArgumentException.class) public ApiResponseDto handlerIllegalArgumentException( - IllegalArgumentException e, HttpServletRequest request) { + IllegalArgumentException e, HttpServletRequest request) { log.warn("[handlerIllegalArgumentException] resource :{} ", e.getMessage()); String codeName = "BAD_REQUEST"; ErrorLogEntity errorLog = - saveErrorLogData( - request, - ApiResponseCode.getCode(codeName), - HttpStatus.valueOf(codeName), - ErrorLogDto.LogErrorLevel.WARNING, - e.getStackTrace()); + saveErrorLogData( + request, + ApiResponseCode.getCode(codeName), + HttpStatus.valueOf(codeName), + ErrorLogDto.LogErrorLevel.WARNING, + e.getStackTrace()); return ApiResponseDto.createException( - ApiResponseCode.getCode(codeName), - ApiResponseCode.getMessage(codeName), - HttpStatus.valueOf(codeName), - errorLog.getId()); + ApiResponseCode.getCode(codeName), + ApiResponseCode.getMessage(codeName), + HttpStatus.valueOf(codeName), + errorLog.getId()); } @ResponseStatus(HttpStatus.UNPROCESSABLE_ENTITY) @ExceptionHandler(DataIntegrityViolationException.class) public ApiResponseDto handlerDataIntegrityViolationException( - DataIntegrityViolationException e, HttpServletRequest request) { + DataIntegrityViolationException e, HttpServletRequest request) { log.warn("[DataIntegrityViolationException] resource :{} ", e.getMessage()); String codeName = "DATA_INTEGRITY_ERROR"; ErrorLogEntity errorLog = - saveErrorLogData( - request, - ApiResponseCode.getCode(codeName), - HttpStatus.valueOf("UNPROCESSABLE_ENTITY"), - ErrorLogDto.LogErrorLevel.CRITICAL, - e.getStackTrace()); + saveErrorLogData( + request, + ApiResponseCode.getCode(codeName), + HttpStatus.valueOf("UNPROCESSABLE_ENTITY"), + ErrorLogDto.LogErrorLevel.CRITICAL, + e.getStackTrace()); return ApiResponseDto.createException( - ApiResponseCode.getCode(codeName), - ApiResponseCode.getMessage(codeName), - HttpStatus.valueOf("UNPROCESSABLE_ENTITY"), - errorLog.getId()); + ApiResponseCode.getCode(codeName), + ApiResponseCode.getMessage(codeName), + HttpStatus.valueOf("UNPROCESSABLE_ENTITY"), + errorLog.getId()); } @ResponseStatus(HttpStatus.BAD_REQUEST) @ExceptionHandler(MethodArgumentNotValidException.class) public ApiResponseDto handlerMethodArgumentNotValidException( - MethodArgumentNotValidException e, HttpServletRequest request) { + MethodArgumentNotValidException e, HttpServletRequest request) { log.warn("[MethodArgumentNotValidException] resource :{} ", e.getMessage()); String codeName = "BAD_REQUEST"; ErrorLogEntity errorLog = - saveErrorLogData( - request, - ApiResponseCode.getCode(codeName), - HttpStatus.valueOf(codeName), - ErrorLogDto.LogErrorLevel.WARNING, - e.getStackTrace()); + saveErrorLogData( + request, + ApiResponseCode.getCode(codeName), + HttpStatus.valueOf(codeName), + ErrorLogDto.LogErrorLevel.WARNING, + e.getStackTrace()); return ApiResponseDto.createException( - ApiResponseCode.getCode(codeName), - ApiResponseCode.getMessage(codeName), - HttpStatus.valueOf(codeName), - errorLog.getId()); + ApiResponseCode.getCode(codeName), + ApiResponseCode.getMessage(codeName), + HttpStatus.valueOf(codeName), + errorLog.getId()); } - @ResponseStatus(HttpStatus.UNAUTHORIZED) + @ResponseStatus(HttpStatus.FORBIDDEN) @ExceptionHandler(AccessDeniedException.class) public ApiResponseDto handlerAccessDeniedException( - AccessDeniedException e, HttpServletRequest request) { + AccessDeniedException e, HttpServletRequest request) { log.warn("[AccessDeniedException] resource :{} ", e.getMessage()); - String codeName = "UNAUTHORIZED"; + String codeName = "FORBIDDEN"; ErrorLogEntity errorLog = - saveErrorLogData( - request, - ApiResponseCode.getCode(codeName), - HttpStatus.valueOf(codeName), - ErrorLogDto.LogErrorLevel.ERROR, - e.getStackTrace()); + saveErrorLogData( + request, + ApiResponseCode.getCode(codeName), + HttpStatus.valueOf(codeName), + ErrorLogDto.LogErrorLevel.ERROR, + e.getStackTrace()); return ApiResponseDto.createException( - ApiResponseCode.getCode(codeName), - ApiResponseCode.getMessage(codeName), - HttpStatus.valueOf(codeName), - errorLog.getId()); + ApiResponseCode.getCode(codeName), + ApiResponseCode.getMessage(codeName), + HttpStatus.valueOf(codeName), + errorLog.getId()); } @ResponseStatus(HttpStatus.BAD_GATEWAY) @ExceptionHandler(HttpServerErrorException.BadGateway.class) public ApiResponseDto handlerHttpServerErrorException( - HttpServerErrorException e, HttpServletRequest request) { + HttpServerErrorException e, HttpServletRequest request) { log.warn("[HttpServerErrorException] resource :{} ", e.getMessage()); String codeName = "BAD_GATEWAY"; ErrorLogEntity errorLog = - saveErrorLogData( - request, - ApiResponseCode.getCode(codeName), - HttpStatus.valueOf(codeName), - ErrorLogDto.LogErrorLevel.CRITICAL, - e.getStackTrace()); + saveErrorLogData( + request, + ApiResponseCode.getCode(codeName), + HttpStatus.valueOf(codeName), + ErrorLogDto.LogErrorLevel.CRITICAL, + e.getStackTrace()); return ApiResponseDto.createException( - ApiResponseCode.getCode(codeName), - ApiResponseCode.getMessage(codeName), - HttpStatus.valueOf(codeName), - errorLog.getId()); + ApiResponseCode.getCode(codeName), + ApiResponseCode.getMessage(codeName), + HttpStatus.valueOf(codeName), + errorLog.getId()); } @ResponseStatus(HttpStatus.UNPROCESSABLE_ENTITY) @ExceptionHandler(IllegalStateException.class) public ApiResponseDto handlerIllegalStateException( - IllegalStateException e, HttpServletRequest request) { + IllegalStateException e, HttpServletRequest request) { log.warn("[IllegalStateException] resource :{} ", e.getMessage()); String codeName = "UNPROCESSABLE_ENTITY"; ErrorLogEntity errorLog = - saveErrorLogData( - request, - ApiResponseCode.getCode(codeName), - HttpStatus.valueOf(codeName), - ErrorLogDto.LogErrorLevel.WARNING, - e.getStackTrace()); + saveErrorLogData( + request, + ApiResponseCode.getCode(codeName), + HttpStatus.valueOf(codeName), + ErrorLogDto.LogErrorLevel.WARNING, + e.getStackTrace()); return ApiResponseDto.createException( - ApiResponseCode.getCode(codeName), - ApiResponseCode.getMessage(codeName), - HttpStatus.valueOf(codeName), - errorLog.getId()); + ApiResponseCode.getCode(codeName), + ApiResponseCode.getMessage(codeName), + HttpStatus.valueOf(codeName), + errorLog.getId()); } @ResponseStatus(HttpStatus.BAD_REQUEST) @ExceptionHandler(MemberException.DuplicateMemberException.class) public ApiResponseDto handlerDuplicateMemberException( - MemberException.DuplicateMemberException e, HttpServletRequest request) { + MemberException.DuplicateMemberException e, HttpServletRequest request) { log.warn("[DuplicateMemberException] resource :{} ", e.getMessage()); String codeName = ""; @@ -250,112 +250,112 @@ public class GlobalExceptionHandler { } ErrorLogEntity errorLog = - saveErrorLogData( - request, - ApiResponseCode.getCode(codeName), - HttpStatus.valueOf("BAD_REQUEST"), - ErrorLogDto.LogErrorLevel.WARNING, - e.getStackTrace()); + saveErrorLogData( + request, + ApiResponseCode.getCode(codeName), + HttpStatus.valueOf("BAD_REQUEST"), + ErrorLogDto.LogErrorLevel.WARNING, + e.getStackTrace()); return ApiResponseDto.createException( - ApiResponseCode.getCode(codeName), - ApiResponseCode.getMessage(codeName), - HttpStatus.valueOf("BAD_REQUEST"), - errorLog.getId()); + ApiResponseCode.getCode(codeName), + ApiResponseCode.getMessage(codeName), + HttpStatus.valueOf("BAD_REQUEST"), + errorLog.getId()); } @ResponseStatus(HttpStatus.BAD_REQUEST) @ExceptionHandler(MemberException.MemberNotFoundException.class) public ApiResponseDto handlerMemberNotFoundException( - MemberException.MemberNotFoundException e, HttpServletRequest request) { + MemberException.MemberNotFoundException e, HttpServletRequest request) { log.warn("[MemberNotFoundException] resource :{} ", e.getMessage()); String codeName = "NOT_FOUND_USER"; ErrorLogEntity errorLog = - saveErrorLogData( - request, - ApiResponseCode.getCode(codeName), - HttpStatus.valueOf("BAD_REQUEST"), - ErrorLogDto.LogErrorLevel.WARNING, - e.getStackTrace()); + saveErrorLogData( + request, + ApiResponseCode.getCode(codeName), + HttpStatus.valueOf("BAD_REQUEST"), + ErrorLogDto.LogErrorLevel.WARNING, + e.getStackTrace()); return ApiResponseDto.createException( - ApiResponseCode.getCode(codeName), - ApiResponseCode.getMessage(codeName), - HttpStatus.valueOf("BAD_REQUEST"), - errorLog.getId()); + ApiResponseCode.getCode(codeName), + ApiResponseCode.getMessage(codeName), + HttpStatus.valueOf("BAD_REQUEST"), + errorLog.getId()); } @ResponseStatus(HttpStatus.CONFLICT) @ExceptionHandler(DuplicateKeyException.class) public ApiResponseDto handlerDuplicateKeyException( - DuplicateKeyException e, HttpServletRequest request) { + DuplicateKeyException e, HttpServletRequest request) { log.warn("[DuplicateKeyException] resource :{} ", e.getMessage()); String codeName = "DUPLICATE_DATA"; ErrorLogEntity errorLog = - saveErrorLogData( - request, - ApiResponseCode.getCode(codeName), - HttpStatus.valueOf("CONFLICT"), - ErrorLogDto.LogErrorLevel.WARNING, - e.getStackTrace()); + saveErrorLogData( + request, + ApiResponseCode.getCode(codeName), + HttpStatus.valueOf("CONFLICT"), + ErrorLogDto.LogErrorLevel.WARNING, + e.getStackTrace()); return ApiResponseDto.createException( - ApiResponseCode.getCode(codeName), - ApiResponseCode.getMessage(codeName), - HttpStatus.valueOf("CONFLICT"), - errorLog.getId()); + ApiResponseCode.getCode(codeName), + ApiResponseCode.getMessage(codeName), + HttpStatus.valueOf("CONFLICT"), + errorLog.getId()); } @ExceptionHandler(BadCredentialsException.class) public ResponseEntity> handleBadCredentials( - BadCredentialsException e, HttpServletRequest request) { + BadCredentialsException e, HttpServletRequest request) { log.warn("[BadCredentialsException] resource : {} ", e.getMessage()); String codeName = "UNAUTHORIZED"; ErrorLogEntity errorLog = - saveErrorLogData( - request, - ApiResponseCode.getCode(codeName), - HttpStatus.valueOf(codeName), - ErrorLogDto.LogErrorLevel.WARNING, - e.getStackTrace()); + saveErrorLogData( + request, + ApiResponseCode.getCode(codeName), + HttpStatus.valueOf(codeName), + ErrorLogDto.LogErrorLevel.WARNING, + e.getStackTrace()); ApiResponseDto body = - ApiResponseDto.createException( - ApiResponseCode.getCode(codeName), - ApiResponseCode.getMessage(codeName), - HttpStatus.valueOf(codeName), - errorLog.getId()); + ApiResponseDto.createException( + ApiResponseCode.getCode(codeName), + ApiResponseCode.getMessage(codeName), + HttpStatus.valueOf(codeName), + errorLog.getId()); return ResponseEntity.status(HttpStatus.UNAUTHORIZED) // ๐Ÿ”ฅ ์—ฌ๊ธฐ์„œ 401 ์ง€์ • - .body(body); + .body(body); } @ResponseStatus(HttpStatus.INTERNAL_SERVER_ERROR) @ExceptionHandler(RuntimeException.class) public ApiResponseDto handlerRuntimeException( - RuntimeException e, HttpServletRequest request) { + RuntimeException e, HttpServletRequest request) { log.warn("[RuntimeException] resource :{} ", e.getMessage()); String codeName = "INTERNAL_SERVER_ERROR"; ErrorLogEntity errorLog = - saveErrorLogData( - request, - ApiResponseCode.getCode(codeName), - HttpStatus.valueOf(codeName), - ErrorLogDto.LogErrorLevel.CRITICAL, - e.getStackTrace()); + saveErrorLogData( + request, + ApiResponseCode.getCode(codeName), + HttpStatus.valueOf(codeName), + ErrorLogDto.LogErrorLevel.CRITICAL, + e.getStackTrace()); return ApiResponseDto.createException( - ApiResponseCode.getCode(codeName), - ApiResponseCode.getMessage(codeName), - HttpStatus.valueOf(codeName), - errorLog.getId()); + ApiResponseCode.getCode(codeName), + ApiResponseCode.getMessage(codeName), + HttpStatus.valueOf(codeName), + errorLog.getId()); } @ResponseStatus(HttpStatus.INTERNAL_SERVER_ERROR) @@ -365,36 +365,36 @@ public class GlobalExceptionHandler { String codeName = "INTERNAL_SERVER_ERROR"; ErrorLogEntity errorLog = - saveErrorLogData( - request, - ApiResponseCode.getCode(codeName), - HttpStatus.valueOf(codeName), - ErrorLogDto.LogErrorLevel.CRITICAL, - e.getStackTrace()); + saveErrorLogData( + request, + ApiResponseCode.getCode(codeName), + HttpStatus.valueOf(codeName), + ErrorLogDto.LogErrorLevel.CRITICAL, + e.getStackTrace()); return ApiResponseDto.createException( - ApiResponseCode.getCode(codeName), - ApiResponseCode.getMessage(codeName), - HttpStatus.valueOf(codeName), - errorLog.getId()); + ApiResponseCode.getCode(codeName), + ApiResponseCode.getMessage(codeName), + HttpStatus.valueOf(codeName), + errorLog.getId()); } /** * ์—๋Ÿฌ ๋กœ๊ทธ ํ…Œ์ด๋ธ” ์ €์žฅ ๋กœ์ง * - * @param request : request - * @param errorCode : ์ •์˜๋œ enum errorCode - * @param httpStatus : HttpStatus ๊ฐ’ + * @param request : request + * @param errorCode : ์ •์˜๋œ enum errorCode + * @param httpStatus : HttpStatus ๊ฐ’ * @param logErrorLevel : WARNING, ERROR, CRITICAL - * @param stackTrace : ์—๋Ÿฌ ๋‚ด์šฉ + * @param stackTrace : ์—๋Ÿฌ ๋‚ด์šฉ * @return : insertํ•˜๊ณ  ๊ฒฐ๊ณผ๋กœ ๋ฐ›์€ Entity */ private ErrorLogEntity saveErrorLogData( - HttpServletRequest request, - ApiResponseCode errorCode, - HttpStatus httpStatus, - ErrorLogDto.LogErrorLevel logErrorLevel, - StackTraceElement[] stackTrace) { + HttpServletRequest request, + ApiResponseCode errorCode, + HttpStatus httpStatus, + ErrorLogDto.LogErrorLevel logErrorLevel, + StackTraceElement[] stackTrace) { Long userid = null; @@ -408,35 +408,35 @@ public class GlobalExceptionHandler { * ๋งŒ๋“  CustomUserDetails ํƒ€์ž…์ธ๊ฐ€? ์ฒดํฌ */ if (request.getUserPrincipal() instanceof UsernamePasswordAuthenticationToken auth - && auth.getPrincipal() instanceof CustomUserDetails customUserDetails) { + && auth.getPrincipal() instanceof CustomUserDetails customUserDetails) { // audit ์—๋Š” long ํƒ€์ž… user_id๊ฐ€ ๋“ค์–ด๊ฐ€์ง€๋งŒ ํ† ํฐ sub์€ uuid์—ฌ์„œ user_id ๊ฐ€์ ธ์˜ค๊ธฐ userid = customUserDetails.getMember().getId(); } String stackTraceStr = - Arrays.stream(stackTrace) - .map(StackTraceElement::toString) - .collect(Collectors.joining("\n")) - .substring(0, Math.min(stackTrace.length, 255)); + Arrays.stream(stackTrace) + .map(StackTraceElement::toString) + .collect(Collectors.joining("\n")) + .substring(0, Math.min(stackTrace.length, 255)); ErrorLogEntity errorLogEntity = - new ErrorLogEntity( - request.getRequestURI(), - ApiLogFunction.getEventType(request), - logErrorLevel, - String.valueOf(httpStatus.value()), - errorCode.getText(), - stackTraceStr, - userid, - ZonedDateTime.now()); + new ErrorLogEntity( + request.getRequestURI(), + ApiLogFunction.getEventType(request), + logErrorLevel, + String.valueOf(httpStatus.value()), + errorCode.getText(), + stackTraceStr, + userid, + ZonedDateTime.now()); return errorLogRepository.save(errorLogEntity); } @ExceptionHandler(CustomApiException.class) public ResponseEntity> handleCustomApiException( - CustomApiException e, HttpServletRequest request) { + CustomApiException e, HttpServletRequest request) { log.warn("[CustomApiException] resource : {}", e.getMessage()); String codeName = e.getCodeName(); @@ -446,11 +446,11 @@ public class GlobalExceptionHandler { ApiResponseCode apiCode = ApiResponseCode.getCode(codeName); ErrorLogEntity errorLog = - saveErrorLogData( - request, apiCode, status, ErrorLogDto.LogErrorLevel.WARNING, e.getStackTrace()); + saveErrorLogData( + request, apiCode, status, ErrorLogDto.LogErrorLevel.WARNING, e.getStackTrace()); ApiResponseDto body = - ApiResponseDto.createException(apiCode, message, status, errorLog.getId()); + ApiResponseDto.createException(apiCode, message, status, errorLog.getId()); return new ResponseEntity<>(body, status); } From 5105fc855a9c64d9d952c14129848f941f7bc648 Mon Sep 17 00:00:00 2001 From: DanielLee <198891672+sanghyeonhd@users.noreply.github.com> Date: Thu, 11 Dec 2025 17:23:48 +0900 Subject: [PATCH 2/7] Sportless Apply only --- .../java/com/kamco/cd/kamcoback/mapsheet/dto/MapSheetMngDto.java | 1 - 1 file changed, 1 deletion(-) diff --git a/src/main/java/com/kamco/cd/kamcoback/mapsheet/dto/MapSheetMngDto.java b/src/main/java/com/kamco/cd/kamcoback/mapsheet/dto/MapSheetMngDto.java index 98b4923c..aaf6594a 100644 --- a/src/main/java/com/kamco/cd/kamcoback/mapsheet/dto/MapSheetMngDto.java +++ b/src/main/java/com/kamco/cd/kamcoback/mapsheet/dto/MapSheetMngDto.java @@ -98,7 +98,6 @@ public class MapSheetMngDto { @JsonFormatDttm private ZonedDateTime rgstEndDttm; } - @Schema(name = "DmlReturn", description = "์˜์ƒ๊ด€๋ฆฌ DML ์ˆ˜ํ–‰ ํ›„ ๋ฆฌํ„ด") @Getter @Setter From 10e3c0ecbb0248eb9ba5f66c740e2fde8eb028c4 Mon Sep 17 00:00:00 2001 From: teddy Date: Thu, 11 Dec 2025 17:39:25 +0900 Subject: [PATCH 3/7] =?UTF-8?q?=EC=97=AD=ED=95=A0=20enum=20=EC=88=98?= =?UTF-8?q?=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../com/kamco/cd/kamcoback/common/enums/RoleType.java | 9 --------- 1 file changed, 9 deletions(-) diff --git a/src/main/java/com/kamco/cd/kamcoback/common/enums/RoleType.java b/src/main/java/com/kamco/cd/kamcoback/common/enums/RoleType.java index d1945c7e..58d0c15e 100644 --- a/src/main/java/com/kamco/cd/kamcoback/common/enums/RoleType.java +++ b/src/main/java/com/kamco/cd/kamcoback/common/enums/RoleType.java @@ -22,13 +22,4 @@ public enum RoleType implements EnumType { public String getText() { return desc; } - - public static RoleType from(String value) { - for (RoleType type : values()) { - if (type.name().equalsIgnoreCase(value)) { - return type; - } - } - return null; - } } From 79267e82d7f6edeacb2ab7bec2d09b2bfcc5c051 Mon Sep 17 00:00:00 2001 From: teddy Date: Thu, 11 Dec 2025 17:56:47 +0900 Subject: [PATCH 4/7] =?UTF-8?q?enum=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../cd/kamcoback/common/utils/Enums.java | 19 ++++++++ .../cd/kamcoback/config/enums/EnumType.java | 13 ----- .../cd/kamcoback/members/dto/MembersDto.java | 48 ++++++++++--------- 3 files changed, 45 insertions(+), 35 deletions(-) create mode 100644 src/main/java/com/kamco/cd/kamcoback/common/utils/Enums.java diff --git a/src/main/java/com/kamco/cd/kamcoback/common/utils/Enums.java b/src/main/java/com/kamco/cd/kamcoback/common/utils/Enums.java new file mode 100644 index 00000000..98c4c727 --- /dev/null +++ b/src/main/java/com/kamco/cd/kamcoback/common/utils/Enums.java @@ -0,0 +1,19 @@ +package com.kamco.cd.kamcoback.common.utils; + +import com.kamco.cd.kamcoback.config.enums.EnumType; + +public class Enums { + + // code๋กœ text + public static & EnumType> E fromId(Class enumClass, String id) { + if (id == null) { + return null; + } + for (E e : enumClass.getEnumConstants()) { + if (id.equalsIgnoreCase(e.getId())) { + return e; + } + } + return null; // ๋ชป ์ฐพ์œผ๋ฉด null + } +} diff --git a/src/main/java/com/kamco/cd/kamcoback/config/enums/EnumType.java b/src/main/java/com/kamco/cd/kamcoback/config/enums/EnumType.java index 1be49253..274bfe72 100644 --- a/src/main/java/com/kamco/cd/kamcoback/config/enums/EnumType.java +++ b/src/main/java/com/kamco/cd/kamcoback/config/enums/EnumType.java @@ -5,17 +5,4 @@ public interface EnumType { String getId(); String getText(); - - // code๋กœ text - static & EnumType> E fromId(Class enumClass, String id) { - if (id == null) { - return null; - } - for (E e : enumClass.getEnumConstants()) { - if (id.equalsIgnoreCase(e.getId())) { - return e; - } - } - return null; // ๋ชป ์ฐพ์œผ๋ฉด null - } } diff --git a/src/main/java/com/kamco/cd/kamcoback/members/dto/MembersDto.java b/src/main/java/com/kamco/cd/kamcoback/members/dto/MembersDto.java index 7f6fe46c..1142fa6b 100644 --- a/src/main/java/com/kamco/cd/kamcoback/members/dto/MembersDto.java +++ b/src/main/java/com/kamco/cd/kamcoback/members/dto/MembersDto.java @@ -2,8 +2,8 @@ package com.kamco.cd.kamcoback.members.dto; import com.kamco.cd.kamcoback.common.enums.RoleType; import com.kamco.cd.kamcoback.common.enums.StatusType; +import com.kamco.cd.kamcoback.common.utils.Enums; import com.kamco.cd.kamcoback.common.utils.interfaces.JsonFormatDttm; -import com.kamco.cd.kamcoback.config.enums.EnumType; import io.swagger.v3.oas.annotations.media.Schema; import jakarta.validation.constraints.NotBlank; import jakarta.validation.constraints.Size; @@ -32,24 +32,28 @@ public class MembersDto { private String tempPassword; private String status; private String statusName; - @JsonFormatDttm private ZonedDateTime createdDttm; - @JsonFormatDttm private ZonedDateTime updatedDttm; - @JsonFormatDttm private ZonedDateTime firstLoginDttm; - @JsonFormatDttm private ZonedDateTime lastLoginDttm; + @JsonFormatDttm + private ZonedDateTime createdDttm; + @JsonFormatDttm + private ZonedDateTime updatedDttm; + @JsonFormatDttm + private ZonedDateTime firstLoginDttm; + @JsonFormatDttm + private ZonedDateTime lastLoginDttm; public Basic( - Long id, - UUID uuid, - String userRole, - String name, - String userId, - String employeeNo, - String tempPassword, - String status, - ZonedDateTime createdDttm, - ZonedDateTime updatedDttm, - ZonedDateTime firstLoginDttm, - ZonedDateTime lastLoginDttm) { + Long id, + UUID uuid, + String userRole, + String name, + String userId, + String employeeNo, + String tempPassword, + String status, + ZonedDateTime createdDttm, + ZonedDateTime updatedDttm, + ZonedDateTime firstLoginDttm, + ZonedDateTime lastLoginDttm) { this.id = id; this.uuid = uuid; this.userRole = userRole; @@ -67,12 +71,12 @@ public class MembersDto { } private String getUserRoleName(String roleId) { - RoleType type = EnumType.fromId(RoleType.class, roleId); + RoleType type = Enums.fromId(RoleType.class, roleId); return type.getText(); } private String getStatusName(String status) { - StatusType type = EnumType.fromId(StatusType.class, status); + StatusType type = Enums.fromId(StatusType.class, status); return type.getText(); } } @@ -84,8 +88,8 @@ public class MembersDto { public static class SearchReq { @Schema( - description = "์ „์ฒด, ๊ด€๋ฆฌ์ž(ROLE_ADMIN), ๋ผ๋ฒจ๋Ÿฌ(ROLE_LABELER), ๊ฒ€์ˆ˜์ž(ROLE_REVIEWER)", - example = "") + description = "์ „์ฒด, ๊ด€๋ฆฌ์ž(ROLE_ADMIN), ๋ผ๋ฒจ๋Ÿฌ(ROLE_LABELER), ๊ฒ€์ˆ˜์ž(ROLE_REVIEWER)", + example = "") private String userRole; @Schema(description = "ํ‚ค์›Œ๋“œ", example = "ํ™๊ธธ๋™") @@ -129,7 +133,7 @@ public class MembersDto { private String employeeNo; public AddReq( - String userRole, String name, String userId, String tempPassword, String employeeNo) { + String userRole, String name, String userId, String tempPassword, String employeeNo) { this.userRole = userRole; this.name = name; this.userId = userId; From 970d08ba442c97078f52cabc75d442ac09e596e4 Mon Sep 17 00:00:00 2001 From: teddy Date: Fri, 12 Dec 2025 10:02:08 +0900 Subject: [PATCH 5/7] =?UTF-8?q?=EA=B6=8C=ED=95=9C=20=ED=85=8C=EC=8A=A4?= =?UTF-8?q?=ED=8A=B8=20api=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../cd/kamcoback/auth/CustomUserDetails.java | 5 +- .../cd/kamcoback/common/enums/RoleType.java | 6 +- .../cd/kamcoback/config/SecurityConfig.java | 69 +++++++++++-------- .../cd/kamcoback/members/dto/MembersDto.java | 4 +- .../cd/kamcoback/test/TestApiController.java | 49 ++++++------- 5 files changed, 74 insertions(+), 59 deletions(-) diff --git a/src/main/java/com/kamco/cd/kamcoback/auth/CustomUserDetails.java b/src/main/java/com/kamco/cd/kamcoback/auth/CustomUserDetails.java index 8efb073a..54802e13 100644 --- a/src/main/java/com/kamco/cd/kamcoback/auth/CustomUserDetails.java +++ b/src/main/java/com/kamco/cd/kamcoback/auth/CustomUserDetails.java @@ -2,8 +2,9 @@ package com.kamco.cd.kamcoback.auth; import com.kamco.cd.kamcoback.postgres.entity.MemberEntity; import java.util.Collection; -import java.util.Collections; +import java.util.List; import org.springframework.security.core.GrantedAuthority; +import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.userdetails.UserDetails; public class CustomUserDetails implements UserDetails { @@ -16,7 +17,7 @@ public class CustomUserDetails implements UserDetails { @Override public Collection getAuthorities() { - return Collections.emptyList(); + return List.of(new SimpleGrantedAuthority("ROLE_" + member.getUserRole())); } @Override diff --git a/src/main/java/com/kamco/cd/kamcoback/common/enums/RoleType.java b/src/main/java/com/kamco/cd/kamcoback/common/enums/RoleType.java index 58d0c15e..1aeb0269 100644 --- a/src/main/java/com/kamco/cd/kamcoback/common/enums/RoleType.java +++ b/src/main/java/com/kamco/cd/kamcoback/common/enums/RoleType.java @@ -7,9 +7,9 @@ import lombok.Getter; @Getter @AllArgsConstructor public enum RoleType implements EnumType { - ROLE_ADMIN("๊ด€๋ฆฌ์ž"), - ROLE_LABELER("๋ผ๋ฒจ๋Ÿฌ"), - ROLE_REVIEWER("๊ฒ€์ˆ˜์ž"); + ADMIN("๊ด€๋ฆฌ์ž"), + LABELER("๋ผ๋ฒจ๋Ÿฌ"), + REVIEWER("๊ฒ€์ˆ˜์ž"); private final String desc; diff --git a/src/main/java/com/kamco/cd/kamcoback/config/SecurityConfig.java b/src/main/java/com/kamco/cd/kamcoback/config/SecurityConfig.java index 2fecb1cd..ccd51586 100644 --- a/src/main/java/com/kamco/cd/kamcoback/config/SecurityConfig.java +++ b/src/main/java/com/kamco/cd/kamcoback/config/SecurityConfig.java @@ -30,33 +30,46 @@ public class SecurityConfig { public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { http.cors(cors -> cors.configurationSource(corsConfigurationSource())) - .csrf(csrf -> csrf.disable()) // CSRF ๋ณด์•ˆ ๊ธฐ๋Šฅ ๋น„ํ™œ์„ฑํ™” - .sessionManagement( - sm -> - sm.sessionCreationPolicy( - SessionCreationPolicy.STATELESS)) // ์„œ๋ฒ„ ์„ธ์…˜ ๋งŒ๋“ค์ง€ ์•Š์Œ, ์š”์ฒญ์€ JWT ์ธ์ฆ - .formLogin(form -> form.disable()) // react์—์„œ ๋กœ๊ทธ์ธ ์š”์ฒญ ๊ด€๋ฆฌ - .httpBasic(basic -> basic.disable()) // ๊ธฐ๋ณธ basic ์ธ์ฆ ๋น„ํ™œ์„ฑํ™” JWT ์ธ์ฆ์‚ฌ์šฉ - .logout(logout -> logout.disable()) // ๊ธฐ๋ณธ ๋กœ๊ทธ์•„์›ƒ ๋น„ํ™œ์„ฑํ™” JWT๋Š” ์„œ๋ฒ„ ์ƒํƒœ๊ฐ€ ์—†์œผ๋ฏ€๋กœ ๋กœ๊ทธ์•„์›ƒ ์ฒ˜๋ฆฌ ํ•„์š” ์—†์Œ - .authenticationProvider( - customAuthenticationProvider) // ๋กœ๊ทธ์ธ ํŒจ์Šค์›Œ๋“œ ๋น„๊ต๋ฐฉ์‹ ์Šคํ”„๋ง ๊ธฐ๋ณธ Provider ์‚ฌ์šฉ์•ˆํ•จ ์ปค์Šคํ…€ ์‚ฌ์šฉ - .authorizeHttpRequests( - auth -> - auth.requestMatchers(HttpMethod.OPTIONS, "/**") - .permitAll() // preflight ํ—ˆ์šฉ - .requestMatchers( - "/api/auth/signin", - "/api/auth/refresh", - "/swagger-ui/**", - "/api/members/{memberId}/password", - "/v3/api-docs/**") - .permitAll() - .anyRequest() - .authenticated()) - .addFilterBefore( - jwtAuthenticationFilter, - UsernamePasswordAuthenticationFilter - .class) // ์š”์ฒญ ๋“ค์–ด์˜ค๋ฉด ๋จผ์ € JWT ํ† ํฐ ๊ฒ€์‚ฌ ํ›„ security context ์— ์‚ฌ์šฉ์ž ์ •๋ณด ์ €์žฅ. + .csrf(csrf -> csrf.disable()) // CSRF ๋ณด์•ˆ ๊ธฐ๋Šฅ ๋น„ํ™œ์„ฑํ™” + .sessionManagement( + sm -> + sm.sessionCreationPolicy( + SessionCreationPolicy.STATELESS)) // ์„œ๋ฒ„ ์„ธ์…˜ ๋งŒ๋“ค์ง€ ์•Š์Œ, ์š”์ฒญ์€ JWT ์ธ์ฆ + .formLogin(form -> form.disable()) // react์—์„œ ๋กœ๊ทธ์ธ ์š”์ฒญ ๊ด€๋ฆฌ + .httpBasic(basic -> basic.disable()) // ๊ธฐ๋ณธ basic ์ธ์ฆ ๋น„ํ™œ์„ฑํ™” JWT ์ธ์ฆ์‚ฌ์šฉ + .logout(logout -> logout.disable()) // ๊ธฐ๋ณธ ๋กœ๊ทธ์•„์›ƒ ๋น„ํ™œ์„ฑํ™” JWT๋Š” ์„œ๋ฒ„ ์ƒํƒœ๊ฐ€ ์—†์œผ๋ฏ€๋กœ ๋กœ๊ทธ์•„์›ƒ ์ฒ˜๋ฆฌ ํ•„์š” ์—†์Œ + .authenticationProvider( + customAuthenticationProvider) // ๋กœ๊ทธ์ธ ํŒจ์Šค์›Œ๋“œ ๋น„๊ต๋ฐฉ์‹ ์Šคํ”„๋ง ๊ธฐ๋ณธ Provider ์‚ฌ์šฉ์•ˆํ•จ ์ปค์Šคํ…€ ์‚ฌ์šฉ + .authorizeHttpRequests( + auth -> + auth + // ADMIN๋งŒ ์ ‘๊ทผ + .requestMatchers("/api/test/admin") + .hasRole("ADMIN") + + // ADMIN, LABELER ์ ‘๊ทผ + .requestMatchers("/api/test/label") + .hasAnyRole("ADMIN", "LABELER") + + // ADMIN, REVIEWER ์ ‘๊ทผ + .requestMatchers("/api/test/review") + .hasAnyRole("ADMIN", "REVIEWER") + + .requestMatchers(HttpMethod.OPTIONS, "/**") + .permitAll() // preflight ํ—ˆ์šฉ + .requestMatchers( + "/api/auth/signin", + "/api/auth/refresh", + "/swagger-ui/**", + "/api/members/*/password", + "/v3/api-docs/**") + .permitAll() + .anyRequest() + .authenticated()) + .addFilterBefore( + jwtAuthenticationFilter, + UsernamePasswordAuthenticationFilter + .class) // ์š”์ฒญ ๋“ค์–ด์˜ค๋ฉด ๋จผ์ € JWT ํ† ํฐ ๊ฒ€์‚ฌ ํ›„ security context ์— ์‚ฌ์šฉ์ž ์ •๋ณด ์ €์žฅ. ; return http.build(); @@ -64,7 +77,7 @@ public class SecurityConfig { @Bean public AuthenticationManager authenticationManager(AuthenticationConfiguration configuration) - throws Exception { + throws Exception { return configuration.getAuthenticationManager(); } diff --git a/src/main/java/com/kamco/cd/kamcoback/members/dto/MembersDto.java b/src/main/java/com/kamco/cd/kamcoback/members/dto/MembersDto.java index 1142fa6b..c5d3af36 100644 --- a/src/main/java/com/kamco/cd/kamcoback/members/dto/MembersDto.java +++ b/src/main/java/com/kamco/cd/kamcoback/members/dto/MembersDto.java @@ -88,7 +88,7 @@ public class MembersDto { public static class SearchReq { @Schema( - description = "์ „์ฒด, ๊ด€๋ฆฌ์ž(ROLE_ADMIN), ๋ผ๋ฒจ๋Ÿฌ(ROLE_LABELER), ๊ฒ€์ˆ˜์ž(ROLE_REVIEWER)", + description = "์ „์ฒด, ๊ด€๋ฆฌ์ž(ADMIN), ๋ผ๋ฒจ๋Ÿฌ(LABELER), ๊ฒ€์ˆ˜์ž(REVIEWER)", example = "") private String userRole; @@ -111,7 +111,7 @@ public class MembersDto { @Setter public static class AddReq { - @Schema(description = "๊ด€๋ฆฌ์ž ์œ ํ˜•", example = "ROLE_ADMIN") + @Schema(description = "๊ด€๋ฆฌ์ž ์œ ํ˜•", example = "ADMIN") @NotBlank @Size(max = 50) private String userRole; diff --git a/src/main/java/com/kamco/cd/kamcoback/test/TestApiController.java b/src/main/java/com/kamco/cd/kamcoback/test/TestApiController.java index ca2dfe53..2e843964 100644 --- a/src/main/java/com/kamco/cd/kamcoback/test/TestApiController.java +++ b/src/main/java/com/kamco/cd/kamcoback/test/TestApiController.java @@ -1,5 +1,6 @@ package com.kamco.cd.kamcoback.test; +import com.kamco.cd.kamcoback.config.api.ApiResponseDto; import io.swagger.v3.oas.annotations.Operation; import io.swagger.v3.oas.annotations.media.Content; import io.swagger.v3.oas.annotations.media.Schema; @@ -21,48 +22,48 @@ public class TestApiController { @Operation(summary = "admin test", description = "admin test api") @ApiResponses({ @ApiResponse( - responseCode = "200", - description = "์กฐํšŒ", - content = @Content(schema = @Schema(implementation = String.class))), + responseCode = "200", + description = "์กฐํšŒ", + content = @Content(schema = @Schema(implementation = String.class))), @ApiResponse( - responseCode = "403", - description = "๊ถŒํ•œ ์—†์Œ", - content = @Content(schema = @Schema(implementation = ErrorResponse.class))) + responseCode = "403", + description = "๊ถŒํ•œ ์—†์Œ", + content = @Content(schema = @Schema(implementation = ErrorResponse.class))) }) @GetMapping("/admin") - public String admin() { - return "I am administrator"; + public ApiResponseDto admin() { + return ApiResponseDto.ok("I am administrator"); } @Operation(summary = "label test", description = "label test api") @ApiResponses({ @ApiResponse( - responseCode = "200", - description = "์กฐํšŒ", - content = @Content(schema = @Schema(implementation = String.class))), + responseCode = "200", + description = "์กฐํšŒ", + content = @Content(schema = @Schema(implementation = String.class))), @ApiResponse( - responseCode = "403", - description = "๊ถŒํ•œ ์—†์Œ", - content = @Content(schema = @Schema(implementation = ErrorResponse.class))) + responseCode = "403", + description = "๊ถŒํ•œ ์—†์Œ", + content = @Content(schema = @Schema(implementation = ErrorResponse.class))) }) @GetMapping("/label") - public String label() { - return "Labeling is available."; + public ApiResponseDto label() { + return ApiResponseDto.ok("Labeling is available."); } @Operation(summary = "review test", description = "review test api") @ApiResponses({ @ApiResponse( - responseCode = "200", - description = "์กฐํšŒ", - content = @Content(schema = @Schema(implementation = String.class))), + responseCode = "200", + description = "์กฐํšŒ", + content = @Content(schema = @Schema(implementation = String.class))), @ApiResponse( - responseCode = "403", - description = "๊ถŒํ•œ ์—†์Œ", - content = @Content(schema = @Schema(implementation = ErrorResponse.class))) + responseCode = "403", + description = "๊ถŒํ•œ ์—†์Œ", + content = @Content(schema = @Schema(implementation = ErrorResponse.class))) }) @GetMapping("/review") - public String review() { - return "Review is available."; + public ApiResponseDto review() { + return ApiResponseDto.ok("Review is available."); } } From f642f7c72333da734d454da4b1b86ab787934387 Mon Sep 17 00:00:00 2001 From: teddy Date: Fri, 12 Dec 2025 10:02:23 +0900 Subject: [PATCH 6/7] =?UTF-8?q?=EA=B6=8C=ED=95=9C=20=ED=85=8C=EC=8A=A4?= =?UTF-8?q?=ED=8A=B8=20api=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../config/GlobalExceptionHandler.java | 386 +++++++++--------- .../cd/kamcoback/config/SecurityConfig.java | 77 ++-- .../cd/kamcoback/members/dto/MembersDto.java | 42 +- .../cd/kamcoback/test/TestApiController.java | 36 +- 4 files changed, 267 insertions(+), 274 deletions(-) diff --git a/src/main/java/com/kamco/cd/kamcoback/config/GlobalExceptionHandler.java b/src/main/java/com/kamco/cd/kamcoback/config/GlobalExceptionHandler.java index 409e8ca4..bc7cdb74 100644 --- a/src/main/java/com/kamco/cd/kamcoback/config/GlobalExceptionHandler.java +++ b/src/main/java/com/kamco/cd/kamcoback/config/GlobalExceptionHandler.java @@ -45,197 +45,197 @@ public class GlobalExceptionHandler { @ResponseStatus(HttpStatus.UNPROCESSABLE_ENTITY) @ExceptionHandler(EntityNotFoundException.class) public ApiResponseDto handlerEntityNotFoundException( - EntityNotFoundException e, HttpServletRequest request) { + EntityNotFoundException e, HttpServletRequest request) { log.warn("[EntityNotFoundException] resource :{} ", e.getMessage()); String codeName = "NOT_FOUND_DATA"; ErrorLogEntity errorLog = - saveErrorLogData( - request, - ApiResponseCode.getCode(codeName), - HttpStatus.valueOf("UNPROCESSABLE_ENTITY"), - ErrorLogDto.LogErrorLevel.WARNING, - e.getStackTrace()); + saveErrorLogData( + request, + ApiResponseCode.getCode(codeName), + HttpStatus.valueOf("UNPROCESSABLE_ENTITY"), + ErrorLogDto.LogErrorLevel.WARNING, + e.getStackTrace()); return ApiResponseDto.createException( - ApiResponseCode.getCode(codeName), - ApiResponseCode.getMessage(codeName), - HttpStatus.valueOf("UNPROCESSABLE_ENTITY"), - errorLog.getId()); + ApiResponseCode.getCode(codeName), + ApiResponseCode.getMessage(codeName), + HttpStatus.valueOf("UNPROCESSABLE_ENTITY"), + errorLog.getId()); } @ResponseStatus(HttpStatus.BAD_REQUEST) @ExceptionHandler(HttpMessageNotReadableException.class) public ApiResponseDto handleUnreadable( - HttpMessageNotReadableException e, HttpServletRequest request) { + HttpMessageNotReadableException e, HttpServletRequest request) { log.warn("[HttpMessageNotReadableException] resource :{} ", e.getMessage()); String codeName = "BAD_REQUEST"; ErrorLogEntity errorLog = - saveErrorLogData( - request, - ApiResponseCode.getCode(codeName), - HttpStatus.valueOf(codeName), - ErrorLogDto.LogErrorLevel.WARNING, - e.getStackTrace()); + saveErrorLogData( + request, + ApiResponseCode.getCode(codeName), + HttpStatus.valueOf(codeName), + ErrorLogDto.LogErrorLevel.WARNING, + e.getStackTrace()); return ApiResponseDto.createException( - ApiResponseCode.getCode(codeName), - ApiResponseCode.getMessage(codeName), - HttpStatus.valueOf(codeName), - errorLog.getId()); + ApiResponseCode.getCode(codeName), + ApiResponseCode.getMessage(codeName), + HttpStatus.valueOf(codeName), + errorLog.getId()); } @ResponseStatus(HttpStatus.NOT_FOUND) @ExceptionHandler(NoSuchElementException.class) public ApiResponseDto handlerNoSuchElementException( - NoSuchElementException e, HttpServletRequest request) { + NoSuchElementException e, HttpServletRequest request) { log.warn("[NoSuchElementException] resource :{} ", e.getMessage()); String codeName = "NOT_FOUND_DATA"; ErrorLogEntity errorLog = - saveErrorLogData( - request, - ApiResponseCode.getCode(codeName), - HttpStatus.valueOf(codeName), - ErrorLogDto.LogErrorLevel.WARNING, - e.getStackTrace()); + saveErrorLogData( + request, + ApiResponseCode.getCode(codeName), + HttpStatus.valueOf(codeName), + ErrorLogDto.LogErrorLevel.WARNING, + e.getStackTrace()); return ApiResponseDto.createException( - ApiResponseCode.getCode(codeName), - ApiResponseCode.getMessage(codeName), - HttpStatus.valueOf("NOT_FOUND"), - errorLog.getId()); + ApiResponseCode.getCode(codeName), + ApiResponseCode.getMessage(codeName), + HttpStatus.valueOf("NOT_FOUND"), + errorLog.getId()); } @ResponseStatus(HttpStatus.BAD_REQUEST) @ExceptionHandler(IllegalArgumentException.class) public ApiResponseDto handlerIllegalArgumentException( - IllegalArgumentException e, HttpServletRequest request) { + IllegalArgumentException e, HttpServletRequest request) { log.warn("[handlerIllegalArgumentException] resource :{} ", e.getMessage()); String codeName = "BAD_REQUEST"; ErrorLogEntity errorLog = - saveErrorLogData( - request, - ApiResponseCode.getCode(codeName), - HttpStatus.valueOf(codeName), - ErrorLogDto.LogErrorLevel.WARNING, - e.getStackTrace()); + saveErrorLogData( + request, + ApiResponseCode.getCode(codeName), + HttpStatus.valueOf(codeName), + ErrorLogDto.LogErrorLevel.WARNING, + e.getStackTrace()); return ApiResponseDto.createException( - ApiResponseCode.getCode(codeName), - ApiResponseCode.getMessage(codeName), - HttpStatus.valueOf(codeName), - errorLog.getId()); + ApiResponseCode.getCode(codeName), + ApiResponseCode.getMessage(codeName), + HttpStatus.valueOf(codeName), + errorLog.getId()); } @ResponseStatus(HttpStatus.UNPROCESSABLE_ENTITY) @ExceptionHandler(DataIntegrityViolationException.class) public ApiResponseDto handlerDataIntegrityViolationException( - DataIntegrityViolationException e, HttpServletRequest request) { + DataIntegrityViolationException e, HttpServletRequest request) { log.warn("[DataIntegrityViolationException] resource :{} ", e.getMessage()); String codeName = "DATA_INTEGRITY_ERROR"; ErrorLogEntity errorLog = - saveErrorLogData( - request, - ApiResponseCode.getCode(codeName), - HttpStatus.valueOf("UNPROCESSABLE_ENTITY"), - ErrorLogDto.LogErrorLevel.CRITICAL, - e.getStackTrace()); + saveErrorLogData( + request, + ApiResponseCode.getCode(codeName), + HttpStatus.valueOf("UNPROCESSABLE_ENTITY"), + ErrorLogDto.LogErrorLevel.CRITICAL, + e.getStackTrace()); return ApiResponseDto.createException( - ApiResponseCode.getCode(codeName), - ApiResponseCode.getMessage(codeName), - HttpStatus.valueOf("UNPROCESSABLE_ENTITY"), - errorLog.getId()); + ApiResponseCode.getCode(codeName), + ApiResponseCode.getMessage(codeName), + HttpStatus.valueOf("UNPROCESSABLE_ENTITY"), + errorLog.getId()); } @ResponseStatus(HttpStatus.BAD_REQUEST) @ExceptionHandler(MethodArgumentNotValidException.class) public ApiResponseDto handlerMethodArgumentNotValidException( - MethodArgumentNotValidException e, HttpServletRequest request) { + MethodArgumentNotValidException e, HttpServletRequest request) { log.warn("[MethodArgumentNotValidException] resource :{} ", e.getMessage()); String codeName = "BAD_REQUEST"; ErrorLogEntity errorLog = - saveErrorLogData( - request, - ApiResponseCode.getCode(codeName), - HttpStatus.valueOf(codeName), - ErrorLogDto.LogErrorLevel.WARNING, - e.getStackTrace()); + saveErrorLogData( + request, + ApiResponseCode.getCode(codeName), + HttpStatus.valueOf(codeName), + ErrorLogDto.LogErrorLevel.WARNING, + e.getStackTrace()); return ApiResponseDto.createException( - ApiResponseCode.getCode(codeName), - ApiResponseCode.getMessage(codeName), - HttpStatus.valueOf(codeName), - errorLog.getId()); + ApiResponseCode.getCode(codeName), + ApiResponseCode.getMessage(codeName), + HttpStatus.valueOf(codeName), + errorLog.getId()); } @ResponseStatus(HttpStatus.FORBIDDEN) @ExceptionHandler(AccessDeniedException.class) public ApiResponseDto handlerAccessDeniedException( - AccessDeniedException e, HttpServletRequest request) { + AccessDeniedException e, HttpServletRequest request) { log.warn("[AccessDeniedException] resource :{} ", e.getMessage()); String codeName = "FORBIDDEN"; ErrorLogEntity errorLog = - saveErrorLogData( - request, - ApiResponseCode.getCode(codeName), - HttpStatus.valueOf(codeName), - ErrorLogDto.LogErrorLevel.ERROR, - e.getStackTrace()); + saveErrorLogData( + request, + ApiResponseCode.getCode(codeName), + HttpStatus.valueOf(codeName), + ErrorLogDto.LogErrorLevel.ERROR, + e.getStackTrace()); return ApiResponseDto.createException( - ApiResponseCode.getCode(codeName), - ApiResponseCode.getMessage(codeName), - HttpStatus.valueOf(codeName), - errorLog.getId()); + ApiResponseCode.getCode(codeName), + ApiResponseCode.getMessage(codeName), + HttpStatus.valueOf(codeName), + errorLog.getId()); } @ResponseStatus(HttpStatus.BAD_GATEWAY) @ExceptionHandler(HttpServerErrorException.BadGateway.class) public ApiResponseDto handlerHttpServerErrorException( - HttpServerErrorException e, HttpServletRequest request) { + HttpServerErrorException e, HttpServletRequest request) { log.warn("[HttpServerErrorException] resource :{} ", e.getMessage()); String codeName = "BAD_GATEWAY"; ErrorLogEntity errorLog = - saveErrorLogData( - request, - ApiResponseCode.getCode(codeName), - HttpStatus.valueOf(codeName), - ErrorLogDto.LogErrorLevel.CRITICAL, - e.getStackTrace()); + saveErrorLogData( + request, + ApiResponseCode.getCode(codeName), + HttpStatus.valueOf(codeName), + ErrorLogDto.LogErrorLevel.CRITICAL, + e.getStackTrace()); return ApiResponseDto.createException( - ApiResponseCode.getCode(codeName), - ApiResponseCode.getMessage(codeName), - HttpStatus.valueOf(codeName), - errorLog.getId()); + ApiResponseCode.getCode(codeName), + ApiResponseCode.getMessage(codeName), + HttpStatus.valueOf(codeName), + errorLog.getId()); } @ResponseStatus(HttpStatus.UNPROCESSABLE_ENTITY) @ExceptionHandler(IllegalStateException.class) public ApiResponseDto handlerIllegalStateException( - IllegalStateException e, HttpServletRequest request) { + IllegalStateException e, HttpServletRequest request) { log.warn("[IllegalStateException] resource :{} ", e.getMessage()); String codeName = "UNPROCESSABLE_ENTITY"; ErrorLogEntity errorLog = - saveErrorLogData( - request, - ApiResponseCode.getCode(codeName), - HttpStatus.valueOf(codeName), - ErrorLogDto.LogErrorLevel.WARNING, - e.getStackTrace()); + saveErrorLogData( + request, + ApiResponseCode.getCode(codeName), + HttpStatus.valueOf(codeName), + ErrorLogDto.LogErrorLevel.WARNING, + e.getStackTrace()); return ApiResponseDto.createException( - ApiResponseCode.getCode(codeName), - ApiResponseCode.getMessage(codeName), - HttpStatus.valueOf(codeName), - errorLog.getId()); + ApiResponseCode.getCode(codeName), + ApiResponseCode.getMessage(codeName), + HttpStatus.valueOf(codeName), + errorLog.getId()); } @ResponseStatus(HttpStatus.BAD_REQUEST) @ExceptionHandler(MemberException.DuplicateMemberException.class) public ApiResponseDto handlerDuplicateMemberException( - MemberException.DuplicateMemberException e, HttpServletRequest request) { + MemberException.DuplicateMemberException e, HttpServletRequest request) { log.warn("[DuplicateMemberException] resource :{} ", e.getMessage()); String codeName = ""; @@ -250,112 +250,112 @@ public class GlobalExceptionHandler { } ErrorLogEntity errorLog = - saveErrorLogData( - request, - ApiResponseCode.getCode(codeName), - HttpStatus.valueOf("BAD_REQUEST"), - ErrorLogDto.LogErrorLevel.WARNING, - e.getStackTrace()); + saveErrorLogData( + request, + ApiResponseCode.getCode(codeName), + HttpStatus.valueOf("BAD_REQUEST"), + ErrorLogDto.LogErrorLevel.WARNING, + e.getStackTrace()); return ApiResponseDto.createException( - ApiResponseCode.getCode(codeName), - ApiResponseCode.getMessage(codeName), - HttpStatus.valueOf("BAD_REQUEST"), - errorLog.getId()); + ApiResponseCode.getCode(codeName), + ApiResponseCode.getMessage(codeName), + HttpStatus.valueOf("BAD_REQUEST"), + errorLog.getId()); } @ResponseStatus(HttpStatus.BAD_REQUEST) @ExceptionHandler(MemberException.MemberNotFoundException.class) public ApiResponseDto handlerMemberNotFoundException( - MemberException.MemberNotFoundException e, HttpServletRequest request) { + MemberException.MemberNotFoundException e, HttpServletRequest request) { log.warn("[MemberNotFoundException] resource :{} ", e.getMessage()); String codeName = "NOT_FOUND_USER"; ErrorLogEntity errorLog = - saveErrorLogData( - request, - ApiResponseCode.getCode(codeName), - HttpStatus.valueOf("BAD_REQUEST"), - ErrorLogDto.LogErrorLevel.WARNING, - e.getStackTrace()); + saveErrorLogData( + request, + ApiResponseCode.getCode(codeName), + HttpStatus.valueOf("BAD_REQUEST"), + ErrorLogDto.LogErrorLevel.WARNING, + e.getStackTrace()); return ApiResponseDto.createException( - ApiResponseCode.getCode(codeName), - ApiResponseCode.getMessage(codeName), - HttpStatus.valueOf("BAD_REQUEST"), - errorLog.getId()); + ApiResponseCode.getCode(codeName), + ApiResponseCode.getMessage(codeName), + HttpStatus.valueOf("BAD_REQUEST"), + errorLog.getId()); } @ResponseStatus(HttpStatus.CONFLICT) @ExceptionHandler(DuplicateKeyException.class) public ApiResponseDto handlerDuplicateKeyException( - DuplicateKeyException e, HttpServletRequest request) { + DuplicateKeyException e, HttpServletRequest request) { log.warn("[DuplicateKeyException] resource :{} ", e.getMessage()); String codeName = "DUPLICATE_DATA"; ErrorLogEntity errorLog = - saveErrorLogData( - request, - ApiResponseCode.getCode(codeName), - HttpStatus.valueOf("CONFLICT"), - ErrorLogDto.LogErrorLevel.WARNING, - e.getStackTrace()); + saveErrorLogData( + request, + ApiResponseCode.getCode(codeName), + HttpStatus.valueOf("CONFLICT"), + ErrorLogDto.LogErrorLevel.WARNING, + e.getStackTrace()); return ApiResponseDto.createException( - ApiResponseCode.getCode(codeName), - ApiResponseCode.getMessage(codeName), - HttpStatus.valueOf("CONFLICT"), - errorLog.getId()); + ApiResponseCode.getCode(codeName), + ApiResponseCode.getMessage(codeName), + HttpStatus.valueOf("CONFLICT"), + errorLog.getId()); } @ExceptionHandler(BadCredentialsException.class) public ResponseEntity> handleBadCredentials( - BadCredentialsException e, HttpServletRequest request) { + BadCredentialsException e, HttpServletRequest request) { log.warn("[BadCredentialsException] resource : {} ", e.getMessage()); String codeName = "UNAUTHORIZED"; ErrorLogEntity errorLog = - saveErrorLogData( - request, - ApiResponseCode.getCode(codeName), - HttpStatus.valueOf(codeName), - ErrorLogDto.LogErrorLevel.WARNING, - e.getStackTrace()); + saveErrorLogData( + request, + ApiResponseCode.getCode(codeName), + HttpStatus.valueOf(codeName), + ErrorLogDto.LogErrorLevel.WARNING, + e.getStackTrace()); ApiResponseDto body = - ApiResponseDto.createException( - ApiResponseCode.getCode(codeName), - ApiResponseCode.getMessage(codeName), - HttpStatus.valueOf(codeName), - errorLog.getId()); + ApiResponseDto.createException( + ApiResponseCode.getCode(codeName), + ApiResponseCode.getMessage(codeName), + HttpStatus.valueOf(codeName), + errorLog.getId()); return ResponseEntity.status(HttpStatus.UNAUTHORIZED) // ๐Ÿ”ฅ ์—ฌ๊ธฐ์„œ 401 ์ง€์ • - .body(body); + .body(body); } @ResponseStatus(HttpStatus.INTERNAL_SERVER_ERROR) @ExceptionHandler(RuntimeException.class) public ApiResponseDto handlerRuntimeException( - RuntimeException e, HttpServletRequest request) { + RuntimeException e, HttpServletRequest request) { log.warn("[RuntimeException] resource :{} ", e.getMessage()); String codeName = "INTERNAL_SERVER_ERROR"; ErrorLogEntity errorLog = - saveErrorLogData( - request, - ApiResponseCode.getCode(codeName), - HttpStatus.valueOf(codeName), - ErrorLogDto.LogErrorLevel.CRITICAL, - e.getStackTrace()); + saveErrorLogData( + request, + ApiResponseCode.getCode(codeName), + HttpStatus.valueOf(codeName), + ErrorLogDto.LogErrorLevel.CRITICAL, + e.getStackTrace()); return ApiResponseDto.createException( - ApiResponseCode.getCode(codeName), - ApiResponseCode.getMessage(codeName), - HttpStatus.valueOf(codeName), - errorLog.getId()); + ApiResponseCode.getCode(codeName), + ApiResponseCode.getMessage(codeName), + HttpStatus.valueOf(codeName), + errorLog.getId()); } @ResponseStatus(HttpStatus.INTERNAL_SERVER_ERROR) @@ -365,36 +365,36 @@ public class GlobalExceptionHandler { String codeName = "INTERNAL_SERVER_ERROR"; ErrorLogEntity errorLog = - saveErrorLogData( - request, - ApiResponseCode.getCode(codeName), - HttpStatus.valueOf(codeName), - ErrorLogDto.LogErrorLevel.CRITICAL, - e.getStackTrace()); + saveErrorLogData( + request, + ApiResponseCode.getCode(codeName), + HttpStatus.valueOf(codeName), + ErrorLogDto.LogErrorLevel.CRITICAL, + e.getStackTrace()); return ApiResponseDto.createException( - ApiResponseCode.getCode(codeName), - ApiResponseCode.getMessage(codeName), - HttpStatus.valueOf(codeName), - errorLog.getId()); + ApiResponseCode.getCode(codeName), + ApiResponseCode.getMessage(codeName), + HttpStatus.valueOf(codeName), + errorLog.getId()); } /** * ์—๋Ÿฌ ๋กœ๊ทธ ํ…Œ์ด๋ธ” ์ €์žฅ ๋กœ์ง * - * @param request : request - * @param errorCode : ์ •์˜๋œ enum errorCode - * @param httpStatus : HttpStatus ๊ฐ’ + * @param request : request + * @param errorCode : ์ •์˜๋œ enum errorCode + * @param httpStatus : HttpStatus ๊ฐ’ * @param logErrorLevel : WARNING, ERROR, CRITICAL - * @param stackTrace : ์—๋Ÿฌ ๋‚ด์šฉ + * @param stackTrace : ์—๋Ÿฌ ๋‚ด์šฉ * @return : insertํ•˜๊ณ  ๊ฒฐ๊ณผ๋กœ ๋ฐ›์€ Entity */ private ErrorLogEntity saveErrorLogData( - HttpServletRequest request, - ApiResponseCode errorCode, - HttpStatus httpStatus, - ErrorLogDto.LogErrorLevel logErrorLevel, - StackTraceElement[] stackTrace) { + HttpServletRequest request, + ApiResponseCode errorCode, + HttpStatus httpStatus, + ErrorLogDto.LogErrorLevel logErrorLevel, + StackTraceElement[] stackTrace) { Long userid = null; @@ -408,35 +408,35 @@ public class GlobalExceptionHandler { * ๋งŒ๋“  CustomUserDetails ํƒ€์ž…์ธ๊ฐ€? ์ฒดํฌ */ if (request.getUserPrincipal() instanceof UsernamePasswordAuthenticationToken auth - && auth.getPrincipal() instanceof CustomUserDetails customUserDetails) { + && auth.getPrincipal() instanceof CustomUserDetails customUserDetails) { // audit ์—๋Š” long ํƒ€์ž… user_id๊ฐ€ ๋“ค์–ด๊ฐ€์ง€๋งŒ ํ† ํฐ sub์€ uuid์—ฌ์„œ user_id ๊ฐ€์ ธ์˜ค๊ธฐ userid = customUserDetails.getMember().getId(); } String stackTraceStr = - Arrays.stream(stackTrace) - .map(StackTraceElement::toString) - .collect(Collectors.joining("\n")) - .substring(0, Math.min(stackTrace.length, 255)); + Arrays.stream(stackTrace) + .map(StackTraceElement::toString) + .collect(Collectors.joining("\n")) + .substring(0, Math.min(stackTrace.length, 255)); ErrorLogEntity errorLogEntity = - new ErrorLogEntity( - request.getRequestURI(), - ApiLogFunction.getEventType(request), - logErrorLevel, - String.valueOf(httpStatus.value()), - errorCode.getText(), - stackTraceStr, - userid, - ZonedDateTime.now()); + new ErrorLogEntity( + request.getRequestURI(), + ApiLogFunction.getEventType(request), + logErrorLevel, + String.valueOf(httpStatus.value()), + errorCode.getText(), + stackTraceStr, + userid, + ZonedDateTime.now()); return errorLogRepository.save(errorLogEntity); } @ExceptionHandler(CustomApiException.class) public ResponseEntity> handleCustomApiException( - CustomApiException e, HttpServletRequest request) { + CustomApiException e, HttpServletRequest request) { log.warn("[CustomApiException] resource : {}", e.getMessage()); String codeName = e.getCodeName(); @@ -446,11 +446,11 @@ public class GlobalExceptionHandler { ApiResponseCode apiCode = ApiResponseCode.getCode(codeName); ErrorLogEntity errorLog = - saveErrorLogData( - request, apiCode, status, ErrorLogDto.LogErrorLevel.WARNING, e.getStackTrace()); + saveErrorLogData( + request, apiCode, status, ErrorLogDto.LogErrorLevel.WARNING, e.getStackTrace()); ApiResponseDto body = - ApiResponseDto.createException(apiCode, message, status, errorLog.getId()); + ApiResponseDto.createException(apiCode, message, status, errorLog.getId()); return new ResponseEntity<>(body, status); } diff --git a/src/main/java/com/kamco/cd/kamcoback/config/SecurityConfig.java b/src/main/java/com/kamco/cd/kamcoback/config/SecurityConfig.java index ccd51586..eca8fcf7 100644 --- a/src/main/java/com/kamco/cd/kamcoback/config/SecurityConfig.java +++ b/src/main/java/com/kamco/cd/kamcoback/config/SecurityConfig.java @@ -30,46 +30,45 @@ public class SecurityConfig { public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { http.cors(cors -> cors.configurationSource(corsConfigurationSource())) - .csrf(csrf -> csrf.disable()) // CSRF ๋ณด์•ˆ ๊ธฐ๋Šฅ ๋น„ํ™œ์„ฑํ™” - .sessionManagement( - sm -> - sm.sessionCreationPolicy( - SessionCreationPolicy.STATELESS)) // ์„œ๋ฒ„ ์„ธ์…˜ ๋งŒ๋“ค์ง€ ์•Š์Œ, ์š”์ฒญ์€ JWT ์ธ์ฆ - .formLogin(form -> form.disable()) // react์—์„œ ๋กœ๊ทธ์ธ ์š”์ฒญ ๊ด€๋ฆฌ - .httpBasic(basic -> basic.disable()) // ๊ธฐ๋ณธ basic ์ธ์ฆ ๋น„ํ™œ์„ฑํ™” JWT ์ธ์ฆ์‚ฌ์šฉ - .logout(logout -> logout.disable()) // ๊ธฐ๋ณธ ๋กœ๊ทธ์•„์›ƒ ๋น„ํ™œ์„ฑํ™” JWT๋Š” ์„œ๋ฒ„ ์ƒํƒœ๊ฐ€ ์—†์œผ๋ฏ€๋กœ ๋กœ๊ทธ์•„์›ƒ ์ฒ˜๋ฆฌ ํ•„์š” ์—†์Œ - .authenticationProvider( - customAuthenticationProvider) // ๋กœ๊ทธ์ธ ํŒจ์Šค์›Œ๋“œ ๋น„๊ต๋ฐฉ์‹ ์Šคํ”„๋ง ๊ธฐ๋ณธ Provider ์‚ฌ์šฉ์•ˆํ•จ ์ปค์Šคํ…€ ์‚ฌ์šฉ - .authorizeHttpRequests( - auth -> - auth - // ADMIN๋งŒ ์ ‘๊ทผ - .requestMatchers("/api/test/admin") - .hasRole("ADMIN") + .csrf(csrf -> csrf.disable()) // CSRF ๋ณด์•ˆ ๊ธฐ๋Šฅ ๋น„ํ™œ์„ฑํ™” + .sessionManagement( + sm -> + sm.sessionCreationPolicy( + SessionCreationPolicy.STATELESS)) // ์„œ๋ฒ„ ์„ธ์…˜ ๋งŒ๋“ค์ง€ ์•Š์Œ, ์š”์ฒญ์€ JWT ์ธ์ฆ + .formLogin(form -> form.disable()) // react์—์„œ ๋กœ๊ทธ์ธ ์š”์ฒญ ๊ด€๋ฆฌ + .httpBasic(basic -> basic.disable()) // ๊ธฐ๋ณธ basic ์ธ์ฆ ๋น„ํ™œ์„ฑํ™” JWT ์ธ์ฆ์‚ฌ์šฉ + .logout(logout -> logout.disable()) // ๊ธฐ๋ณธ ๋กœ๊ทธ์•„์›ƒ ๋น„ํ™œ์„ฑํ™” JWT๋Š” ์„œ๋ฒ„ ์ƒํƒœ๊ฐ€ ์—†์œผ๋ฏ€๋กœ ๋กœ๊ทธ์•„์›ƒ ์ฒ˜๋ฆฌ ํ•„์š” ์—†์Œ + .authenticationProvider( + customAuthenticationProvider) // ๋กœ๊ทธ์ธ ํŒจ์Šค์›Œ๋“œ ๋น„๊ต๋ฐฉ์‹ ์Šคํ”„๋ง ๊ธฐ๋ณธ Provider ์‚ฌ์šฉ์•ˆํ•จ ์ปค์Šคํ…€ ์‚ฌ์šฉ + .authorizeHttpRequests( + auth -> + auth + // ADMIN๋งŒ ์ ‘๊ทผ + .requestMatchers("/api/test/admin") + .hasRole("ADMIN") - // ADMIN, LABELER ์ ‘๊ทผ - .requestMatchers("/api/test/label") - .hasAnyRole("ADMIN", "LABELER") + // ADMIN, LABELER ์ ‘๊ทผ + .requestMatchers("/api/test/label") + .hasAnyRole("ADMIN", "LABELER") - // ADMIN, REVIEWER ์ ‘๊ทผ - .requestMatchers("/api/test/review") - .hasAnyRole("ADMIN", "REVIEWER") - - .requestMatchers(HttpMethod.OPTIONS, "/**") - .permitAll() // preflight ํ—ˆ์šฉ - .requestMatchers( - "/api/auth/signin", - "/api/auth/refresh", - "/swagger-ui/**", - "/api/members/*/password", - "/v3/api-docs/**") - .permitAll() - .anyRequest() - .authenticated()) - .addFilterBefore( - jwtAuthenticationFilter, - UsernamePasswordAuthenticationFilter - .class) // ์š”์ฒญ ๋“ค์–ด์˜ค๋ฉด ๋จผ์ € JWT ํ† ํฐ ๊ฒ€์‚ฌ ํ›„ security context ์— ์‚ฌ์šฉ์ž ์ •๋ณด ์ €์žฅ. + // ADMIN, REVIEWER ์ ‘๊ทผ + .requestMatchers("/api/test/review") + .hasAnyRole("ADMIN", "REVIEWER") + .requestMatchers(HttpMethod.OPTIONS, "/**") + .permitAll() // preflight ํ—ˆ์šฉ + .requestMatchers( + "/api/auth/signin", + "/api/auth/refresh", + "/swagger-ui/**", + "/api/members/*/password", + "/v3/api-docs/**") + .permitAll() + .anyRequest() + .authenticated()) + .addFilterBefore( + jwtAuthenticationFilter, + UsernamePasswordAuthenticationFilter + .class) // ์š”์ฒญ ๋“ค์–ด์˜ค๋ฉด ๋จผ์ € JWT ํ† ํฐ ๊ฒ€์‚ฌ ํ›„ security context ์— ์‚ฌ์šฉ์ž ์ •๋ณด ์ €์žฅ. ; return http.build(); @@ -77,7 +76,7 @@ public class SecurityConfig { @Bean public AuthenticationManager authenticationManager(AuthenticationConfiguration configuration) - throws Exception { + throws Exception { return configuration.getAuthenticationManager(); } diff --git a/src/main/java/com/kamco/cd/kamcoback/members/dto/MembersDto.java b/src/main/java/com/kamco/cd/kamcoback/members/dto/MembersDto.java index c5d3af36..1c777896 100644 --- a/src/main/java/com/kamco/cd/kamcoback/members/dto/MembersDto.java +++ b/src/main/java/com/kamco/cd/kamcoback/members/dto/MembersDto.java @@ -32,28 +32,24 @@ public class MembersDto { private String tempPassword; private String status; private String statusName; - @JsonFormatDttm - private ZonedDateTime createdDttm; - @JsonFormatDttm - private ZonedDateTime updatedDttm; - @JsonFormatDttm - private ZonedDateTime firstLoginDttm; - @JsonFormatDttm - private ZonedDateTime lastLoginDttm; + @JsonFormatDttm private ZonedDateTime createdDttm; + @JsonFormatDttm private ZonedDateTime updatedDttm; + @JsonFormatDttm private ZonedDateTime firstLoginDttm; + @JsonFormatDttm private ZonedDateTime lastLoginDttm; public Basic( - Long id, - UUID uuid, - String userRole, - String name, - String userId, - String employeeNo, - String tempPassword, - String status, - ZonedDateTime createdDttm, - ZonedDateTime updatedDttm, - ZonedDateTime firstLoginDttm, - ZonedDateTime lastLoginDttm) { + Long id, + UUID uuid, + String userRole, + String name, + String userId, + String employeeNo, + String tempPassword, + String status, + ZonedDateTime createdDttm, + ZonedDateTime updatedDttm, + ZonedDateTime firstLoginDttm, + ZonedDateTime lastLoginDttm) { this.id = id; this.uuid = uuid; this.userRole = userRole; @@ -87,9 +83,7 @@ public class MembersDto { @AllArgsConstructor public static class SearchReq { - @Schema( - description = "์ „์ฒด, ๊ด€๋ฆฌ์ž(ADMIN), ๋ผ๋ฒจ๋Ÿฌ(LABELER), ๊ฒ€์ˆ˜์ž(REVIEWER)", - example = "") + @Schema(description = "์ „์ฒด, ๊ด€๋ฆฌ์ž(ADMIN), ๋ผ๋ฒจ๋Ÿฌ(LABELER), ๊ฒ€์ˆ˜์ž(REVIEWER)", example = "") private String userRole; @Schema(description = "ํ‚ค์›Œ๋“œ", example = "ํ™๊ธธ๋™") @@ -133,7 +127,7 @@ public class MembersDto { private String employeeNo; public AddReq( - String userRole, String name, String userId, String tempPassword, String employeeNo) { + String userRole, String name, String userId, String tempPassword, String employeeNo) { this.userRole = userRole; this.name = name; this.userId = userId; diff --git a/src/main/java/com/kamco/cd/kamcoback/test/TestApiController.java b/src/main/java/com/kamco/cd/kamcoback/test/TestApiController.java index 2e843964..672bc5f1 100644 --- a/src/main/java/com/kamco/cd/kamcoback/test/TestApiController.java +++ b/src/main/java/com/kamco/cd/kamcoback/test/TestApiController.java @@ -22,13 +22,13 @@ public class TestApiController { @Operation(summary = "admin test", description = "admin test api") @ApiResponses({ @ApiResponse( - responseCode = "200", - description = "์กฐํšŒ", - content = @Content(schema = @Schema(implementation = String.class))), + responseCode = "200", + description = "์กฐํšŒ", + content = @Content(schema = @Schema(implementation = String.class))), @ApiResponse( - responseCode = "403", - description = "๊ถŒํ•œ ์—†์Œ", - content = @Content(schema = @Schema(implementation = ErrorResponse.class))) + responseCode = "403", + description = "๊ถŒํ•œ ์—†์Œ", + content = @Content(schema = @Schema(implementation = ErrorResponse.class))) }) @GetMapping("/admin") public ApiResponseDto admin() { @@ -38,13 +38,13 @@ public class TestApiController { @Operation(summary = "label test", description = "label test api") @ApiResponses({ @ApiResponse( - responseCode = "200", - description = "์กฐํšŒ", - content = @Content(schema = @Schema(implementation = String.class))), + responseCode = "200", + description = "์กฐํšŒ", + content = @Content(schema = @Schema(implementation = String.class))), @ApiResponse( - responseCode = "403", - description = "๊ถŒํ•œ ์—†์Œ", - content = @Content(schema = @Schema(implementation = ErrorResponse.class))) + responseCode = "403", + description = "๊ถŒํ•œ ์—†์Œ", + content = @Content(schema = @Schema(implementation = ErrorResponse.class))) }) @GetMapping("/label") public ApiResponseDto label() { @@ -54,13 +54,13 @@ public class TestApiController { @Operation(summary = "review test", description = "review test api") @ApiResponses({ @ApiResponse( - responseCode = "200", - description = "์กฐํšŒ", - content = @Content(schema = @Schema(implementation = String.class))), + responseCode = "200", + description = "์กฐํšŒ", + content = @Content(schema = @Schema(implementation = String.class))), @ApiResponse( - responseCode = "403", - description = "๊ถŒํ•œ ์—†์Œ", - content = @Content(schema = @Schema(implementation = ErrorResponse.class))) + responseCode = "403", + description = "๊ถŒํ•œ ์—†์Œ", + content = @Content(schema = @Schema(implementation = ErrorResponse.class))) }) @GetMapping("/review") public ApiResponseDto review() { From 5330fc6df58afbd7975f0014f8507825339a081c Mon Sep 17 00:00:00 2001 From: teddy Date: Fri, 12 Dec 2025 10:15:32 +0900 Subject: [PATCH 7/7] =?UTF-8?q?=EA=B4=80=EB=A6=AC=EC=9E=90=20=EC=9C=A0?= =?UTF-8?q?=ED=98=95=20=EB=B2=A8=EB=A6=AC=EB=8D=B0=EC=9D=B4=ED=8A=B8=20?= =?UTF-8?q?=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../java/com/kamco/cd/kamcoback/members/dto/MembersDto.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/main/java/com/kamco/cd/kamcoback/members/dto/MembersDto.java b/src/main/java/com/kamco/cd/kamcoback/members/dto/MembersDto.java index 1c777896..f0de1810 100644 --- a/src/main/java/com/kamco/cd/kamcoback/members/dto/MembersDto.java +++ b/src/main/java/com/kamco/cd/kamcoback/members/dto/MembersDto.java @@ -3,6 +3,7 @@ package com.kamco.cd.kamcoback.members.dto; import com.kamco.cd.kamcoback.common.enums.RoleType; import com.kamco.cd.kamcoback.common.enums.StatusType; import com.kamco.cd.kamcoback.common.utils.Enums; +import com.kamco.cd.kamcoback.common.utils.interfaces.EnumValid; import com.kamco.cd.kamcoback.common.utils.interfaces.JsonFormatDttm; import io.swagger.v3.oas.annotations.media.Schema; import jakarta.validation.constraints.NotBlank; @@ -107,7 +108,7 @@ public class MembersDto { @Schema(description = "๊ด€๋ฆฌ์ž ์œ ํ˜•", example = "ADMIN") @NotBlank - @Size(max = 50) + @EnumValid(enumClass = RoleType.class, message = "userRole์€ ADMIN, LABELER, REVIEWER๋งŒ ๊ฐ€๋Šฅํ•ฉ๋‹ˆ๋‹ค.") private String userRole; @Schema(description = "์ด๋ฆ„", example = "ํ™๊ธธ๋™")