MVPTeam/test
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

권한 테스트 api 수정

Browse Source
This commit is contained in:
teddy
2025-12-12 10:02:23 +09:00
parent 970d08ba44
commit f642f7c723
4 changed files with 267 additions and 274 deletions
Download Patch File Download Diff File Expand all files Collapse all files

386
src/main/java/com/kamco/cd/kamcoback/config/GlobalExceptionHandler.java
View File

@@ -45,197 +45,197 @@ public class GlobalExceptionHandler {
@ResponseStatus(HttpStatus.UNPROCESSABLE_ENTITY) @ResponseStatus(HttpStatus.UNPROCESSABLE_ENTITY)
@ExceptionHandler(EntityNotFoundException.class) @ExceptionHandler(EntityNotFoundException.class)
public ApiResponseDto<String> handlerEntityNotFoundException( public ApiResponseDto<String> handlerEntityNotFoundException(
EntityNotFoundException e, HttpServletRequest request) { EntityNotFoundException e, HttpServletRequest request) {
log.warn("[EntityNotFoundException] resource :{} ", e.getMessage()); log.warn("[EntityNotFoundException] resource :{} ", e.getMessage());
String codeName = "NOT_FOUND_DATA"; String codeName = "NOT_FOUND_DATA";
ErrorLogEntity errorLog = ErrorLogEntity errorLog =
saveErrorLogData( saveErrorLogData(
request, request,
ApiResponseCode.getCode(codeName), ApiResponseCode.getCode(codeName),
HttpStatus.valueOf("UNPROCESSABLE_ENTITY"), HttpStatus.valueOf("UNPROCESSABLE_ENTITY"),
ErrorLogDto.LogErrorLevel.WARNING, ErrorLogDto.LogErrorLevel.WARNING,
e.getStackTrace()); e.getStackTrace());
return ApiResponseDto.createException( return ApiResponseDto.createException(
ApiResponseCode.getCode(codeName), ApiResponseCode.getCode(codeName),
ApiResponseCode.getMessage(codeName), ApiResponseCode.getMessage(codeName),
HttpStatus.valueOf("UNPROCESSABLE_ENTITY"), HttpStatus.valueOf("UNPROCESSABLE_ENTITY"),
errorLog.getId()); errorLog.getId());
} }
@ResponseStatus(HttpStatus.BAD_REQUEST) @ResponseStatus(HttpStatus.BAD_REQUEST)
@ExceptionHandler(HttpMessageNotReadableException.class) @ExceptionHandler(HttpMessageNotReadableException.class)
public ApiResponseDto<String> handleUnreadable( public ApiResponseDto<String> handleUnreadable(
HttpMessageNotReadableException e, HttpServletRequest request) { HttpMessageNotReadableException e, HttpServletRequest request) {
log.warn("[HttpMessageNotReadableException] resource :{} ", e.getMessage()); log.warn("[HttpMessageNotReadableException] resource :{} ", e.getMessage());
String codeName = "BAD_REQUEST"; String codeName = "BAD_REQUEST";
ErrorLogEntity errorLog = ErrorLogEntity errorLog =
saveErrorLogData( saveErrorLogData(
request, request,
ApiResponseCode.getCode(codeName), ApiResponseCode.getCode(codeName),
HttpStatus.valueOf(codeName), HttpStatus.valueOf(codeName),
ErrorLogDto.LogErrorLevel.WARNING, ErrorLogDto.LogErrorLevel.WARNING,
e.getStackTrace()); e.getStackTrace());
return ApiResponseDto.createException( return ApiResponseDto.createException(
ApiResponseCode.getCode(codeName), ApiResponseCode.getCode(codeName),
ApiResponseCode.getMessage(codeName), ApiResponseCode.getMessage(codeName),
HttpStatus.valueOf(codeName), HttpStatus.valueOf(codeName),
errorLog.getId()); errorLog.getId());
} }
@ResponseStatus(HttpStatus.NOT_FOUND) @ResponseStatus(HttpStatus.NOT_FOUND)
@ExceptionHandler(NoSuchElementException.class) @ExceptionHandler(NoSuchElementException.class)
public ApiResponseDto<String> handlerNoSuchElementException( public ApiResponseDto<String> handlerNoSuchElementException(
NoSuchElementException e, HttpServletRequest request) { NoSuchElementException e, HttpServletRequest request) {
log.warn("[NoSuchElementException] resource :{} ", e.getMessage()); log.warn("[NoSuchElementException] resource :{} ", e.getMessage());
String codeName = "NOT_FOUND_DATA"; String codeName = "NOT_FOUND_DATA";
ErrorLogEntity errorLog = ErrorLogEntity errorLog =
saveErrorLogData( saveErrorLogData(
request, request,
ApiResponseCode.getCode(codeName), ApiResponseCode.getCode(codeName),
HttpStatus.valueOf(codeName), HttpStatus.valueOf(codeName),
ErrorLogDto.LogErrorLevel.WARNING, ErrorLogDto.LogErrorLevel.WARNING,
e.getStackTrace()); e.getStackTrace());
return ApiResponseDto.createException( return ApiResponseDto.createException(
ApiResponseCode.getCode(codeName), ApiResponseCode.getCode(codeName),
ApiResponseCode.getMessage(codeName), ApiResponseCode.getMessage(codeName),
HttpStatus.valueOf("NOT_FOUND"), HttpStatus.valueOf("NOT_FOUND"),
errorLog.getId()); errorLog.getId());
} }
@ResponseStatus(HttpStatus.BAD_REQUEST) @ResponseStatus(HttpStatus.BAD_REQUEST)
@ExceptionHandler(IllegalArgumentException.class) @ExceptionHandler(IllegalArgumentException.class)
public ApiResponseDto<String> handlerIllegalArgumentException( public ApiResponseDto<String> handlerIllegalArgumentException(
IllegalArgumentException e, HttpServletRequest request) { IllegalArgumentException e, HttpServletRequest request) {
log.warn("[handlerIllegalArgumentException] resource :{} ", e.getMessage()); log.warn("[handlerIllegalArgumentException] resource :{} ", e.getMessage());
String codeName = "BAD_REQUEST"; String codeName = "BAD_REQUEST";
ErrorLogEntity errorLog = ErrorLogEntity errorLog =
saveErrorLogData( saveErrorLogData(
request, request,
ApiResponseCode.getCode(codeName), ApiResponseCode.getCode(codeName),
HttpStatus.valueOf(codeName), HttpStatus.valueOf(codeName),
ErrorLogDto.LogErrorLevel.WARNING, ErrorLogDto.LogErrorLevel.WARNING,
e.getStackTrace()); e.getStackTrace());
return ApiResponseDto.createException( return ApiResponseDto.createException(
ApiResponseCode.getCode(codeName), ApiResponseCode.getCode(codeName),
ApiResponseCode.getMessage(codeName), ApiResponseCode.getMessage(codeName),
HttpStatus.valueOf(codeName), HttpStatus.valueOf(codeName),
errorLog.getId()); errorLog.getId());
} }
@ResponseStatus(HttpStatus.UNPROCESSABLE_ENTITY) @ResponseStatus(HttpStatus.UNPROCESSABLE_ENTITY)
@ExceptionHandler(DataIntegrityViolationException.class) @ExceptionHandler(DataIntegrityViolationException.class)
public ApiResponseDto<String> handlerDataIntegrityViolationException( public ApiResponseDto<String> handlerDataIntegrityViolationException(
DataIntegrityViolationException e, HttpServletRequest request) { DataIntegrityViolationException e, HttpServletRequest request) {
log.warn("[DataIntegrityViolationException] resource :{} ", e.getMessage()); log.warn("[DataIntegrityViolationException] resource :{} ", e.getMessage());
String codeName = "DATA_INTEGRITY_ERROR"; String codeName = "DATA_INTEGRITY_ERROR";
ErrorLogEntity errorLog = ErrorLogEntity errorLog =
saveErrorLogData( saveErrorLogData(
request, request,
ApiResponseCode.getCode(codeName), ApiResponseCode.getCode(codeName),
HttpStatus.valueOf("UNPROCESSABLE_ENTITY"), HttpStatus.valueOf("UNPROCESSABLE_ENTITY"),
ErrorLogDto.LogErrorLevel.CRITICAL, ErrorLogDto.LogErrorLevel.CRITICAL,
e.getStackTrace()); e.getStackTrace());
return ApiResponseDto.createException( return ApiResponseDto.createException(
ApiResponseCode.getCode(codeName), ApiResponseCode.getCode(codeName),
ApiResponseCode.getMessage(codeName), ApiResponseCode.getMessage(codeName),
HttpStatus.valueOf("UNPROCESSABLE_ENTITY"), HttpStatus.valueOf("UNPROCESSABLE_ENTITY"),
errorLog.getId()); errorLog.getId());
} }
@ResponseStatus(HttpStatus.BAD_REQUEST) @ResponseStatus(HttpStatus.BAD_REQUEST)
@ExceptionHandler(MethodArgumentNotValidException.class) @ExceptionHandler(MethodArgumentNotValidException.class)
public ApiResponseDto<String> handlerMethodArgumentNotValidException( public ApiResponseDto<String> handlerMethodArgumentNotValidException(
MethodArgumentNotValidException e, HttpServletRequest request) { MethodArgumentNotValidException e, HttpServletRequest request) {
log.warn("[MethodArgumentNotValidException] resource :{} ", e.getMessage()); log.warn("[MethodArgumentNotValidException] resource :{} ", e.getMessage());
String codeName = "BAD_REQUEST"; String codeName = "BAD_REQUEST";
ErrorLogEntity errorLog = ErrorLogEntity errorLog =
saveErrorLogData( saveErrorLogData(
request, request,
ApiResponseCode.getCode(codeName), ApiResponseCode.getCode(codeName),
HttpStatus.valueOf(codeName), HttpStatus.valueOf(codeName),
ErrorLogDto.LogErrorLevel.WARNING, ErrorLogDto.LogErrorLevel.WARNING,
e.getStackTrace()); e.getStackTrace());
return ApiResponseDto.createException( return ApiResponseDto.createException(
ApiResponseCode.getCode(codeName), ApiResponseCode.getCode(codeName),
ApiResponseCode.getMessage(codeName), ApiResponseCode.getMessage(codeName),
HttpStatus.valueOf(codeName), HttpStatus.valueOf(codeName),
errorLog.getId()); errorLog.getId());
} }
@ResponseStatus(HttpStatus.FORBIDDEN) @ResponseStatus(HttpStatus.FORBIDDEN)
@ExceptionHandler(AccessDeniedException.class) @ExceptionHandler(AccessDeniedException.class)
public ApiResponseDto<String> handlerAccessDeniedException( public ApiResponseDto<String> handlerAccessDeniedException(
AccessDeniedException e, HttpServletRequest request) { AccessDeniedException e, HttpServletRequest request) {
log.warn("[AccessDeniedException] resource :{} ", e.getMessage()); log.warn("[AccessDeniedException] resource :{} ", e.getMessage());
String codeName = "FORBIDDEN"; String codeName = "FORBIDDEN";
ErrorLogEntity errorLog = ErrorLogEntity errorLog =
saveErrorLogData( saveErrorLogData(
request, request,
ApiResponseCode.getCode(codeName), ApiResponseCode.getCode(codeName),
HttpStatus.valueOf(codeName), HttpStatus.valueOf(codeName),
ErrorLogDto.LogErrorLevel.ERROR, ErrorLogDto.LogErrorLevel.ERROR,
e.getStackTrace()); e.getStackTrace());
return ApiResponseDto.createException( return ApiResponseDto.createException(
ApiResponseCode.getCode(codeName), ApiResponseCode.getCode(codeName),
ApiResponseCode.getMessage(codeName), ApiResponseCode.getMessage(codeName),
HttpStatus.valueOf(codeName), HttpStatus.valueOf(codeName),
errorLog.getId()); errorLog.getId());
} }
@ResponseStatus(HttpStatus.BAD_GATEWAY) @ResponseStatus(HttpStatus.BAD_GATEWAY)
@ExceptionHandler(HttpServerErrorException.BadGateway.class) @ExceptionHandler(HttpServerErrorException.BadGateway.class)
public ApiResponseDto<String> handlerHttpServerErrorException( public ApiResponseDto<String> handlerHttpServerErrorException(
HttpServerErrorException e, HttpServletRequest request) { HttpServerErrorException e, HttpServletRequest request) {
log.warn("[HttpServerErrorException] resource :{} ", e.getMessage()); log.warn("[HttpServerErrorException] resource :{} ", e.getMessage());
String codeName = "BAD_GATEWAY"; String codeName = "BAD_GATEWAY";
ErrorLogEntity errorLog = ErrorLogEntity errorLog =
saveErrorLogData( saveErrorLogData(
request, request,
ApiResponseCode.getCode(codeName), ApiResponseCode.getCode(codeName),
HttpStatus.valueOf(codeName), HttpStatus.valueOf(codeName),
ErrorLogDto.LogErrorLevel.CRITICAL, ErrorLogDto.LogErrorLevel.CRITICAL,
e.getStackTrace()); e.getStackTrace());
return ApiResponseDto.createException( return ApiResponseDto.createException(
ApiResponseCode.getCode(codeName), ApiResponseCode.getCode(codeName),
ApiResponseCode.getMessage(codeName), ApiResponseCode.getMessage(codeName),
HttpStatus.valueOf(codeName), HttpStatus.valueOf(codeName),
errorLog.getId()); errorLog.getId());
} }
@ResponseStatus(HttpStatus.UNPROCESSABLE_ENTITY) @ResponseStatus(HttpStatus.UNPROCESSABLE_ENTITY)
@ExceptionHandler(IllegalStateException.class) @ExceptionHandler(IllegalStateException.class)
public ApiResponseDto<String> handlerIllegalStateException( public ApiResponseDto<String> handlerIllegalStateException(
IllegalStateException e, HttpServletRequest request) { IllegalStateException e, HttpServletRequest request) {
log.warn("[IllegalStateException] resource :{} ", e.getMessage()); log.warn("[IllegalStateException] resource :{} ", e.getMessage());
String codeName = "UNPROCESSABLE_ENTITY"; String codeName = "UNPROCESSABLE_ENTITY";
ErrorLogEntity errorLog = ErrorLogEntity errorLog =
saveErrorLogData( saveErrorLogData(
request, request,
ApiResponseCode.getCode(codeName), ApiResponseCode.getCode(codeName),
HttpStatus.valueOf(codeName), HttpStatus.valueOf(codeName),
ErrorLogDto.LogErrorLevel.WARNING, ErrorLogDto.LogErrorLevel.WARNING,
e.getStackTrace()); e.getStackTrace());
return ApiResponseDto.createException( return ApiResponseDto.createException(
ApiResponseCode.getCode(codeName), ApiResponseCode.getCode(codeName),
ApiResponseCode.getMessage(codeName), ApiResponseCode.getMessage(codeName),
HttpStatus.valueOf(codeName), HttpStatus.valueOf(codeName),
errorLog.getId()); errorLog.getId());
} }
@ResponseStatus(HttpStatus.BAD_REQUEST) @ResponseStatus(HttpStatus.BAD_REQUEST)
@ExceptionHandler(MemberException.DuplicateMemberException.class) @ExceptionHandler(MemberException.DuplicateMemberException.class)
public ApiResponseDto<String> handlerDuplicateMemberException( public ApiResponseDto<String> handlerDuplicateMemberException(
MemberException.DuplicateMemberException e, HttpServletRequest request) { MemberException.DuplicateMemberException e, HttpServletRequest request) {
log.warn("[DuplicateMemberException] resource :{} ", e.getMessage()); log.warn("[DuplicateMemberException] resource :{} ", e.getMessage());
String codeName = ""; String codeName = "";
@@ -250,112 +250,112 @@ public class GlobalExceptionHandler {
} }
ErrorLogEntity errorLog = ErrorLogEntity errorLog =
saveErrorLogData( saveErrorLogData(
request, request,
ApiResponseCode.getCode(codeName), ApiResponseCode.getCode(codeName),
HttpStatus.valueOf("BAD_REQUEST"), HttpStatus.valueOf("BAD_REQUEST"),
ErrorLogDto.LogErrorLevel.WARNING, ErrorLogDto.LogErrorLevel.WARNING,
e.getStackTrace()); e.getStackTrace());
return ApiResponseDto.createException( return ApiResponseDto.createException(
ApiResponseCode.getCode(codeName), ApiResponseCode.getCode(codeName),
ApiResponseCode.getMessage(codeName), ApiResponseCode.getMessage(codeName),
HttpStatus.valueOf("BAD_REQUEST"), HttpStatus.valueOf("BAD_REQUEST"),
errorLog.getId()); errorLog.getId());
} }
@ResponseStatus(HttpStatus.BAD_REQUEST) @ResponseStatus(HttpStatus.BAD_REQUEST)
@ExceptionHandler(MemberException.MemberNotFoundException.class) @ExceptionHandler(MemberException.MemberNotFoundException.class)
public ApiResponseDto<String> handlerMemberNotFoundException( public ApiResponseDto<String> handlerMemberNotFoundException(
MemberException.MemberNotFoundException e, HttpServletRequest request) { MemberException.MemberNotFoundException e, HttpServletRequest request) {
log.warn("[MemberNotFoundException] resource :{} ", e.getMessage()); log.warn("[MemberNotFoundException] resource :{} ", e.getMessage());
String codeName = "NOT_FOUND_USER"; String codeName = "NOT_FOUND_USER";
ErrorLogEntity errorLog = ErrorLogEntity errorLog =
saveErrorLogData( saveErrorLogData(
request, request,
ApiResponseCode.getCode(codeName), ApiResponseCode.getCode(codeName),
HttpStatus.valueOf("BAD_REQUEST"), HttpStatus.valueOf("BAD_REQUEST"),
ErrorLogDto.LogErrorLevel.WARNING, ErrorLogDto.LogErrorLevel.WARNING,
e.getStackTrace()); e.getStackTrace());
return ApiResponseDto.createException( return ApiResponseDto.createException(
ApiResponseCode.getCode(codeName), ApiResponseCode.getCode(codeName),
ApiResponseCode.getMessage(codeName), ApiResponseCode.getMessage(codeName),
HttpStatus.valueOf("BAD_REQUEST"), HttpStatus.valueOf("BAD_REQUEST"),
errorLog.getId()); errorLog.getId());
} }
@ResponseStatus(HttpStatus.CONFLICT) @ResponseStatus(HttpStatus.CONFLICT)
@ExceptionHandler(DuplicateKeyException.class) @ExceptionHandler(DuplicateKeyException.class)
public ApiResponseDto<String> handlerDuplicateKeyException( public ApiResponseDto<String> handlerDuplicateKeyException(
DuplicateKeyException e, HttpServletRequest request) { DuplicateKeyException e, HttpServletRequest request) {
log.warn("[DuplicateKeyException] resource :{} ", e.getMessage()); log.warn("[DuplicateKeyException] resource :{} ", e.getMessage());
String codeName = "DUPLICATE_DATA"; String codeName = "DUPLICATE_DATA";
ErrorLogEntity errorLog = ErrorLogEntity errorLog =
saveErrorLogData( saveErrorLogData(
request, request,
ApiResponseCode.getCode(codeName), ApiResponseCode.getCode(codeName),
HttpStatus.valueOf("CONFLICT"), HttpStatus.valueOf("CONFLICT"),
ErrorLogDto.LogErrorLevel.WARNING, ErrorLogDto.LogErrorLevel.WARNING,
e.getStackTrace()); e.getStackTrace());
return ApiResponseDto.createException( return ApiResponseDto.createException(
ApiResponseCode.getCode(codeName), ApiResponseCode.getCode(codeName),
ApiResponseCode.getMessage(codeName), ApiResponseCode.getMessage(codeName),
HttpStatus.valueOf("CONFLICT"), HttpStatus.valueOf("CONFLICT"),
errorLog.getId()); errorLog.getId());
} }
@ExceptionHandler(BadCredentialsException.class) @ExceptionHandler(BadCredentialsException.class)
public ResponseEntity<ApiResponseDto<String>> handleBadCredentials( public ResponseEntity<ApiResponseDto<String>> handleBadCredentials(
BadCredentialsException e, HttpServletRequest request) { BadCredentialsException e, HttpServletRequest request) {
log.warn("[BadCredentialsException] resource : {} ", e.getMessage()); log.warn("[BadCredentialsException] resource : {} ", e.getMessage());
String codeName = "UNAUTHORIZED"; String codeName = "UNAUTHORIZED";
ErrorLogEntity errorLog = ErrorLogEntity errorLog =
saveErrorLogData( saveErrorLogData(
request, request,
ApiResponseCode.getCode(codeName), ApiResponseCode.getCode(codeName),
HttpStatus.valueOf(codeName), HttpStatus.valueOf(codeName),
ErrorLogDto.LogErrorLevel.WARNING, ErrorLogDto.LogErrorLevel.WARNING,
e.getStackTrace()); e.getStackTrace());
ApiResponseDto<String> body = ApiResponseDto<String> body =
ApiResponseDto.createException( ApiResponseDto.createException(
ApiResponseCode.getCode(codeName), ApiResponseCode.getCode(codeName),
ApiResponseCode.getMessage(codeName), ApiResponseCode.getMessage(codeName),
HttpStatus.valueOf(codeName), HttpStatus.valueOf(codeName),
errorLog.getId()); errorLog.getId());
return ResponseEntity.status(HttpStatus.UNAUTHORIZED) // 🔥 여기서 401 지정 return ResponseEntity.status(HttpStatus.UNAUTHORIZED) // 🔥 여기서 401 지정
.body(body); .body(body);
} }
@ResponseStatus(HttpStatus.INTERNAL_SERVER_ERROR) @ResponseStatus(HttpStatus.INTERNAL_SERVER_ERROR)
@ExceptionHandler(RuntimeException.class) @ExceptionHandler(RuntimeException.class)
public ApiResponseDto<String> handlerRuntimeException( public ApiResponseDto<String> handlerRuntimeException(
RuntimeException e, HttpServletRequest request) { RuntimeException e, HttpServletRequest request) {
log.warn("[RuntimeException] resource :{} ", e.getMessage()); log.warn("[RuntimeException] resource :{} ", e.getMessage());
String codeName = "INTERNAL_SERVER_ERROR"; String codeName = "INTERNAL_SERVER_ERROR";
ErrorLogEntity errorLog = ErrorLogEntity errorLog =
saveErrorLogData( saveErrorLogData(
request, request,
ApiResponseCode.getCode(codeName), ApiResponseCode.getCode(codeName),
HttpStatus.valueOf(codeName), HttpStatus.valueOf(codeName),
ErrorLogDto.LogErrorLevel.CRITICAL, ErrorLogDto.LogErrorLevel.CRITICAL,
e.getStackTrace()); e.getStackTrace());
return ApiResponseDto.createException( return ApiResponseDto.createException(
ApiResponseCode.getCode(codeName), ApiResponseCode.getCode(codeName),
ApiResponseCode.getMessage(codeName), ApiResponseCode.getMessage(codeName),
HttpStatus.valueOf(codeName), HttpStatus.valueOf(codeName),
errorLog.getId()); errorLog.getId());
} }
@ResponseStatus(HttpStatus.INTERNAL_SERVER_ERROR) @ResponseStatus(HttpStatus.INTERNAL_SERVER_ERROR)
@@ -365,36 +365,36 @@ public class GlobalExceptionHandler {
String codeName = "INTERNAL_SERVER_ERROR"; String codeName = "INTERNAL_SERVER_ERROR";
ErrorLogEntity errorLog = ErrorLogEntity errorLog =
saveErrorLogData( saveErrorLogData(
request, request,
ApiResponseCode.getCode(codeName), ApiResponseCode.getCode(codeName),
HttpStatus.valueOf(codeName), HttpStatus.valueOf(codeName),
ErrorLogDto.LogErrorLevel.CRITICAL, ErrorLogDto.LogErrorLevel.CRITICAL,
e.getStackTrace()); e.getStackTrace());
return ApiResponseDto.createException( return ApiResponseDto.createException(
ApiResponseCode.getCode(codeName), ApiResponseCode.getCode(codeName),
ApiResponseCode.getMessage(codeName), ApiResponseCode.getMessage(codeName),
HttpStatus.valueOf(codeName), HttpStatus.valueOf(codeName),
errorLog.getId()); errorLog.getId());
} }
/** /**
* 에러 로그 테이블 저장 로직 * 에러 로그 테이블 저장 로직
* *
* @param request : request * @param request : request
* @param errorCode : 정의된 enum errorCode * @param errorCode : 정의된 enum errorCode
* @param httpStatus : HttpStatus 값 * @param httpStatus : HttpStatus 값
* @param logErrorLevel : WARNING, ERROR, CRITICAL * @param logErrorLevel : WARNING, ERROR, CRITICAL
* @param stackTrace : 에러 내용 * @param stackTrace : 에러 내용
* @return : insert하고 결과로 받은 Entity * @return : insert하고 결과로 받은 Entity
*/ */
private ErrorLogEntity saveErrorLogData( private ErrorLogEntity saveErrorLogData(
HttpServletRequest request, HttpServletRequest request,
ApiResponseCode errorCode, ApiResponseCode errorCode,
HttpStatus httpStatus, HttpStatus httpStatus,
ErrorLogDto.LogErrorLevel logErrorLevel, ErrorLogDto.LogErrorLevel logErrorLevel,
StackTraceElement[] stackTrace) { StackTraceElement[] stackTrace) {
Long userid = null; Long userid = null;
@@ -408,35 +408,35 @@ public class GlobalExceptionHandler {
* 만든 CustomUserDetails 타입인가? 체크 * 만든 CustomUserDetails 타입인가? 체크
*/ */
if (request.getUserPrincipal() instanceof UsernamePasswordAuthenticationToken auth if (request.getUserPrincipal() instanceof UsernamePasswordAuthenticationToken auth
&& auth.getPrincipal() instanceof CustomUserDetails customUserDetails) { && auth.getPrincipal() instanceof CustomUserDetails customUserDetails) {
// audit 에는 long 타입 user_id가 들어가지만 토큰 sub은 uuid여서 user_id 가져오기 // audit 에는 long 타입 user_id가 들어가지만 토큰 sub은 uuid여서 user_id 가져오기
userid = customUserDetails.getMember().getId(); userid = customUserDetails.getMember().getId();
} }
String stackTraceStr = String stackTraceStr =
Arrays.stream(stackTrace) Arrays.stream(stackTrace)
.map(StackTraceElement::toString) .map(StackTraceElement::toString)
.collect(Collectors.joining("\n")) .collect(Collectors.joining("\n"))
.substring(0, Math.min(stackTrace.length, 255)); .substring(0, Math.min(stackTrace.length, 255));
ErrorLogEntity errorLogEntity = ErrorLogEntity errorLogEntity =
new ErrorLogEntity( new ErrorLogEntity(
request.getRequestURI(), request.getRequestURI(),
ApiLogFunction.getEventType(request), ApiLogFunction.getEventType(request),
logErrorLevel, logErrorLevel,
String.valueOf(httpStatus.value()), String.valueOf(httpStatus.value()),
errorCode.getText(), errorCode.getText(),
stackTraceStr, stackTraceStr,
userid, userid,
ZonedDateTime.now()); ZonedDateTime.now());
return errorLogRepository.save(errorLogEntity); return errorLogRepository.save(errorLogEntity);
} }
@ExceptionHandler(CustomApiException.class) @ExceptionHandler(CustomApiException.class)
public ResponseEntity<ApiResponseDto<String>> handleCustomApiException( public ResponseEntity<ApiResponseDto<String>> handleCustomApiException(
CustomApiException e, HttpServletRequest request) { CustomApiException e, HttpServletRequest request) {
log.warn("[CustomApiException] resource : {}", e.getMessage()); log.warn("[CustomApiException] resource : {}", e.getMessage());
String codeName = e.getCodeName(); String codeName = e.getCodeName();
@@ -446,11 +446,11 @@ public class GlobalExceptionHandler {
ApiResponseCode apiCode = ApiResponseCode.getCode(codeName); ApiResponseCode apiCode = ApiResponseCode.getCode(codeName);
ErrorLogEntity errorLog = ErrorLogEntity errorLog =
saveErrorLogData( saveErrorLogData(
request, apiCode, status, ErrorLogDto.LogErrorLevel.WARNING, e.getStackTrace()); request, apiCode, status, ErrorLogDto.LogErrorLevel.WARNING, e.getStackTrace());
ApiResponseDto<String> body = ApiResponseDto<String> body =
ApiResponseDto.createException(apiCode, message, status, errorLog.getId()); ApiResponseDto.createException(apiCode, message, status, errorLog.getId());
return new ResponseEntity<>(body, status); return new ResponseEntity<>(body, status);
} }

77
src/main/java/com/kamco/cd/kamcoback/config/SecurityConfig.java
View File

@@ -30,46 +30,45 @@ public class SecurityConfig {
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
http.cors(cors -> cors.configurationSource(corsConfigurationSource())) http.cors(cors -> cors.configurationSource(corsConfigurationSource()))
.csrf(csrf -> csrf.disable()) // CSRF 보안 기능 비활성화 .csrf(csrf -> csrf.disable()) // CSRF 보안 기능 비활성화
.sessionManagement( .sessionManagement(
sm -> sm ->
sm.sessionCreationPolicy( sm.sessionCreationPolicy(
SessionCreationPolicy.STATELESS)) // 서버 세션 만들지 않음, 요청은 JWT 인증 SessionCreationPolicy.STATELESS)) // 서버 세션 만들지 않음, 요청은 JWT 인증
.formLogin(form -> form.disable()) // react에서 로그인 요청 관리 .formLogin(form -> form.disable()) // react에서 로그인 요청 관리
.httpBasic(basic -> basic.disable()) // 기본 basic 인증 비활성화 JWT 인증사용 .httpBasic(basic -> basic.disable()) // 기본 basic 인증 비활성화 JWT 인증사용
.logout(logout -> logout.disable()) // 기본 로그아웃 비활성화 JWT는 서버 상태가 없으므로 로그아웃 처리 필요 없음 .logout(logout -> logout.disable()) // 기본 로그아웃 비활성화 JWT는 서버 상태가 없으므로 로그아웃 처리 필요 없음
.authenticationProvider( .authenticationProvider(
customAuthenticationProvider) // 로그인 패스워드 비교방식 스프링 기본 Provider 사용안함 커스텀 사용 customAuthenticationProvider) // 로그인 패스워드 비교방식 스프링 기본 Provider 사용안함 커스텀 사용
.authorizeHttpRequests( .authorizeHttpRequests(
auth -> auth ->
auth auth
// ADMIN만 접근 // ADMIN만 접근
.requestMatchers("/api/test/admin") .requestMatchers("/api/test/admin")
.hasRole("ADMIN") .hasRole("ADMIN")
// ADMIN, LABELER 접근 // ADMIN, LABELER 접근
.requestMatchers("/api/test/label") .requestMatchers("/api/test/label")
.hasAnyRole("ADMIN", "LABELER") .hasAnyRole("ADMIN", "LABELER")
// ADMIN, REVIEWER 접근 // ADMIN, REVIEWER 접근
.requestMatchers("/api/test/review") .requestMatchers("/api/test/review")
.hasAnyRole("ADMIN", "REVIEWER") .hasAnyRole("ADMIN", "REVIEWER")
.requestMatchers(HttpMethod.OPTIONS, "/**")
.requestMatchers(HttpMethod.OPTIONS, "/**") .permitAll() // preflight 허용
.permitAll() // preflight 허용 .requestMatchers(
.requestMatchers( "/api/auth/signin",
"/api/auth/signin", "/api/auth/refresh",
"/api/auth/refresh", "/swagger-ui/**",
"/swagger-ui/**", "/api/members/*/password",
"/api/members/*/password", "/v3/api-docs/**")
"/v3/api-docs/**") .permitAll()
.permitAll() .anyRequest()
.anyRequest() .authenticated())
.authenticated()) .addFilterBefore(
.addFilterBefore( jwtAuthenticationFilter,
jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter
UsernamePasswordAuthenticationFilter .class) // 요청 들어오면 먼저 JWT 토큰 검사 후 security context 에 사용자 정보 저장.
.class) // 요청 들어오면 먼저 JWT 토큰 검사 후 security context 에 사용자 정보 저장.
; ;
return http.build(); return http.build();
@@ -77,7 +76,7 @@ public class SecurityConfig {
@Bean @Bean
public AuthenticationManager authenticationManager(AuthenticationConfiguration configuration) public AuthenticationManager authenticationManager(AuthenticationConfiguration configuration)
throws Exception { throws Exception {
return configuration.getAuthenticationManager(); return configuration.getAuthenticationManager();
} }

42
src/main/java/com/kamco/cd/kamcoback/members/dto/MembersDto.java
View File

@@ -32,28 +32,24 @@ public class MembersDto {
private String tempPassword; private String tempPassword;
private String status; private String status;
private String statusName; private String statusName;
@JsonFormatDttm @JsonFormatDttm private ZonedDateTime createdDttm;
private ZonedDateTime createdDttm; @JsonFormatDttm private ZonedDateTime updatedDttm;
@JsonFormatDttm @JsonFormatDttm private ZonedDateTime firstLoginDttm;
private ZonedDateTime updatedDttm; @JsonFormatDttm private ZonedDateTime lastLoginDttm;
@JsonFormatDttm
private ZonedDateTime firstLoginDttm;
@JsonFormatDttm
private ZonedDateTime lastLoginDttm;
public Basic( public Basic(
Long id, Long id,
UUID uuid, UUID uuid,
String userRole, String userRole,
String name, String name,
String userId, String userId,
String employeeNo, String employeeNo,
String tempPassword, String tempPassword,
String status, String status,
ZonedDateTime createdDttm, ZonedDateTime createdDttm,
ZonedDateTime updatedDttm, ZonedDateTime updatedDttm,
ZonedDateTime firstLoginDttm, ZonedDateTime firstLoginDttm,
ZonedDateTime lastLoginDttm) { ZonedDateTime lastLoginDttm) {
this.id = id; this.id = id;
this.uuid = uuid; this.uuid = uuid;
this.userRole = userRole; this.userRole = userRole;
@@ -87,9 +83,7 @@ public class MembersDto {
@AllArgsConstructor @AllArgsConstructor
public static class SearchReq { public static class SearchReq {
@Schema( @Schema(description = "전체, 관리자(ADMIN), 라벨러(LABELER), 검수자(REVIEWER)", example = "")
description = "전체, 관리자(ADMIN), 라벨러(LABELER), 검수자(REVIEWER)",
example = "")
private String userRole; private String userRole;
@Schema(description = "키워드", example = "홍길동") @Schema(description = "키워드", example = "홍길동")
@@ -133,7 +127,7 @@ public class MembersDto {
private String employeeNo; private String employeeNo;
public AddReq( public AddReq(
String userRole, String name, String userId, String tempPassword, String employeeNo) { String userRole, String name, String userId, String tempPassword, String employeeNo) {
this.userRole = userRole; this.userRole = userRole;
this.name = name; this.name = name;
this.userId = userId; this.userId = userId;

36
src/main/java/com/kamco/cd/kamcoback/test/TestApiController.java
View File

@@ -22,13 +22,13 @@ public class TestApiController {
@Operation(summary = "admin test", description = "admin test api") @Operation(summary = "admin test", description = "admin test api")
@ApiResponses({ @ApiResponses({
@ApiResponse( @ApiResponse(
responseCode = "200", responseCode = "200",
description = "조회", description = "조회",
content = @Content(schema = @Schema(implementation = String.class))), content = @Content(schema = @Schema(implementation = String.class))),
@ApiResponse( @ApiResponse(
responseCode = "403", responseCode = "403",
description = "권한 없음", description = "권한 없음",
content = @Content(schema = @Schema(implementation = ErrorResponse.class))) content = @Content(schema = @Schema(implementation = ErrorResponse.class)))
}) })
@GetMapping("/admin") @GetMapping("/admin")
public ApiResponseDto<String> admin() { public ApiResponseDto<String> admin() {
@@ -38,13 +38,13 @@ public class TestApiController {
@Operation(summary = "label test", description = "label test api") @Operation(summary = "label test", description = "label test api")
@ApiResponses({ @ApiResponses({
@ApiResponse( @ApiResponse(
responseCode = "200", responseCode = "200",
description = "조회", description = "조회",
content = @Content(schema = @Schema(implementation = String.class))), content = @Content(schema = @Schema(implementation = String.class))),
@ApiResponse( @ApiResponse(
responseCode = "403", responseCode = "403",
description = "권한 없음", description = "권한 없음",
content = @Content(schema = @Schema(implementation = ErrorResponse.class))) content = @Content(schema = @Schema(implementation = ErrorResponse.class)))
}) })
@GetMapping("/label") @GetMapping("/label")
public ApiResponseDto<String> label() { public ApiResponseDto<String> label() {
@@ -54,13 +54,13 @@ public class TestApiController {
@Operation(summary = "review test", description = "review test api") @Operation(summary = "review test", description = "review test api")
@ApiResponses({ @ApiResponses({
@ApiResponse( @ApiResponse(
responseCode = "200", responseCode = "200",
description = "조회", description = "조회",
content = @Content(schema = @Schema(implementation = String.class))), content = @Content(schema = @Schema(implementation = String.class))),
@ApiResponse( @ApiResponse(
responseCode = "403", responseCode = "403",
description = "권한 없음", description = "권한 없음",
content = @Content(schema = @Schema(implementation = ErrorResponse.class))) content = @Content(schema = @Schema(implementation = ErrorResponse.class)))
}) })
@GetMapping("/review") @GetMapping("/review")
public ApiResponseDto<String> review() { public ApiResponseDto<String> review() {