사용자 등록시 권한 부여

This commit is contained in:
현성필
2023-05-16 11:40:50 +09:00
parent 0197f3c7d8
commit e8e435b6fd
14 changed files with 43 additions and 97 deletions
@@ -3,13 +3,14 @@ package com.eactive.httpmockserver.common.exception;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.bind.annotation.RestControllerAdvice;
import org.springframework.web.context.request.WebRequest;
import org.springframework.web.servlet.mvc.method.annotation.ResponseEntityExceptionHandler;
import java.time.LocalDateTime;
@RestControllerAdvice
@RestControllerAdvice(annotations = RestController.class)
public class CustomGlobalExceptionHandler extends ResponseEntityExceptionHandler {
@ExceptionHandler(NotFoundException.class)
@@ -55,7 +55,7 @@ public class AuthenticInterceptor implements AsyncHandlerInterceptor {
boolean found = findPattern(request.getRequestURI());
if (found) {
if (currentUser.getUserSecurity() != null && "ROLE_ADMIN".equals(currentUser.getUserSecurity().getAuthorCode())) {
if (currentUser.getUserSecurity() != null && "ROLE_ADMIN".equals(currentUser.getUserSecurity())) {
return true;
} else {
ModelAndView redirectLoginView = new ModelAndView("redirect:/");
@@ -28,7 +28,8 @@ public class WebMvcConfig implements WebMvcConfigurer {
private List<String> listAdminAuthPattern() {
List<String> patterns = new ArrayList<>();
patterns.add("/mgmt/**/*.do");
patterns.add("/mgmt/users/*.do");
patterns.add("/mgmt/servers/*.do");
return patterns;
}
@@ -59,6 +59,7 @@ public class AdminRegisterController {
}
StaffUser newUser = staffUserMapper.map(user);
newUser.setUserSecurity("ROLE_ADMIN");
staffUserService.create(newUser);
return "redirect:/login";
}
@@ -55,6 +55,8 @@ public class UserRegisterDTO implements Serializable {
@NotEmpty
private String username;
private String userSecurity;
public String getEsntlId() {
return esntlId;
}
@@ -110,4 +112,12 @@ public class UserRegisterDTO implements Serializable {
public void setPassword2(String password2) {
this.password2 = password2;
}
public String getUserSecurity() {
return userSecurity;
}
public void setUserSecurity(String userSecurity) {
this.userSecurity = userSecurity;
}
}
@@ -33,6 +33,7 @@ public class UserUpdateDTO implements Serializable {
@NotEmpty
private String mobilePhone;
private String userSecurity;
/**
* 사용자명
*/
@@ -89,4 +90,12 @@ public class UserUpdateDTO implements Serializable {
public void setLockAt(EnabledStatus lockAt) {
this.lockAt = lockAt;
}
public String getUserSecurity() {
return userSecurity;
}
public void setUserSecurity(String userSecurity) {
this.userSecurity = userSecurity;
}
}
@@ -5,7 +5,7 @@ public class AnonymousUser extends User {
public AnonymousUser() {
this.userId = "ANONYMOUS";
this.setUserSecurity(new UserSecurity("ROLE_ANONYMOUS"));
this.setUserSecurity("ROLE_ANONYMOUS");
}
@Override
@@ -51,9 +51,8 @@ public abstract class User extends Auditable implements Serializable, UserDetail
@Transient
private String ip;
@OneToOne(fetch = FetchType.EAGER)
@JoinColumn(name = "ESNTL_ID", referencedColumnName = "SCRTY_DTRMN_TRGET_ID", insertable = false, updatable = false)
private UserSecurity userSecurity;
@Column(name = "USER_SECURITY")
private String userSecurity;
public String getEsntlId() {
return esntlId;
@@ -125,7 +124,7 @@ public abstract class User extends Auditable implements Serializable, UserDetail
@Transient
public Collection<? extends GrantedAuthority> getAuthorities() {
if (userSecurity != null) {
return Arrays.asList(new SimpleGrantedAuthority(userSecurity.getAuthorCode()));
return Arrays.asList(new SimpleGrantedAuthority(this.userSecurity));
} else {
return Arrays.asList(new SimpleGrantedAuthority("ROLE_USER"));
}
@@ -155,11 +154,11 @@ public abstract class User extends Auditable implements Serializable, UserDetail
return getStatus().equals(UserStatus.ACTIVE);
}
public UserSecurity getUserSecurity() {
public String getUserSecurity() {
return userSecurity;
}
public void setUserSecurity(UserSecurity userSecurity) {
public void setUserSecurity(String userSecurity) {
this.userSecurity = userSecurity;
}
}
@@ -1,68 +0,0 @@
package com.eactive.httpmockserver.user.entity;
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.Id;
import javax.persistence.Table;
import java.io.Serializable;
/**
* COMTNEMPLYRSCRTYESTBS 사용자보안설정
*
* @author
* @version 1.0
*/
@Entity
@Table(name = "COMTNEMPLYRSCRTYESTBS")
public class UserSecurity implements Serializable {
public UserSecurity() {
}
public UserSecurity(String authorCode) {
this.authorCode = authorCode;
}
/**
* 권한코드
*/
@Column(name = "AUTHOR_CODE", nullable = false)
private String authorCode;
/**
* 회원유형코드
*/
@Column(name = "MBER_TY_CODE", nullable = true)
private String memberTypeCode;
/**
* 보안설정대상ID
*/
@Id
@Column(name = "SCRTY_DTRMN_TRGET_ID", nullable = false)
private String userEsntlId;
public String getAuthorCode() {
return authorCode;
}
public void setAuthorCode(String authorCode) {
this.authorCode = authorCode;
}
public String getMemberTypeCode() {
return memberTypeCode;
}
public void setMemberTypeCode(String memberTypeCode) {
this.memberTypeCode = memberTypeCode;
}
public String getUserEsntlId() {
return userEsntlId;
}
public void setUserEsntlId(String userEsntlId) {
this.userEsntlId = userEsntlId;
}
}
@@ -6,6 +6,7 @@ import com.eactive.httpmockserver.user.dto.UserUpdateDTO;
import com.eactive.httpmockserver.user.entity.StaffUser;
import com.eactive.httpmockserver.common.mapper.CommonMapper;
import com.eactive.httpmockserver.common.util.EncryptionUtil;
import org.apache.commons.lang3.StringUtils;
import org.mapstruct.Mapper;
import org.mapstruct.Mapping;
import org.mapstruct.ReportingPolicy;
@@ -1,7 +0,0 @@
package com.eactive.httpmockserver.user.repository;
import com.eactive.httpmockserver.user.entity.UserSecurity;
import org.springframework.data.jpa.repository.JpaRepository;
public interface UserSecurityRepository extends JpaRepository<UserSecurity, String> {
}
@@ -1,10 +1,8 @@
package com.eactive.httpmockserver.user.service;
import com.eactive.httpmockserver.user.entity.StaffUser;
import com.eactive.httpmockserver.user.entity.UserSecurity;
import com.eactive.httpmockserver.user.entity.UserStatus;
import com.eactive.httpmockserver.user.repository.StaffUserRepository;
import com.eactive.httpmockserver.user.repository.UserSecurityRepository;
import com.eactive.httpmockserver.common.entity.EnabledStatus;
import com.eactive.httpmockserver.common.exception.UserNotFoundException;
import org.springframework.beans.factory.annotation.Autowired;
@@ -25,9 +23,6 @@ public class StaffUserService {
@Autowired
private StaffUserRepository staffUserRepository;
@Autowired
private UserSecurityRepository userSecurityRepository;
public Page<StaffUser> findAll(Specification<StaffUser> spec, Pageable pageable) {
return staffUserRepository.findAll(spec, pageable);
}
@@ -47,6 +42,7 @@ public class StaffUserService {
original.setLastLockDate(null);
}
original.setUserSecurity(user.getUserSecurity());
staffUserRepository.save(original);
}
@@ -67,12 +63,7 @@ public class StaffUserService {
staffUserRepository.save(user);
UserSecurity userSecurity = new UserSecurity();
userSecurity.setUserEsntlId(user.getEsntlId());
userSecurity.setAuthorCode("ROLE_ADMIN");
userSecurity.setMemberTypeCode("USR03");
userSecurityRepository.save(userSecurity);
}
}
@@ -19,7 +19,7 @@
<a class="nav-link" href="/mgmt/routes/list_view.do">응답 관리</a>
</li>
<li class="nav-item" sec:authorize="isAuthenticated()">
<a class="nav-link" href="/mgmt/api_tester.do">Tester</a>
<a class="nav-link" href="/mgmt/api_tester.do">테스터</a>
</li>
<li class="nav-item dropdown" sec:authorize="hasRole('ROLE_ADMIN')">
<a class="nav-link dropdown-toggle" href="#" id="mgmtDropDown" role="button" data-bs-toggle="dropdown" aria-expanded="false">
@@ -27,7 +27,7 @@
</a>
<ul class="dropdown-menu" aria-labelledby="mgmtDropDown">
<li><a class="dropdown-item" href="/mgmt/users/list_view.do">사용자 관리</a></li>
<li><a class="dropdown-item" href="/mgmt/groups/list_view.do">그룹 관리</a></li>
<!-- <li><a class="dropdown-item" href="/mgmt/groups/list_view.do">그룹 관리</a></li>-->
<li><a class="dropdown-item" href="/mgmt/servers/list_view.do">서버 관리</a></li>
</ul>
</li>
@@ -47,6 +47,14 @@
</th:block>
</div>
<div class="form-floating mt-2">
<select class="form-select" th:field="*{userSecurity}">
<option th:selected="${user.userSecurity!= null && user.userSecurity == 'ROLE_ADMIN'}" value="ROLE_ADMIN">관리자</option>
<option th:selected="${user.userSecurity!= null && user.userSecurity == 'ROLE_USER'}" value="ROLE_USER">사용자</option>
</select>
<label class="form-label must">권한</label>
</div>
<div class="form-floating mt-2">
<input type="text" class="form-control" th:classappend="${#fields.hasErrors('mobilePhone')}? 'is-invalid'" th:field="*{mobilePhone}" name="mobilePhone" id="mobilePhone" required/>
<label for="mobilePhone" class="form-label must" th:text="#{mobilePhone}">연락처</label>