Skip to content

Commit

Permalink
[feature/#323] 권한 체크 로직 변경
Browse files Browse the repository at this point in the history
  • Loading branch information
@whitem4rk
whitem4rk committed Jun 26, 2024
1 parent 4bf0693 commit 82f1582
Showing 1 changed file with 19 additions and 10 deletions.
29 changes: 19 additions & 10 deletions resource-server/src/main/java/com/inhabas/api/domain/board/usecase/BoardSecurityChecker.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,13 @@

import static com.inhabas.api.auth.domain.oauth2.member.domain.valueObject.Role.ANONYMOUS;

import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.List;

import java.util.Set;
import java.util.stream.Collectors;
import javax.persistence.EntityNotFoundException;

import lombok.RequiredArgsConstructor;
Expand Down Expand Up @@ -79,29 +83,34 @@ public boolean checkMenuAccess(Integer menuId, String action) {
}

Menu menu = menuRepository.findById(menuId).orElseThrow(NotFoundException::new);
Role required = null;
List<Role> requiredRoles = new ArrayList<>();
switch (action) {
case READ_BOARD_LIST:
required = menu.getType().getReadBoardListRole();
requiredRoles = menu.getType().getReadBoardListRole();
break;
case CREATE_BOARD:
required = menu.getType().getCreateBoardRole();
requiredRoles = menu.getType().getCreateBoardRole();
break;
case READ_BOARD:
required = menu.getType().getReadBoardRole();
requiredRoles = menu.getType().getReadBoardRole();
break;
case CREATE_COMMENT:
required = menu.getType().getCreateCommentRole();
requiredRoles = menu.getType().getCreateCommentRole();
break;
case READ_COMMENT:
required = menu.getType().getReadCommentRole();
requiredRoles = menu.getType().getReadCommentRole();
break;
}

String finalRequired = ROLE_PREFIX + required;
if (required == null
|| authorities.stream()
.noneMatch(grantedAuthority -> grantedAuthority.getAuthority().equals(finalRequired))) {
Set<String> prefixedRoles = requiredRoles.stream()
.map(role -> ROLE_PREFIX + role)
.collect(Collectors.toSet());

boolean hasAuthority = authorities.stream()
.map(GrantedAuthority::getAuthority)
.anyMatch(prefixedRoles::contains);

if (!hasAuthority) {
throw new InvalidAuthorityException();
}

Expand Down

0 comments on commit 82f1582

Please sign in to comment.