Skip to content

Commit

Permalink
[COT-5] Feature: 운영지원팀 추가 및 권한 부여 (#175)
Browse files Browse the repository at this point in the history
  • Loading branch information
@yunhacandy
yunhacandy authored Oct 11, 2024
1 parent 0d6bf61 commit 197c197
Show file tree
Hide file tree
Showing 3 changed files with 25 additions and 14 deletions.
32 changes: 21 additions & 11 deletions src/main/java/org/cotato/csquiz/common/config/SecurityConfig.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,28 +70,38 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
.requestMatchers(CorsUtils::isPreFlightRequest).permitAll()
.requestMatchers("/v1/api/admin/**").hasRole("ADMIN")
.requestMatchers(WHITE_LIST).permitAll()
.requestMatchers("/v1/api/education/result/**").hasAnyRole("MEMBER", "EDUCATION", "ADMIN")
.requestMatchers("/v1/api/education/from").hasAnyRole("MEMBER", "EDUCATION", "ADMIN")
.requestMatchers(new AntPathRequestMatcher("/v1/api/education/winner", "GET")).hasAnyRole("MEMBER", "EDUCATION", "ADMIN")
.requestMatchers(new AntPathRequestMatcher("/v1/api/education/kings", "GET")).hasAnyRole("MEMBER", "EDUCATION", "ADMIN")
.requestMatchers("/v1/api/education/result/**")
.hasAnyRole("MEMBER", "EDUCATION", "OPERATION", "ADMIN")
.requestMatchers("/v1/api/education/from")
.hasAnyRole("MEMBER", "EDUCATION", "OPERATION", "ADMIN")
.requestMatchers(new AntPathRequestMatcher("/v1/api/education/winner", "GET"))
.hasAnyRole("MEMBER", "EDUCATION", "OPERATION", "ADMIN")
.requestMatchers(new AntPathRequestMatcher("/v1/api/education/kings", "GET"))
.hasAnyRole("MEMBER", "EDUCATION", "OPERATION", "ADMIN")
.requestMatchers(new AntPathRequestMatcher("/v1/api/education/status", "GET"))
.hasAnyRole("MEMBER", "EDUCATION", "ADMIN")
.hasAnyRole("MEMBER", "EDUCATION", "OPERATION", "ADMIN")
.requestMatchers(new AntPathRequestMatcher("/v1/api/education", "GET")).authenticated()
.requestMatchers("/v1/api/education/**").hasAnyRole("EDUCATION", "ADMIN")
.requestMatchers("/v1/api/generation/**").hasAnyRole("ADMIN")
.requestMatchers("/v1/api/mypage/**").hasAnyRole("MEMBER", "OLD_MEMBER", "EDUCATION", "ADMIN")
.requestMatchers("/v1/api/mypage/**")
.hasAnyRole("MEMBER", "OLD_MEMBER", "EDUCATION", "OPERATION", "ADMIN")
.requestMatchers("/v1/api/quiz/cs-admin/**").hasAnyRole("EDUCATION", "ADMIN")
.requestMatchers("/v1/api/quiz/adds").hasAnyRole("EDUCATION", "ADMIN")
.requestMatchers("/v1/api/quiz/**").hasAnyRole("MEMBER", "EDUCATION", "ADMIN")
.requestMatchers("/v1/api/record/reply").hasAnyRole("MEMBER", "EDUCATION", "ADMIN")
.requestMatchers("/v1/api/quiz/**").hasAnyRole("MEMBER", "EDUCATION", "OPERATION", "ADMIN")
.requestMatchers("/v1/api/record/reply").hasAnyRole("MEMBER", "EDUCATION", "OPERATION", "ADMIN")
.requestMatchers("/v1/api/record/**").hasAnyRole("EDUCATION", "ADMIN")
.requestMatchers("/v1/api/session/cs-on").hasAnyRole("EDUCATION", "ADMIN")
.requestMatchers(new AntPathRequestMatcher("/v1/api/session", "GET")).authenticated()
.requestMatchers("/v1/api/session/**").hasAnyRole("ADMIN")
.requestMatchers("/v2/api/attendance/records").hasAnyRole("ADMIN")
.requestMatchers("/v2/api/attendance").hasAnyRole("ADMIN")
.requestMatchers("/v2/api/attendances/records").hasAnyRole("OPERATION", "ADMIN")
.requestMatchers("/v2/api/attendances/{attendance-id}/records").hasAnyRole("ADMIN")
.requestMatchers("/v2/api/attendances").hasAnyRole("OPERATION", "ADMIN")
.requestMatchers("/v2/api/attendances/info")
.hasAnyRole("MEMBER", "EDUCATION", "OPERATION", "ADMIN")
.requestMatchers("/v2/api/attendances/records/**")
.hasAnyRole("MEMBER", "EDUCATION", "OPERATION", "ADMIN")
.requestMatchers(new AntPathRequestMatcher("/v1/api/socket/token", "POST"))
.hasAnyRole("MEMBER", "EDUCATION", "ADMIN")
.hasAnyRole("MEMBER", "EDUCATION", "OPERATION", "ADMIN")
// .requestMatchers("/v2/api/events/attendances").hasAnyRole("MEMBER", "ADMIN", "EDUCATION")
.requestMatchers("/v1/api/socket/**").hasAnyRole("EDUCATION", "ADMIN")
.requestMatchers(HttpMethod.POST, "/v2/api/projects").hasRole("ADMIN")
Expand Down
3 changes: 2 additions & 1 deletion src/main/java/org/cotato/csquiz/domain/auth/enums/MemberRole.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,8 @@ public enum MemberRole {
MEMBER("ROLE_MEMBER"),
OLD_MEMBER("ROLE_OM"),
ADMIN("ROLE_ADMIN"),
EDUCATION("ROLE_EDUCATION");
EDUCATION("ROLE_EDUCATION"),
OPERATION("ROLE_OPERATION");

private final String key;

Expand Down
4 changes: 2 additions & 2 deletions src/main/java/org/cotato/csquiz/domain/auth/enums/MemberRoleGroup.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,8 @@
@AllArgsConstructor
public enum MemberRoleGroup {

ACTIVE_MEMBERS("현재 활동 중인 멤버", List.of(MemberRole.MEMBER, MemberRole.ADMIN, MemberRole.EDUCATION)),
CLIENTS("교육 중 문제 풀이가 가능한 멤버", List.of(MemberRole.MEMBER, MemberRole.ADMIN)),
ACTIVE_MEMBERS("현재 활동 중인 멤버", List.of(MemberRole.MEMBER, MemberRole.ADMIN, MemberRole.EDUCATION, MemberRole.OPERATION)),
CLIENTS("교육 중 문제 풀이가 가능한 멤버", List.of(MemberRole.MEMBER, MemberRole.ADMIN, MemberRole.OPERATION)),
MANAGERS("교육 진행 관리자", List.of(MemberRole.EDUCATION, MemberRole.ADMIN));

private final String description;
Expand Down

0 comments on commit 197c197

Please sign in to comment.