ADMIN 방식 처리, User 정보추가

- 구조 변경. - ADMIN Checking 방식 변경 - ADMIN만 가능한 API Controller 추가
ventulus95 · Oct 2, 2020 · aa821c9 · aa821c9
1 parent b5d2c12
commit aa821c9
Show file tree

Hide file tree

Showing 23 changed files with 66 additions and 26 deletions.
diff --git a/src/main/java/com/ventulus95/ouathjwt/config/SecurityConfig.java b/src/main/java/com/ventulus95/ouathjwt/config/SecurityConfig.java
@@ -111,6 +111,8 @@ protected void configure(HttpSecurity http) throws Exception {
                         .permitAll()
                     .antMatchers("/auth/**", "/oauth2/**")
                         .permitAll()
+                    .antMatchers("/admin/**")
+                        .hasRole("ADMIN")
                     .anyRequest()
                         .authenticated()
                     .and()

diff --git a/src/main/java/com/ventulus95/ouathjwt/controller/AdminController.java b/src/main/java/com/ventulus95/ouathjwt/controller/AdminController.java
@@ -0,0 +1,18 @@
+package com.ventulus95.ouathjwt.controller;
+
+import com.ventulus95.ouathjwt.security.CurrentUser;
+import com.ventulus95.ouathjwt.security.UserPrincipal;
+import org.springframework.security.access.annotation.Secured;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+@RequestMapping("/admin")
+public class AdminController {
+
+    @GetMapping("/checker")
+    public String checker(@CurrentUser UserPrincipal userPrincipal){
+        return "와와옹우ㅜ앙";
+    }
+}
diff --git a/src/main/java/com/ventulus95/ouathjwt/controller/ArtworkApiController.java b/src/main/java/com/ventulus95/ouathjwt/controller/ArtworkApiController.java
@@ -9,6 +9,7 @@
 import com.ventulus95.ouathjwt.service.artwork.ArtworkService;
 import com.ventulus95.ouathjwt.service.upload.S3Service;
 import lombok.RequiredArgsConstructor;
+import org.springframework.security.access.prepost.PostAuthorize;
 import org.springframework.web.bind.annotation.*;
 
 import java.io.IOException;
@@ -37,13 +38,15 @@ public List<ArtworkListResponseDto> ListGeneration(){
         return artworkService.findAllGen();
     }
 
+    @PostAuthorize("hasRole('ADMIN')")
     @PostMapping("/")
     public Long save(ArtworkSaveRequestDto dto, @CurrentUser UserPrincipal user) throws IOException {
         String imgpath  = s3Service.upload(dto.getFile());
         dto.setFilePath(imgpath);
         return artworkService.save(dto, user);
     }
 
+    @PostAuthorize("hasRole('ADMIN')")
     @PutMapping("/{id}")
     public Long update(@PathVariable Long id, @RequestBody ArtworkUpadteRequestDto dto ){
         return artworkService.update(id, dto);
@@ -54,6 +57,7 @@ public ArtworkResponseDto findById(@PathVariable Long id, @CurrentUser UserPrinc
         return artworkService.findById(id);
     }
 
+    @PostAuthorize("hasRole('ADMIN')")
     @DeleteMapping("/{id}")
     public Long artworkDelete(@PathVariable Long id){
         artworkService.delete(id);

diff --git a/src/main/java/com/ventulus95/ouathjwt/controller/AuthController.java b/src/main/java/com/ventulus95/ouathjwt/controller/AuthController.java
@@ -1,8 +1,8 @@
 package com.ventulus95.ouathjwt.controller;
 
 import com.ventulus95.ouathjwt.exception.BadRequestException;
-import com.ventulus95.ouathjwt.model.AuthProvider;
-import com.ventulus95.ouathjwt.model.User;
+import com.ventulus95.ouathjwt.model.user.AuthProvider;
+import com.ventulus95.ouathjwt.model.user.User;
 import com.ventulus95.ouathjwt.payload.ApiResponse;
 import com.ventulus95.ouathjwt.payload.AuthResponse;
 import com.ventulus95.ouathjwt.payload.LoginRequest;
@@ -79,4 +79,5 @@ public ResponseEntity<?> registerUser(@Valid @RequestBody SignUpRequest signUpRe
                 .body(new ApiResponse(true, "User registered successfully@"));
     }
 
+
 }
diff --git a/src/main/java/com/ventulus95/ouathjwt/controller/UserController.java b/src/main/java/com/ventulus95/ouathjwt/controller/UserController.java
@@ -1,7 +1,7 @@
 package com.ventulus95.ouathjwt.controller;
 
 import com.ventulus95.ouathjwt.exception.ResourceNotFoundException;
-import com.ventulus95.ouathjwt.model.User;
+import com.ventulus95.ouathjwt.model.user.User;
 import com.ventulus95.ouathjwt.repository.UserRepository;
 import com.ventulus95.ouathjwt.security.CurrentUser;
 import com.ventulus95.ouathjwt.security.UserPrincipal;

diff --git a/src/main/java/com/ventulus95/ouathjwt/dto/artwork/ArtworkSaveRequestDto.java b/src/main/java/com/ventulus95/ouathjwt/dto/artwork/ArtworkSaveRequestDto.java
@@ -1,6 +1,6 @@
 package com.ventulus95.ouathjwt.dto.artwork;
 
-import com.ventulus95.ouathjwt.model.User;
+import com.ventulus95.ouathjwt.model.user.User;
 import com.ventulus95.ouathjwt.model.artwork.Artwork;
 import lombok.Builder;
 import lombok.Getter;

diff --git a/src/main/java/com/ventulus95/ouathjwt/dto/comment/CommentResponseDto.java b/src/main/java/com/ventulus95/ouathjwt/dto/comment/CommentResponseDto.java
@@ -1,6 +1,6 @@
 package com.ventulus95.ouathjwt.dto.comment;
 
-import com.ventulus95.ouathjwt.model.User;
+import com.ventulus95.ouathjwt.model.user.User;
 import com.ventulus95.ouathjwt.model.comment.Comment;
 import lombok.Getter;
 

diff --git a/src/main/java/com/ventulus95/ouathjwt/dto/comment/CommentSaveDto.java b/src/main/java/com/ventulus95/ouathjwt/dto/comment/CommentSaveDto.java
@@ -1,6 +1,6 @@
 package com.ventulus95.ouathjwt.dto.comment;
 
-import com.ventulus95.ouathjwt.model.User;
+import com.ventulus95.ouathjwt.model.user.User;
 import com.ventulus95.ouathjwt.model.artwork.Artwork;
 import com.ventulus95.ouathjwt.model.comment.Comment;
 import lombok.Builder;

diff --git a/src/main/java/com/ventulus95/ouathjwt/dto/gusetbook/GuestBookSaveDto.java b/src/main/java/com/ventulus95/ouathjwt/dto/gusetbook/GuestBookSaveDto.java
@@ -1,6 +1,6 @@
 package com.ventulus95.ouathjwt.dto.gusetbook;
 
-import com.ventulus95.ouathjwt.model.User;
+import com.ventulus95.ouathjwt.model.user.User;
 import com.ventulus95.ouathjwt.model.guestbook.Guestbook;
 import lombok.Builder;
 import lombok.Getter;

diff --git a/src/main/java/com/ventulus95/ouathjwt/dto/gusetbook/GuestbookResponseDto.java b/src/main/java/com/ventulus95/ouathjwt/dto/gusetbook/GuestbookResponseDto.java
@@ -1,6 +1,6 @@
 package com.ventulus95.ouathjwt.dto.gusetbook;
 
-import com.ventulus95.ouathjwt.model.User;
+import com.ventulus95.ouathjwt.model.user.User;
 import com.ventulus95.ouathjwt.model.guestbook.Guestbook;
 import lombok.Getter;
 

diff --git a/src/main/java/com/ventulus95/ouathjwt/model/artwork/Artwork.java b/src/main/java/com/ventulus95/ouathjwt/model/artwork/Artwork.java
@@ -1,7 +1,7 @@
 package com.ventulus95.ouathjwt.model.artwork;
 
 import com.ventulus95.ouathjwt.model.BaseTimeEntity;
-import com.ventulus95.ouathjwt.model.User;
+import com.ventulus95.ouathjwt.model.user.User;
 import lombok.Builder;
 import lombok.Getter;
 import lombok.NoArgsConstructor;

diff --git a/src/main/java/com/ventulus95/ouathjwt/model/comment/Comment.java b/src/main/java/com/ventulus95/ouathjwt/model/comment/Comment.java
@@ -1,7 +1,7 @@
 package com.ventulus95.ouathjwt.model.comment;
 
 import com.ventulus95.ouathjwt.model.BaseTimeEntity;
-import com.ventulus95.ouathjwt.model.User;
+import com.ventulus95.ouathjwt.model.user.User;
 import com.ventulus95.ouathjwt.model.artwork.Artwork;
 import lombok.Builder;
 import lombok.Getter;

diff --git a/src/main/java/com/ventulus95/ouathjwt/model/guestbook/Guestbook.java b/src/main/java/com/ventulus95/ouathjwt/model/guestbook/Guestbook.java
@@ -1,7 +1,7 @@
 package com.ventulus95.ouathjwt.model.guestbook;
 
 import com.ventulus95.ouathjwt.model.BaseTimeEntity;
-import com.ventulus95.ouathjwt.model.User;
+import com.ventulus95.ouathjwt.model.user.User;
 import lombok.Builder;
 import lombok.Getter;
 import lombok.NoArgsConstructor;

diff --git a/...ntulus95/ouathjwt/model/AuthProvider.java → ...s95/ouathjwt/model/user/AuthProvider.java b/...ntulus95/ouathjwt/model/AuthProvider.java → ...s95/ouathjwt/model/user/AuthProvider.java
@@ -1,4 +1,4 @@
-package com.ventulus95.ouathjwt.model;
+package com.ventulus95.ouathjwt.model.user;
 
 public enum AuthProvider {
     local,

diff --git a/...a/com/ventulus95/ouathjwt/model/User.java → .../ventulus95/ouathjwt/model/user/User.java b/...a/com/ventulus95/ouathjwt/model/User.java → .../ventulus95/ouathjwt/model/user/User.java
@@ -1,4 +1,4 @@
-package com.ventulus95.ouathjwt.model;
+package com.ventulus95.ouathjwt.model.user;
 
 import com.fasterxml.jackson.annotation.JsonIgnore;
 import lombok.Getter;

diff --git a/src/main/java/com/ventulus95/ouathjwt/repository/UserRepository.java b/src/main/java/com/ventulus95/ouathjwt/repository/UserRepository.java
@@ -1,12 +1,9 @@
 package com.ventulus95.ouathjwt.repository;
 
-import com.ventulus95.ouathjwt.model.AuthProvider;
-import com.ventulus95.ouathjwt.model.User;
+import com.ventulus95.ouathjwt.model.user.User;
 import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.data.jpa.repository.Query;
 
-import javax.validation.constraints.Email;
-import javax.validation.constraints.NotNull;
 import java.util.Optional;
 
 public interface UserRepository extends JpaRepository<User, Long> {

diff --git a/src/main/java/com/ventulus95/ouathjwt/security/CustomOAuth2UserService.java b/src/main/java/com/ventulus95/ouathjwt/security/CustomOAuth2UserService.java
@@ -1,8 +1,8 @@
 package com.ventulus95.ouathjwt.security;
 
 import com.ventulus95.ouathjwt.exception.OAuth2AuthenticationProcessingException;
-import com.ventulus95.ouathjwt.model.AuthProvider;
-import com.ventulus95.ouathjwt.model.User;
+import com.ventulus95.ouathjwt.model.user.AuthProvider;
+import com.ventulus95.ouathjwt.model.user.User;
 import com.ventulus95.ouathjwt.repository.UserRepository;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.authentication.InternalAuthenticationServiceException;

diff --git a/src/main/java/com/ventulus95/ouathjwt/security/OAuth2UserInfoFactory.java b/src/main/java/com/ventulus95/ouathjwt/security/OAuth2UserInfoFactory.java
@@ -1,7 +1,7 @@
 package com.ventulus95.ouathjwt.security;
 
 import com.ventulus95.ouathjwt.exception.OAuth2AuthenticationProcessingException;
-import com.ventulus95.ouathjwt.model.AuthProvider;
+import com.ventulus95.ouathjwt.model.user.AuthProvider;
 
 import java.util.Map;
 

diff --git a/src/main/java/com/ventulus95/ouathjwt/security/UserPrincipal.java b/src/main/java/com/ventulus95/ouathjwt/security/UserPrincipal.java
@@ -1,6 +1,6 @@
 package com.ventulus95.ouathjwt.security;
 
-import com.ventulus95.ouathjwt.model.User;
+import com.ventulus95.ouathjwt.model.user.User;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.userdetails.UserDetails;
@@ -43,6 +43,18 @@ public static UserPrincipal create(User user, Map<String, Object> attributes) {
         return userPrincipal;
     }
 
+    public static UserDetails createAdmin(User user) {
+        List<GrantedAuthority> authorities = Collections.
+                singletonList(new SimpleGrantedAuthority("ROLE_ADMIN"));
+
+        return new UserPrincipal(
+                user.getId(),
+                user.getEmail(),
+                user.getPassword(),
+                authorities
+        );
+    }
+
     public Long getId() {
         return id;
     }

diff --git a/src/main/java/com/ventulus95/ouathjwt/service/CustomUserDetailsService.java b/src/main/java/com/ventulus95/ouathjwt/service/CustomUserDetailsService.java
@@ -1,7 +1,7 @@
 package com.ventulus95.ouathjwt.service;
 
 import com.ventulus95.ouathjwt.exception.ResourceNotFoundException;
-import com.ventulus95.ouathjwt.model.User;
+import com.ventulus95.ouathjwt.model.user.User;
 import com.ventulus95.ouathjwt.repository.UserRepository;
 import com.ventulus95.ouathjwt.security.UserPrincipal;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -25,7 +25,9 @@ public UserDetails loadUserByUsername(String email)
                 .orElseThrow(() ->
                         new UsernameNotFoundException("User not found with email : " + email)
         );
-
+        if(email.equals("admin@bomnae.net")){
+            return UserPrincipal.createAdmin(user);
+        }
         return UserPrincipal.create(user);
     }
 
@@ -34,7 +36,11 @@ public UserDetails loadUserById(Long id) {
         User user = userRepository.findById(id).orElseThrow(
             () -> new ResourceNotFoundException("User", "id", id)
         );
+        if(id==1){
+            return UserPrincipal.createAdmin(user);
+        }
 
         return UserPrincipal.create(user);
     }
+
 }
diff --git a/src/main/java/com/ventulus95/ouathjwt/service/Guestbook/GuestbookService.java b/src/main/java/com/ventulus95/ouathjwt/service/Guestbook/GuestbookService.java
@@ -2,7 +2,7 @@
 
 import com.ventulus95.ouathjwt.dto.gusetbook.GuestBookSaveDto;
 import com.ventulus95.ouathjwt.dto.gusetbook.GuestbookResponseDto;
-import com.ventulus95.ouathjwt.model.User;
+import com.ventulus95.ouathjwt.model.user.User;
 import com.ventulus95.ouathjwt.model.guestbook.GuestbookRepository;
 import com.ventulus95.ouathjwt.repository.UserRepository;
 import com.ventulus95.ouathjwt.security.CurrentUser;

diff --git a/src/main/java/com/ventulus95/ouathjwt/service/artwork/ArtworkService.java b/src/main/java/com/ventulus95/ouathjwt/service/artwork/ArtworkService.java
@@ -4,7 +4,7 @@
 import com.ventulus95.ouathjwt.dto.artwork.ArtworkResponseDto;
 import com.ventulus95.ouathjwt.dto.artwork.ArtworkSaveRequestDto;
 import com.ventulus95.ouathjwt.dto.artwork.ArtworkUpadteRequestDto;
-import com.ventulus95.ouathjwt.model.User;
+import com.ventulus95.ouathjwt.model.user.User;
 import com.ventulus95.ouathjwt.model.artwork.Artwork;
 import com.ventulus95.ouathjwt.model.artwork.ArtworkRepository;
 import com.ventulus95.ouathjwt.repository.UserRepository;

diff --git a/src/main/java/com/ventulus95/ouathjwt/service/comment/CommentService.java b/src/main/java/com/ventulus95/ouathjwt/service/comment/CommentService.java
@@ -2,7 +2,7 @@
 
 import com.ventulus95.ouathjwt.dto.comment.CommentResponseDto;
 import com.ventulus95.ouathjwt.dto.comment.CommentSaveDto;
-import com.ventulus95.ouathjwt.model.User;
+import com.ventulus95.ouathjwt.model.user.User;
 import com.ventulus95.ouathjwt.model.artwork.Artwork;
 import com.ventulus95.ouathjwt.model.artwork.ArtworkRepository;
 import com.ventulus95.ouathjwt.model.comment.CommentRepository;