Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security 관련 수정 및 리팩토링 #339

Merged
merged 28 commits into from
Feb 23, 2025
Merged

Security 관련 수정 및 리팩토링 #339

merged 28 commits into from
Feb 23, 2025

Conversation

leeeryboy
Copy link
Contributor

보안 관련 수정사항

한줄 요약

학생회 페이지 권한 추가하면서 기존 코드 개선

상세 설명

[c49b6e6]: admin api 제한은 전역 설정으로 이동

[e1a585e]: 현재 로그인 유저 받아오는 로직을 통일하기 위해 기존 CustomPrincipal 대신 CustomOidcUser 생성

[2ea5be3]: 유저 테이블에서 role 삭제

[6645300]: 커스텀 어노테이션 Spring Security에서 제공하는 PreAuthorize로 대체

[8e7883c]: 서비스 레이어에서 유저 혹은 권한 받아오는 부분 유틸 함수로 리팩토링

[79de8e7]: is-staff api를 현재 유저 권한 받는 api로 변경

[fbbe372]: 파라미터를 통해 mock-login시 권한 선택 가능하게 변경 및 mock-logout 추가

[7b9bb07]: 테스트를 위해 getLoginUser는 userService로 이동

TODO

dev test

leeeryboy and others added 24 commits February 17, 2025 22:00
@leeeryboy
use requestMatcher for admin api instead of method security
c49b6e6
@leeeryboy
create CustomOidcUser for both oidc and mock login
e1a585e
@leeeryboy
remove role in db
2ea5be3
@leeeryboy
replace custom annotation to PreAuthorize
6645300
@leeeryboy
extract current user functions to Util.kt
8e7883c
@leeeryboy
replace is-staff api to general role getter
79de8e7
@leeeryboy
remove unneeded code due to CustomOidcUser
6141f04
@leeeryboy
get role parameter for mock-login and add mock-logut api
fbbe372
@leeeryboy
remove role from users table
6997c11
@leeeryboy
refactor getLoginUser to UserService for testing
7b9bb07
@huGgW @leeeryboy
Feat: 학생회 파일 관련 API 구현 (#338)
276856d 
* migration: add council_file table

* feat: add council file entity, repository

* feat: add council file handling to attachment

* feat: define key for rule, meetingminute

* feat: define dto for base, rule, meeting minute

* feat: add counfil file service

* feat: define response bodies for council file

* feat: add api for council file

* review: remove nested 'it'

* review: remove verbose use of maps
@leeeryboy
CouncilIntro RU api (#337)
9228661 
* CouncilIntro RU api

* apply upsert and findFirst intro

* ktlint
@leeeryboy
use requestMatcher for admin api instead of method security
6f2716a
@leeeryboy
create CustomOidcUser for both oidc and mock login
874d43a
@leeeryboy
remove role in db
7a2a4d6
@leeeryboy
replace custom annotation to PreAuthorize
94e9e1d
@leeeryboy
extract current user functions to Util.kt
0d0ad8c
@leeeryboy
replace is-staff api to general role getter
424d0fe
@leeeryboy
remove unneeded code due to CustomOidcUser
a6a4cf8
@leeeryboy
get role parameter for mock-login and add mock-logut api
e2df125
@leeeryboy
remove role from users table
584aec8
@leeeryboy
refactor getLoginUser to UserService for testing
88733f9
@huGgW @leeeryboy
Feat: 학생회 파일 관련 API 구현 (#338)
07c8ae0 
* migration: add council_file table

* feat: add council file entity, repository

* feat: add council file handling to attachment

* feat: define key for rule, meetingminute

* feat: define dto for base, rule, meeting minute

* feat: add counfil file service

* feat: define response bodies for council file

* feat: add api for council file

* review: remove nested 'it'

* review: remove verbose use of maps
@leeeryboy
Merge branch 'fix/method-security' of https://github.com/wafflestudio…
a660d42 
…/csereal-server into fix/method-security
@leeeryboy leeeryboy requested a review from huGgW February 19, 2025 17:32
@leeeryboy leeeryboy self-assigned this Feb 19, 2025
@github-actions GitHub Actions
Copy link

github-actions bot commented Feb 19, 2025
edited
Loading

Test Results

11 files  11 suites   1s ⏱️
54 tests 54 ✔️ 0 💤 0
58 runs  58 ✔️ 0 💤 0

Results for commit 5e15e38.

♻️ This comment has been updated with latest results.

huGgW
huGgW reviewed Feb 21, 2025
View reviewed changes
Copy link
Member

@huGgW huGgW left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

뭔가 많아보여서 자세한 리뷰는 늦어도 일요일 중으로는 끝내겠습니다.

huGgW
huGgW approved these changes Feb 23, 2025
View reviewed changes
Copy link
Member

@huGgW huGgW left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Spring Security 너무 어려워...
ROLE 정보를 바쿠스 로그인 서버에서 받아오는 것으로 바뀐게 맞는건가?

@leeeryboy
Copy link
Contributor Author

Spring Security 너무 어려워... ROLE 정보를 바쿠스 로그인 서버에서 받아오는 것으로 바뀐게 맞는건가?

로그인할때 받는건 같은데 우리 db에 저장하지 않고 그냥 Security에서 관리하는 authentication 객체에 저장해서 쓰는것!

@leeeryboy leeeryboy merged commit d427fd1 into develop Feb 23, 2025
3 checks passed
@leeeryboy leeeryboy deleted the fix/method-security branch February 23, 2025 11:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@huGgW huGgW huGgW approved these changes

Assignees

@leeeryboy leeeryboy

Labels
Config Feat: API Refactor
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@leeeryboy @huGgW