localnet/localhost-back
10
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

사원 등록에서 로그인 세션으로 등록/반려가 아닌 DB의 권한을 가져와서 처리하는 방향으로 수정
All checks were successful
LOCALNET-DEV/pipeline/head This commit looks good
Details

Browse Source
This commit is contained in:
nevermoregb 2025-04-10 15:22:11 +09:00
parent 163fdb34cb
commit 0850d6d356
2 changed files with 14 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/main/java/io/company/localhost/controller/api/MainController.java
View File

@ -4,7 +4,6 @@ import java.util.List;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
@ -26,6 +25,7 @@ public class MainController {
private final MainService mainService;
@Member
@ParameterCheck
@GetMapping("/category")

18
src/main/java/io/company/localhost/service/MainService.java
View File

@ -21,6 +21,7 @@ import org.springframework.stereotype.Service;
import io.company.localhost.common.dto.ApiResponse;
import io.company.localhost.common.dto.MapDto;
import io.company.localhost.vo.MemberVo;
import lombok.RequiredArgsConstructor;
@Service
@ -28,11 +29,8 @@ import lombok.RequiredArgsConstructor;
public class MainService {
private final commoncodService commoncodService;
private final NetmemberService netmemberService;
private final localvacaService localvacaService;
private final LocalevntService localevntService;
@ -106,8 +104,13 @@ public class MainService {
* @return
*/
public ApiResponse<String> registerMember(long memberSeq) {
int result = netmemberService.registerMember(memberSeq);
MemberVo user = netmemberService.getUserInfoById(memberSeq);
if(user.getId() != memberSeq || !"ROLE_ADMIN".equals(user.getRole())) {
return ApiResponse.error(HttpStatus.FORBIDDEN, "사용 권한 없음");
}
int result = netmemberService.registerMember(memberSeq);
return result == 1 ? ApiResponse.ok("사원 등록 성공") : ApiResponse.ok("사원 등록 실패");
}
@ -118,8 +121,13 @@ public class MainService {
* @return
*/
public ApiResponse<String> rejectMember(long memberSeq) {
int result = netmemberService.rejectMember(memberSeq);
MemberVo user = netmemberService.getUserInfoById(memberSeq);
if(user.getId() != memberSeq || !"ROLE_ADMIN".equals(user.getRole())) {
return ApiResponse.error(HttpStatus.UNAUTHORIZED, "사용 권한 없음");
}
int result = netmemberService.rejectMember(memberSeq);
return result == 1 ? ApiResponse.ok("미승인 대상자 등록") : ApiResponse.ok("미승인 대상자 등록 실패");
}