localnet/localhost-back
10
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

"/api/project/**", ROLE_MEMBER 추가

Browse Source
This commit is contained in:
yoon 2025-02-13 15:19:35 +09:00
parent 7c3f646b36
commit 2641cb258f
2 changed files with 4 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/main/java/io/company/localhost/common/security/config/SecurityConfig.java
View File

@ -80,10 +80,7 @@ public class SecurityConfig {
http
.securityMatcher("/api/**") // '/api/**' 경로에 대해서만 보안 적용
.authorizeHttpRequests(auth -> auth
.requestMatchers("/api/project/**").hasRole("MEMBER")
.requestMatchers("/api/**").permitAll() // 특정 엔드포인트 허용
.anyRequest().authenticated() // 나머지 요청은 인증 필요
//auth.anyRequest().access(authorizationManager) // 모든 요청에 대해 권한 관리
.anyRequest().access(authorizationManager) // 모든 요청에 대해 권한 관리
)
// 세션 관리 설정
.sessionManagement(session ->

5
src/main/java/io/company/localhost/common/security/mapper/MapBasedUrlRoleMapper.java
View File

@ -28,8 +28,9 @@ public class MapBasedUrlRoleMapper implements UrlRoleMapper{
@Override
public Map<String, String> getUrlRoleMappings() {
urlRoleMappings.put("/api/user/**", ROLE_MEMBER);
urlRoleMappings.put("/api/test/**", ROLE_MEMBER);
urlRoleMappings.put("/api/user/**", PERMIT_ALL);
urlRoleMappings.put("/api/project/**", ROLE_MEMBER);
// urlRoleMappings.put("/api/test/**", ROLE_MEMBER);
return new HashMap<>(urlRoleMappings);