From 0cdd51a48c10acbb2da05b08f7edf748cd3be617 Mon Sep 17 00:00:00 2001
From: hyunsu <rkdgustn77@naver.com>
Date: Sun, 21 Jul 2024 07:41:21 +0900
Subject: [PATCH] =?UTF-8?q?feat:=20=EA=B6=8C=ED=95=9C=20hierarchy=20?=
 =?UTF-8?q?=EC=A0=81=EC=9A=A9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../common/config/SecurityConfiguration.java  | 12 +++++++++++-
 src/main/resources/application-db.yml         | 19 ++++++++++---------
 .../common/config/JasyptConfigTest.java       |  8 ++++++++
 3 files changed, 29 insertions(+), 10 deletions(-)

diff --git a/src/main/java/org/store/clothstar/common/config/SecurityConfiguration.java b/src/main/java/org/store/clothstar/common/config/SecurityConfiguration.java
index 157573e1..b5bd24ca 100644
--- a/src/main/java/org/store/clothstar/common/config/SecurityConfiguration.java
+++ b/src/main/java/org/store/clothstar/common/config/SecurityConfiguration.java
@@ -5,6 +5,8 @@
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.http.HttpMethod;
+import org.springframework.security.access.hierarchicalroles.RoleHierarchy;
+import org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@@ -44,6 +46,14 @@ public WebSecurityCustomizer configure() {
                 .requestMatchers(PathRequest.toStaticResources().atCommonLocations()));
     }
 
+    @Bean
+    public RoleHierarchy roleHierarchy() {
+        RoleHierarchyImpl roleHierarchy = new RoleHierarchyImpl();
+        //이 부분에서 큰 권한 순서로 ' > ' 를 사용하여 입력해준다. 띄어쓰기도 중요하다.
+        roleHierarchy.setHierarchy("ROLE_ADMIN > ROLE_SELLER > ROLE_USER");
+        return roleHierarchy;
+    }
+
     @Bean
     public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
         http.cors(AbstractHttpConfigurer::disable)
@@ -58,7 +68,7 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
                         "/productLinePagingSlice", "/productLinePagingOffset",
                         "/v1/orderdetails", "/v1/orders", "membersPagingOffset", "membersPagingSlice",
                         "/v1/orderdetails", "/v1/orders", "/v2/orders", "/v3/orders", "/v1/orders/list",
-                        "/v1/orders/list","/ordersPagingOffset","/ordersPagingSlice","/v2/orders/list",
+                        "/v1/orders/list", "/ordersPagingOffset", "/ordersPagingSlice", "/v2/orders/list",
                         "/v1/seller/orders/**", "/v1/seller/orders", "/v1/orders/**", "/v1/orderdetails/**",
                         "/swagger-resources/**", "/swagger-ui/**", "/v3/api-docs/**", "/v1/members/auth/**"
                 ).permitAll()
diff --git a/src/main/resources/application-db.yml b/src/main/resources/application-db.yml
index 260a6bff..654697b2 100644
--- a/src/main/resources/application-db.yml
+++ b/src/main/resources/application-db.yml
@@ -37,23 +37,24 @@ spring:
     activate:
       on-profile: "db-local"
   datasource:
-    url: jdbc:h2:mem:localdb
-  h2:
-    console:
+    driver-class-name: com.mysql.cj.jdbc.Driver
+    url: jdbc:mysql://localhost:3306/clothstar82
+    username: root
+    password: qwerasdf
+    p6spy:
       enabled: true
-  thymeleaf:
-    cache: false
+      appender: com.p6spy.engine.spy.appender.Slf4JLogger
+      logMessageFormat:
+        p6spy: "%(currentTime)|%(executionTime)|%(category)|%(sqlSingleLine)"
   jpa:
     show-sql: true
-    database-platform: H2
+    database-platform: org.hibernate.dialect.MySQLDialect
     properties:
       hibernate:
+        ddl-auto: create
         format_sql: true
 
-
 --- # dev 공통 설정
-
-
 spring:
   config:
     activate:
diff --git a/src/test/java/org/store/clothstar/common/config/JasyptConfigTest.java b/src/test/java/org/store/clothstar/common/config/JasyptConfigTest.java
index 39727bba..28bd4ee1 100644
--- a/src/test/java/org/store/clothstar/common/config/JasyptConfigTest.java
+++ b/src/test/java/org/store/clothstar/common/config/JasyptConfigTest.java
@@ -25,4 +25,12 @@ public String jasyptEncoding(String value) {
         pbeEnc.setPassword(key);
         return pbeEnc.encrypt(value);
     }
+
+    public String jasyptDecoding(String value) {
+        String key = "my_jasypt_key";
+        StandardPBEStringEncryptor pbeEnc = new StandardPBEStringEncryptor();
+        pbeEnc.setAlgorithm("PBEWithMD5AndDES");
+        pbeEnc.setPassword(key);
+        return pbeEnc.decrypt(value);
+    }
 }
\ No newline at end of file