Merge pull request #108 from ClothingStoreService/feature/member-role…

…-hierarchy

feat: 권한 hierarchy 적용

src/main/java/org/store/clothstar/common/config/SecurityConfiguration.java

@@ -5,6 +5,8 @@
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.http.HttpMethod;
+import org.springframework.security.access.hierarchicalroles.RoleHierarchy;
+import org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@@ -44,6 +46,14 @@ public WebSecurityCustomizer configure() {
                 .requestMatchers(PathRequest.toStaticResources().atCommonLocations()));
     }
 
+    @Bean
+    public RoleHierarchy roleHierarchy() {
+        RoleHierarchyImpl roleHierarchy = new RoleHierarchyImpl();
+        //이 부분에서 큰 권한 순서로 ' > ' 를 사용하여 입력해준다. 띄어쓰기도 중요하다.
+        roleHierarchy.setHierarchy("ROLE_ADMIN > ROLE_SELLER > ROLE_USER");
+        return roleHierarchy;
+    }
+
     @Bean
     public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
         http.cors(AbstractHttpConfigurer::disable)
@@ -58,7 +68,7 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
                         "/productLinePagingSlice", "/productLinePagingOffset",
                         "/v1/orderdetails", "/v1/orders", "membersPagingOffset", "membersPagingSlice",
                         "/v1/orderdetails", "/v1/orders", "/v2/orders", "/v3/orders", "/v1/orders/list",
-                        "/v1/orders/list","/ordersPagingOffset","/ordersPagingSlice","/v2/orders/list",
+                        "/v1/orders/list", "/ordersPagingOffset", "/ordersPagingSlice", "/v2/orders/list",
                         "/v1/seller/orders/**", "/v1/seller/orders", "/v1/orders/**", "/v1/orderdetails/**",
                         "/swagger-resources/**", "/swagger-ui/**", "/v3/api-docs/**", "/v1/members/auth/**"
                 ).permitAll()

src/main/resources/application-db.yml

@@ -37,23 +37,24 @@ spring:
     activate:
       on-profile: "db-local"
   datasource:
-    url: jdbc:h2:mem:localdb
-  h2:
-    console:
+    driver-class-name: com.mysql.cj.jdbc.Driver
+    url: jdbc:mysql://localhost:3306/clothstar82
+    username: root
+    password: qwerasdf
+    p6spy:
       enabled: true
-  thymeleaf:
-    cache: false
+      appender: com.p6spy.engine.spy.appender.Slf4JLogger
+      logMessageFormat:
+        p6spy: "%(currentTime)|%(executionTime)|%(category)|%(sqlSingleLine)"
   jpa:
     show-sql: true
-    database-platform: H2
+    database-platform: org.hibernate.dialect.MySQLDialect
     properties:
       hibernate:
+        ddl-auto: create
         format_sql: true
 
-
 --- # dev 공통 설정
-
-
 spring:
   config:
     activate:

src/test/java/org/store/clothstar/common/config/JasyptConfigTest.java

@@ -25,4 +25,12 @@ public String jasyptEncoding(String value) {
         pbeEnc.setPassword(key);
         return pbeEnc.encrypt(value);
     }
+
+    public String jasyptDecoding(String value) {
+        String key = "my_jasypt_key";
+        StandardPBEStringEncryptor pbeEnc = new StandardPBEStringEncryptor();
+        pbeEnc.setAlgorithm("PBEWithMD5AndDES");
+        pbeEnc.setPassword(key);
+        return pbeEnc.decrypt(value);
+    }
 }