diff --git a/src/main/java/org/store/clothstar/common/config/SecurityConfiguration.java b/src/main/java/org/store/clothstar/common/config/SecurityConfiguration.java index 157573e..b5bd24c 100644 --- a/src/main/java/org/store/clothstar/common/config/SecurityConfiguration.java +++ b/src/main/java/org/store/clothstar/common/config/SecurityConfiguration.java @@ -5,6 +5,8 @@ import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.http.HttpMethod; +import org.springframework.security.access.hierarchicalroles.RoleHierarchy; +import org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; @@ -44,6 +46,14 @@ public WebSecurityCustomizer configure() { .requestMatchers(PathRequest.toStaticResources().atCommonLocations())); } + @Bean + public RoleHierarchy roleHierarchy() { + RoleHierarchyImpl roleHierarchy = new RoleHierarchyImpl(); + //이 부분에서 큰 권한 순서로 ' > ' 를 사용하여 입력해준다. 띄어쓰기도 중요하다. + roleHierarchy.setHierarchy("ROLE_ADMIN > ROLE_SELLER > ROLE_USER"); + return roleHierarchy; + } + @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http.cors(AbstractHttpConfigurer::disable) @@ -58,7 +68,7 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { "/productLinePagingSlice", "/productLinePagingOffset", "/v1/orderdetails", "/v1/orders", "membersPagingOffset", "membersPagingSlice", "/v1/orderdetails", "/v1/orders", "/v2/orders", "/v3/orders", "/v1/orders/list", - "/v1/orders/list","/ordersPagingOffset","/ordersPagingSlice","/v2/orders/list", + "/v1/orders/list", "/ordersPagingOffset", "/ordersPagingSlice", "/v2/orders/list", "/v1/seller/orders/**", "/v1/seller/orders", "/v1/orders/**", "/v1/orderdetails/**", "/swagger-resources/**", "/swagger-ui/**", "/v3/api-docs/**", "/v1/members/auth/**" ).permitAll() diff --git a/src/main/resources/application-db.yml b/src/main/resources/application-db.yml index 260a6bf..654697b 100644 --- a/src/main/resources/application-db.yml +++ b/src/main/resources/application-db.yml @@ -37,23 +37,24 @@ spring: activate: on-profile: "db-local" datasource: - url: jdbc:h2:mem:localdb - h2: - console: + driver-class-name: com.mysql.cj.jdbc.Driver + url: jdbc:mysql://localhost:3306/clothstar82 + username: root + password: qwerasdf + p6spy: enabled: true - thymeleaf: - cache: false + appender: com.p6spy.engine.spy.appender.Slf4JLogger + logMessageFormat: + p6spy: "%(currentTime)|%(executionTime)|%(category)|%(sqlSingleLine)" jpa: show-sql: true - database-platform: H2 + database-platform: org.hibernate.dialect.MySQLDialect properties: hibernate: + ddl-auto: create format_sql: true - --- # dev 공통 설정 - - spring: config: activate: diff --git a/src/test/java/org/store/clothstar/common/config/JasyptConfigTest.java b/src/test/java/org/store/clothstar/common/config/JasyptConfigTest.java index 39727bb..28bd4ee 100644 --- a/src/test/java/org/store/clothstar/common/config/JasyptConfigTest.java +++ b/src/test/java/org/store/clothstar/common/config/JasyptConfigTest.java @@ -25,4 +25,12 @@ public String jasyptEncoding(String value) { pbeEnc.setPassword(key); return pbeEnc.encrypt(value); } + + public String jasyptDecoding(String value) { + String key = "my_jasypt_key"; + StandardPBEStringEncryptor pbeEnc = new StandardPBEStringEncryptor(); + pbeEnc.setAlgorithm("PBEWithMD5AndDES"); + pbeEnc.setPassword(key); + return pbeEnc.decrypt(value); + } } \ No newline at end of file