기존 어드민 권한에 해당 담당관할 코드가 있을 경우 token 에 주입

10 months ago · 5a92ff7a75
7 changed files with 105 additions and 88 deletions
--- a/pav-server/src/main/java/com/palnet/biz/api/acnt/cstmr/controller/AcntCstmrController.java
+++ b/pav-server/src/main/java/com/palnet/biz/api/acnt/cstmr/controller/AcntCstmrController.java
@ -13,7 +13,6 @@ import io.swagger.annotations.ApiOperation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.log4j.Log4j2;
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
@ -31,7 +30,6 @@ import java.util.Map;
@Tag(name = "회원관리", description = "회원 관련 API")
 public class AcntCstmrController {
 	
-	@Autowired
 	private final AcntCstmrService service;
 	
 	@PostMapping(value = "/register")
--- a/pav-server/src/main/java/com/palnet/biz/api/acnt/cstmr/model/AnctCstmerRlModel.java
+++ b/pav-server/src/main/java/com/palnet/biz/api/acnt/cstmr/model/AnctCstmerRlModel.java
@ -27,5 +27,7 @@ public class AnctCstmerRlModel {
 	private Instant updateDt;
 	
 	private String updateuserId;
+
+	private String cptAuthCode;
 	
 }
--- a/pav-server/src/main/java/com/palnet/biz/api/acnt/jwt/model/JwtUserModel.java
+++ b/pav-server/src/main/java/com/palnet/biz/api/acnt/jwt/model/JwtUserModel.java
@ -16,85 +16,88 @@ import java.util.*;
@AllArgsConstructor
 public class JwtUserModel implements UserDetails {

-	  	@Id
-	    @GeneratedValue(strategy= GenerationType.IDENTITY)
-	  	@Column(name = "CSTMR_SNO", unique = true)
-	    private Integer cstmrSno;
-
-	    @Column(name = "USER_ID", unique = true)
-	    private String userId;
-
-	    @Column(name = "USER_PSWD")
-	    private String userPswd;
-	    
-	    @Column(name = "SITE_CODE")
-	    private String siteCode;
-
-	    @Column(name = "AUTH_ID")
-	    private String auth;
-	    
-	    @Column(name = "CSTMR_STATUS_CD")
-	    private String cstmrStatusCd;
-
-		@Transient
-		private String userNm;
-		@Transient
-		private List<JwtGroupModel> group;
-
-	  
-	    // 사용자의 권한을 콜렉션 형태로 반환
-	    // 단, 클래스 자료형은 GrantedAuthority를 구현해야함
-	    @Override
-	    public Collection<? extends GrantedAuthority> getAuthorities() {
-	        Set<GrantedAuthority> roles = new HashSet<>();
-	        for (String role : auth.split(",")) {
-	            roles.add(new SimpleGrantedAuthority(role));
-	        }
-	        return roles;
-	    }
-
-	    // 사용자의 id를 반환 (unique한 값)
-	    @Override
-	    public String getUsername() {
-	        return userId;
-	    }
-
-	    // 사용자의 password를 반환
-	    @Override
-	    public String getPassword() {
-	        return userPswd;
-	    }
-
-	    // 계정 만료 여부 반환
-	    @Override
-	    public boolean isAccountNonExpired() {
-	        // 만료되었는지 확인하는 로직
-	        return true; // true -> 만료되지 않았음
-	    }
-
-	    // 계정 잠금 여부 반환
-	    @Override
-	    public boolean isAccountNonLocked() {
-	        // 계정 잠금되었는지 확인하는 로직
-	    	if(cstmrStatusCd.equals("A"))
-	    		return true;
-	    	else 
-	    		return false;
+    @Id
+    @GeneratedValue(strategy = GenerationType.IDENTITY)
+    @Column(name = "CSTMR_SNO", unique = true)
+    private Integer cstmrSno;
+
+    @Column(name = "USER_ID", unique = true)
+    private String userId;
+
+    @Column(name = "USER_PSWD")
+    private String userPswd;
+
+    @Column(name = "SITE_CODE")
+    private String siteCode;
+
+    @Column(name = "AUTH_ID")
+    private String auth;
+
+    @Column(name = "CSTMR_STATUS_CD")
+    private String cstmrStatusCd;
+
+    @Column(name = "CPT_AUTH_CODE")
+    private String cptAuthCode;
+
+    @Transient
+    private String userNm;
+    @Transient
+    private List<JwtGroupModel> group;
+
+
+    // 사용자의 권한을 콜렉션 형태로 반환
+    // 단, 클래스 자료형은 GrantedAuthority를 구현해야함
+    @Override
+    public Collection<? extends GrantedAuthority> getAuthorities() {
+        Set<GrantedAuthority> roles = new HashSet<>();
+        for (String role : auth.split(",")) {
+            roles.add(new SimpleGrantedAuthority(role));
+        }
+        return roles;
+    }
+
+    // 사용자의 id를 반환 (unique한 값)
+    @Override
+    public String getUsername() {
+        return userId;
+    }
+
+    // 사용자의 password를 반환
+    @Override
+    public String getPassword() {
+        return userPswd;
+    }
+
+    // 계정 만료 여부 반환
+    @Override
+    public boolean isAccountNonExpired() {
+        // 만료되었는지 확인하는 로직
+        return true; // true -> 만료되지 않았음
+    }
+
+    // 계정 잠금 여부 반환
+    @Override
+    public boolean isAccountNonLocked() {
+        // 계정 잠금되었는지 확인하는 로직
+        if ("A".equals(cstmrStatusCd))
+            return true;
+        else
+            return false;
 //	        return true; // true -> 잠금되지 않았음
-	    }
-
-	    // 패스워드의 만료 여부 반환
-	    @Override
-	    public boolean isCredentialsNonExpired() {
-	        // 패스워드가 만료되었는지 확인하는 로직
-	        return true; // true -> 만료되지 않았음
-	    }
-
-	    // 계정 사용 가능 여부 반환
-	    @Override
-	    public boolean isEnabled() {
-	        // 계정이 사용 가능한지 확인하는 로직
-	    	return true; // true -> 사용 가능
-	    }
-	    
+    }
+
+    // 패스워드의 만료 여부 반환
+    @Override
+    public boolean isCredentialsNonExpired() {
+        // 패스워드가 만료되었는지 확인하는 로직
+        return true; // true -> 만료되지 않았음
+    }
+
+    // 계정 사용 가능 여부 반환
+    @Override
+    public boolean isEnabled() {
+        // 계정이 사용 가능한지 확인하는 로직
+        return true; // true -> 사용 가능
+    }
+
 }
--- a/pav-server/src/main/java/com/palnet/biz/api/acnt/jwt/utils/JwtTokenUtil.java
+++ b/pav-server/src/main/java/com/palnet/biz/api/acnt/jwt/utils/JwtTokenUtil.java
@ -73,6 +73,7 @@ public class JwtTokenUtil implements Serializable {
        claims.put("auth", userDetails.getAuth());
        claims.put("group", userDetails.getGroup());
        claims.put("userNm", userDetails.getUserNm());
+        claims.put("cptAuthCode", userDetails.getCptAuthCode());
        return doGenerateToken(claims, userDetails.getUsername());
    }

@ -178,4 +179,17 @@ public class JwtTokenUtil implements Serializable {

        return payload.get("auth", String.class);
    }
+
+
+    public String getCptAuthCodeByToken() {
+        HttpServletRequest rq = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
+        String token = rq.getHeader("Authorization");
+
+        if (token == null || "".equals(token)) return null;
+
+        token = token.substring(JWT_PREFIX.length()).trim();
+        Claims payload = getAllClaimsFromToken(token);
+
+        return payload.get("cptAuthCode", String.class);
+    }
 }
--- a/pav-server/src/main/java/com/palnet/biz/api/comn/elev/controller/ComnElevController.java
+++ b/pav-server/src/main/java/com/palnet/biz/api/comn/elev/controller/ComnElevController.java
@ -8,13 +8,10 @@ import com.palnet.biz.api.comn.response.BasicResponse;
 import com.palnet.biz.api.comn.response.ErrorResponse;
 import com.palnet.biz.api.comn.response.SuccessResponse;
 import com.palnet.comn.exception.CustomException;
-import io.swagger.annotations.ApiImplicitParam;
-import io.swagger.annotations.ApiImplicitParams;
 import io.swagger.annotations.ApiOperation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
-import org.springframework.data.domain.Page;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.PostMapping;
--- a/pav-server/src/main/java/com/palnet/biz/jpa/entity/PtyCstmrBas.java
+++ b/pav-server/src/main/java/com/palnet/biz/jpa/entity/PtyCstmrBas.java
@ -34,11 +34,12 @@ public class PtyCstmrBas implements Serializable {
 	@Column(name="CSTMR_STATUS_CD")
 	private String cstmrStatusCd;

-//	@Temporal(TemporalType.TIMESTAMP)
 	@Column(name="CSTMR_STATUS_CNG_DT", columnDefinition = "TIMESTAMP")
 	private Instant cstmrStatusCngDt;

-//	@Temporal(TemporalType.TIMESTAMP)
+	@Column(name="CPT_AUTH_CODE")
+	private String cptAuthCode;
+
 	@Column(name="JOIN_DT", columnDefinition = "TIMESTAMP")
 	private Instant joinDt;

--- a/pav-server/src/main/java/com/palnet/biz/jpa/repository/pty/PtyCstmrQueryRepository.java
+++ b/pav-server/src/main/java/com/palnet/biz/jpa/repository/pty/PtyCstmrQueryRepository.java
@ -164,6 +164,7 @@ public class PtyCstmrQueryRepository {
            model.setUserId(entity.getUserId());
            model.setCstmrSno(entity.getCstmrSno());
            model.setCstmrStatusCd(entity.getCstmrStatusCd());
+            model.setCptAuthCode(entity.getCptAuthCode());
            model.setUserPswd(entity.getUserPswd());
            if (pcgEntityList != null && !pcgEntityList.isEmpty()) {
                List<JwtGroupModel> groupModelList = new ArrayList<>();
@ -277,7 +278,8 @@ public class PtyCstmrQueryRepository {
                        dtl.email,
                        dtl.hpno,
                        dtl.updateDt,
-                        bas.userId
+                        bas.userId,
+                        bas.cptAuthCode
                ))
                .from(bas)
                .leftJoin(dtl)