FIX :: 권한처리

team-xquare · Mar 29, 2024 · 9ca3b10 · 9ca3b10
1 parent 788f51d
commit 9ca3b10
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 0 deletions.
diff --git a/...n/kotlin/xquare/app/xquareinfra/domain/deploy/adapter/dto/request/ApproveDeployRequest.kt b/...n/kotlin/xquare/app/xquareinfra/domain/deploy/adapter/dto/request/ApproveDeployRequest.kt
@@ -1,5 +1,6 @@
 package xquare.app.xquareinfra.domain.deploy.adapter.dto.request
 
 data class ApproveDeployRequest(
+    val accessKey: String,
     val secretKey: String
 )
diff --git a/...n/kotlin/xquare/app/xquareinfra/domain/deploy/application/service/ApproveDeployService.kt b/...n/kotlin/xquare/app/xquareinfra/domain/deploy/application/service/ApproveDeployService.kt
@@ -1,18 +1,26 @@
 package xquare.app.xquareinfra.domain.deploy.application.service
 
+import org.springframework.beans.factory.annotation.Value
 import org.springframework.stereotype.Service
 import org.springframework.transaction.annotation.Transactional
 import xquare.app.xquareinfra.domain.deploy.adapter.dto.request.ApproveDeployRequest
 import xquare.app.xquareinfra.domain.deploy.application.port.`in`.ApproveDeployUseCase
 import xquare.app.xquareinfra.domain.deploy.application.port.out.FindDeployPort
 import xquare.app.xquareinfra.infrastructure.exception.BusinessLogicException
+import xquare.app.xquareinfra.infrastructure.exception.XquareException
 
 @Transactional
 @Service
 class ApproveDeployService(
+    @Value("\${secret.accessKey}")
+    private val accessKey: String,
     private val findDeployPort: FindDeployPort
 ): ApproveDeployUseCase {
+
     override fun approveDeploy(deployNameEn: String, req: ApproveDeployRequest) {
+        if(req.accessKey != accessKey) {
+            throw XquareException.FORBIDDEN
+        }
         val deploy = findDeployPort.findByDeployName(deployNameEn) ?: throw BusinessLogicException.DEPLOY_NOT_FOUND
         deploy.updateSecret(req.secretKey)
         deploy.approveDeploy()

diff --git a/src/main/kotlin/xquare/app/xquareinfra/infrastructure/security/config/RequestPermitConfig.kt b/src/main/kotlin/xquare/app/xquareinfra/infrastructure/security/config/RequestPermitConfig.kt
@@ -14,6 +14,7 @@ class RequestPermitConfig : SecurityConfigurerAdapter<DefaultSecurityFilterChain
             requestMatchers(CorsUtils::isCorsRequest).permitAll()
                 .antMatchers("/team").permitAll()
                 .antMatchers("/auth/**").permitAll()
+                .antMatchers("/deploy/**/approve").permitAll()
             anyRequest().authenticated()
         }
     }