From 2b7177659dcbee835b1be2e86edee658f19122ad Mon Sep 17 00:00:00 2001 From: shinmj Date: Wed, 17 Nov 2021 16:45:11 +0900 Subject: [PATCH] =?UTF-8?q?sonarqube=20plugin=20add=20&&=20=EB=B3=B4?= =?UTF-8?q?=EC=95=88=EC=A0=90=EA=B2=80=20=EC=86=8C=EC=8A=A4=20=EC=88=98?= =?UTF-8?q?=EC=A0=95(user-service)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- backend/user-service/build.gradle | 1 + .../dto/AuthorizationUpdateRequestDto.java | 9 +++ .../config/AuthenticationFilter.java | 5 +- .../userservice/config/TokenProvider.java | 4 +- .../domain/role/Authorization.java | 3 + .../service/role/AuthorizationService.java | 60 +++++++++++-------- .../userservice/service/user/UserService.java | 35 ++--------- .../role/AuthorizationApiControllerTest.java | 45 ++++++++++++++ 8 files changed, 101 insertions(+), 61 deletions(-) diff --git a/backend/user-service/build.gradle b/backend/user-service/build.gradle index 936e666..5435f19 100644 --- a/backend/user-service/build.gradle +++ b/backend/user-service/build.gradle @@ -1,5 +1,6 @@ plugins { id 'org.springframework.boot' version '2.4.5' + id "org.sonarqube" version "2.7" id 'io.spring.dependency-management' version '1.0.11.RELEASE' // querydsl id 'com.ewerk.gradle.plugins.querydsl' version '1.0.10' diff --git a/backend/user-service/src/main/java/org/egovframe/cloud/userservice/api/role/dto/AuthorizationUpdateRequestDto.java b/backend/user-service/src/main/java/org/egovframe/cloud/userservice/api/role/dto/AuthorizationUpdateRequestDto.java index f47509b..45aad39 100644 --- a/backend/user-service/src/main/java/org/egovframe/cloud/userservice/api/role/dto/AuthorizationUpdateRequestDto.java +++ b/backend/user-service/src/main/java/org/egovframe/cloud/userservice/api/role/dto/AuthorizationUpdateRequestDto.java @@ -1,5 +1,6 @@ package org.egovframe.cloud.userservice.api.role.dto; +import lombok.Builder; import lombok.Getter; import javax.validation.constraints.NotBlank; @@ -49,4 +50,12 @@ public class AuthorizationUpdateRequestDto { @NotNull(message = "{authorization.sortSeq} {err.required}") private Integer sortSeq; + @Builder + public AuthorizationUpdateRequestDto(String authorizationName, String urlPatternValue, + String httpMethodCode, Integer sortSeq) { + this.authorizationName = authorizationName; + this.urlPatternValue = urlPatternValue; + this.httpMethodCode = httpMethodCode; + this.sortSeq = sortSeq; + } } diff --git a/backend/user-service/src/main/java/org/egovframe/cloud/userservice/config/AuthenticationFilter.java b/backend/user-service/src/main/java/org/egovframe/cloud/userservice/config/AuthenticationFilter.java index d0c06c2..0ddc127 100644 --- a/backend/user-service/src/main/java/org/egovframe/cloud/userservice/config/AuthenticationFilter.java +++ b/backend/user-service/src/main/java/org/egovframe/cloud/userservice/config/AuthenticationFilter.java @@ -108,9 +108,6 @@ public class AuthenticationFilter extends UsernamePasswordAuthenticationFilter { } catch (IOException e) { log.error(e.getLocalizedMessage()); throw new RuntimeException(e); - } catch (Exception e) { - log.error(e.getLocalizedMessage()); - throw e; } } @@ -190,7 +187,7 @@ public class AuthenticationFilter extends UsernamePasswordAuthenticationFilter { HttpServletResponse httpServletResponse = (HttpServletResponse) response; httpServletResponse.setStatus(e.getErrorCode().getStatus()); log.error("AuthenticationFilter doFilter error: {}", e.getMessage()); - } catch (Exception e) { + } catch (ServletException | IOException e) { SecurityContextHolder.getContext().setAuthentication(null); HttpServletResponse httpServletResponse = (HttpServletResponse) response; httpServletResponse.setStatus(HttpStatus.UNAUTHORIZED.value()); diff --git a/backend/user-service/src/main/java/org/egovframe/cloud/userservice/config/TokenProvider.java b/backend/user-service/src/main/java/org/egovframe/cloud/userservice/config/TokenProvider.java index c427e99..56ad9cf 100644 --- a/backend/user-service/src/main/java/org/egovframe/cloud/userservice/config/TokenProvider.java +++ b/backend/user-service/src/main/java/org/egovframe/cloud/userservice/config/TokenProvider.java @@ -130,9 +130,11 @@ public class TokenProvider { // 사용자가 있으면 access token 을 새로 발급하여 리턴한다. String accessToken = createAccessToken(user.getRoleKey(), user.getUserId()); + String filteredRefreshToken = refreshToken.replaceAll("\r", "").replaceAll("\n", ""); + // Header에 토큰 세팅 response.addHeader(TOKEN_ACCESS_KEY, accessToken); - response.addHeader(TOKEN_REFRESH_KEY, refreshToken); + response.addHeader(TOKEN_REFRESH_KEY, filteredRefreshToken); response.addHeader(TOKEN_USER_ID, user.getUserId()); return accessToken; } diff --git a/backend/user-service/src/main/java/org/egovframe/cloud/userservice/domain/role/Authorization.java b/backend/user-service/src/main/java/org/egovframe/cloud/userservice/domain/role/Authorization.java index ff1cfd5..2b16c45 100644 --- a/backend/user-service/src/main/java/org/egovframe/cloud/userservice/domain/role/Authorization.java +++ b/backend/user-service/src/main/java/org/egovframe/cloud/userservice/domain/role/Authorization.java @@ -5,6 +5,7 @@ import com.fasterxml.jackson.annotation.ObjectIdGenerators; import lombok.Builder; import lombok.Getter; import lombok.NoArgsConstructor; +import lombok.ToString; import org.egovframe.cloud.servlet.domain.BaseEntity; import org.hibernate.annotations.OnDelete; import org.hibernate.annotations.OnDeleteAction; @@ -34,6 +35,7 @@ import java.util.List; @NoArgsConstructor @Entity @JsonIdentityInfo(generator = ObjectIdGenerators.IntSequenceGenerator.class) +@ToString public class Authorization extends BaseEntity { /** @@ -70,6 +72,7 @@ public class Authorization extends BaseEntity { /** * 권한 인가 엔티티 */ + @ToString.Exclude @OneToMany(mappedBy = "authorization", fetch = FetchType.LAZY, cascade = CascadeType.ALL, orphanRemoval = true) @OnDelete(action = OnDeleteAction.CASCADE) private List roleAuthorizations; diff --git a/backend/user-service/src/main/java/org/egovframe/cloud/userservice/service/role/AuthorizationService.java b/backend/user-service/src/main/java/org/egovframe/cloud/userservice/service/role/AuthorizationService.java index aa9b6ee..e95b20f 100644 --- a/backend/user-service/src/main/java/org/egovframe/cloud/userservice/service/role/AuthorizationService.java +++ b/backend/user-service/src/main/java/org/egovframe/cloud/userservice/service/role/AuthorizationService.java @@ -219,33 +219,8 @@ public class AuthorizationService extends AbstractService { @Transactional public AuthorizationResponseDto update(Integer authorizationNo, AuthorizationUpdateRequestDto requestDto) { Authorization entity = findAuthorization(authorizationNo); - // 정렬 순서가 변경된 경우 사이 구간 정렬 순서 조정 - Integer beforeSortSeq = entity.getSortSeq(); - Integer afterSortSeq = requestDto.getSortSeq(); - Integer startSortSeq = null; - Integer endSortSeq = null; - int increaseSortSeq = 0; - if (beforeSortSeq == null && afterSortSeq != null) { - startSortSeq = afterSortSeq; - increaseSortSeq = 1; - } else if (beforeSortSeq != null && afterSortSeq == null) { - startSortSeq = beforeSortSeq + 1; - increaseSortSeq = -1; - } else if (beforeSortSeq != null && afterSortSeq != null && beforeSortSeq.compareTo(afterSortSeq) != 0) { - if (beforeSortSeq.compareTo(afterSortSeq) > 0) { - startSortSeq = afterSortSeq; - endSortSeq = beforeSortSeq - 1; - increaseSortSeq = 1; - } else { - startSortSeq = beforeSortSeq + 1; - endSortSeq = afterSortSeq; - increaseSortSeq = -1; - } - } - if (startSortSeq != null || endSortSeq != null) { - authorizationRepository.updateSortSeq(startSortSeq, endSortSeq, increaseSortSeq); - } + updateSortSeq(entity, requestDto); // 수정 entity.update(requestDto.getAuthorizationName(), requestDto.getUrlPatternValue(), requestDto.getHttpMethodCode(), requestDto.getSortSeq()); @@ -255,6 +230,39 @@ public class AuthorizationService extends AbstractService { return new AuthorizationResponseDto(entity); } + /** + * 정렬순서 update + * + * @param entity 인가 엔티티 + * @param requestDto 인가 수정 요청 DTO + */ + private void updateSortSeq(Authorization entity, AuthorizationUpdateRequestDto requestDto) { + // 정렬 순서가 변경된 경우 사이 구간 정렬 순서 조정 + Integer beforeSortSeq = entity.getSortSeq(); + Integer afterSortSeq = requestDto.getSortSeq(); + + if (beforeSortSeq == null) { + authorizationRepository.updateSortSeq(afterSortSeq, null, 1); + return; + } + + if (afterSortSeq == null) { + authorizationRepository.updateSortSeq(beforeSortSeq+1, null, -1); + return; + } + int compareTo = beforeSortSeq.compareTo(afterSortSeq); + if (compareTo > 0) { + authorizationRepository.updateSortSeq(afterSortSeq, beforeSortSeq-1, 1); + return; + } + + if (compareTo < 0) { + authorizationRepository.updateSortSeq(beforeSortSeq+1, afterSortSeq, -1); + return; + } + + } + /** * 인가 삭제 * 권한 인가도 같이 삭제됨 diff --git a/backend/user-service/src/main/java/org/egovframe/cloud/userservice/service/user/UserService.java b/backend/user-service/src/main/java/org/egovframe/cloud/userservice/service/user/UserService.java index 7b0048c..570e779 100644 --- a/backend/user-service/src/main/java/org/egovframe/cloud/userservice/service/user/UserService.java +++ b/backend/user-service/src/main/java/org/egovframe/cloud/userservice/service/user/UserService.java @@ -452,8 +452,8 @@ public class UserService extends AbstractService implements UserDetailsService { User entity = findUserVerify(userId, requestDto); entity.updatePassword(passwordEncoder.encode(requestDto.getNewPassword())); // 비밀번호 수정 - } catch (Exception e) { - e.printStackTrace(); + } catch (IllegalArgumentException e) { + log.error(e.getLocalizedMessage()); throw e; } @@ -472,8 +472,6 @@ public class UserService extends AbstractService implements UserDetailsService { findUserVerifyPassword(userId, password); } catch (BusinessMessageException e) { return false; - } catch (Exception e) { - return false; } return true; @@ -848,34 +846,11 @@ public class UserService extends AbstractService implements UserDetailsService { .build(); user.setSocial(providerCode, providerId); - if (user != null) { - userRepository.save(user); - } + userRepository.save(user); + } - return user == null ? null : new UserResponseDto(user); - } - - /** - * 임의 비밀번호 10자리 생성 - * - * @return String 비밀번호 - */ - private String makeRandomPassword() { - char[] terms = new char[]{ - '1', '2', '3', '4', '5', '6', '7', '8', '9', '0', - 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', - 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', - '!', '@', '#', '$', '%', '^', '&', '*', '(', ')'}; - - StringBuilder sb = new StringBuilder(); - - for (int i = 0; i < 10; i++) { - int index = (int) (Math.random() * terms.length); - sb.append(terms[index]); - } - - return sb.toString(); + return new UserResponseDto(user); } } \ No newline at end of file diff --git a/backend/user-service/src/test/java/org/egovframe/cloud/userservice/api/role/AuthorizationApiControllerTest.java b/backend/user-service/src/test/java/org/egovframe/cloud/userservice/api/role/AuthorizationApiControllerTest.java index f19e30c..6938812 100644 --- a/backend/user-service/src/test/java/org/egovframe/cloud/userservice/api/role/AuthorizationApiControllerTest.java +++ b/backend/user-service/src/test/java/org/egovframe/cloud/userservice/api/role/AuthorizationApiControllerTest.java @@ -1,6 +1,8 @@ package org.egovframe.cloud.userservice.api.role; +import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.databind.ObjectMapper; +import org.egovframe.cloud.userservice.api.role.dto.AuthorizationUpdateRequestDto; import org.egovframe.cloud.userservice.domain.role.Authorization; import org.egovframe.cloud.userservice.domain.role.AuthorizationRepository; import org.egovframe.cloud.userservice.domain.role.RoleAuthorization; @@ -306,6 +308,49 @@ class AuthorizationApiControllerTest { deleteTestData(authorizationNo); } + @Test + @WithMockUser(roles = "ADMIN") + void 인가_정렬순서_변경() throws Exception { + // given + insertTestDatas(); + + testDatas.stream().forEach(System.out::println); + + Authorization authorization = testDatas.get(4); + + assertThat(authorization.getSortSeq()).isEqualTo(5); + + AuthorizationUpdateRequestDto requestDto = AuthorizationUpdateRequestDto.builder() + .authorizationName(authorization.getAuthorizationName()) + .httpMethodCode(authorization.getHttpMethodCode()) + .urlPatternValue(authorization.getUrlPatternValue()) + .sortSeq(7) + .build(); + + // when + ResultActions resultActions = mvc.perform(MockMvcRequestBuilders.put(URL + "/" + authorization.getAuthorizationNo()) + .accept(MediaType.APPLICATION_JSON) + .contentType("application/json;charset=UTF-8") + .content(objectMapper.writeValueAsString(requestDto))); + + // then + resultActions + .andDo(MockMvcResultHandlers.print()) + .andExpect(MockMvcResultMatchers.status().isOk()); + + Optional optional = selectData(authorization.getAuthorizationNo()); + assertThat(optional.isPresent()).isTrue(); + Authorization updateAuthorization = optional.get(); + + assertThat(updateAuthorization.getSortSeq()).isEqualTo(7); + + List all = authorizationRepository.findAll(); + all.stream().forEach(System.out::println); + + deleteTestDatas(); + + } + /** * 인가 삭제 테스트 */