2단계 - 리팩터링 #7
Open
2단계 - 리팩터링 #7
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
byjo
requested changes
Dec 13, 2022
| public class AuthorizationFilter extends GenericFilterBean { | ||
|
|
||
| @Override | ||
| public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { |
There was a problem hiding this comment.
이번 요구사항에서 추가된 GET /members/me 요청은 사용자가 인증이 완료 되었으면 접근 가능합니다.
즉, 모든 Member는 권한이 없더라도 자신의 정보를 볼 수 있죠.
먼저 AuthorizationFilter에 인증이 완료된 사용자일 때 403 에러를 받지 않도록 로직을 추가한 후, 리팩터링을 해보면 좋을 것 같네요.
리팩터링 과정에서 요청에 맞는 인가 방법을 확인할 때, AuthConfig에서 설정한 AuthorizeRequestMatcherRegistry 를 참고하시면 되겠습니다!
Comment on lines
+25
to
+44
| protected ExtractableResponse<Response> get(final String path, | ||
| final Map<String, ?> cookies) { | ||
| return RestAssured.given().log().all() | ||
| .cookies(cookies) | ||
| .contentType(MediaType.APPLICATION_JSON_VALUE) | ||
| .when() | ||
| .get(path) | ||
| .then().log().all() | ||
| .extract(); | ||
| } | ||
| protected ExtractableResponse<Response> post(final String path, | ||
| final Map<String, ?> parameters) { | ||
| return RestAssured.given().log().all() | ||
| .formParams(parameters) | ||
| .contentType(MediaType.APPLICATION_FORM_URLENCODED_VALUE) | ||
| .when() | ||
| .post(path) | ||
| .then().log().all() | ||
| .extract(); | ||
| } |
There was a problem hiding this comment.
이 메서드 덕분에 테스트 코드가 훨씬 깔끔해졌네요 👍👍
| @@ -10,4 +10,6 @@ public interface Authentication { | |||
| Set<String> getAuthorities(); | |||
|
|
|||
| boolean isAuthenticated(); | |||
|
|
|||
| boolean isAdmin(); | |||
There was a problem hiding this comment.
이 메서드가 프레임워크의 인터페이스까지 들어와야하나 조금 고민이 되네요.
모든 애플리케이션의 인증 객체에 admin이란 권한이 들어가나 싶어서요 ㅎㅎ
구구는 어떻게 생각하시나요?
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
피드백 강의를 참고해서 막혔던 부분 해결했습니다~!
인가 로직을 좀 더 고도화 할 필요가 있어 보이는데 먼저 리뷰 요청 보내요.