Merge pull request #240 from JakduK/batch

Batch

api/src/main/java/com/jakduk/api/common/annotation/SecuredRoleUser.java

@@ -0,0 +1,17 @@
+package com.jakduk.api.common.annotation;
+
+import org.springframework.security.access.annotation.Secured;
+
+import java.lang.annotation.*;
+
+/**
+ * Created by pyohwanjang on 2017. 5. 14..
+ */
+
+@Target({ ElementType.METHOD, ElementType.TYPE })
+@Retention(RetentionPolicy.RUNTIME)
+@Inherited
+@Documented
+@Secured({"ROLE_USER_01", "ROLE_USER_02", "ROLE_USER_03"})
+public @interface SecuredRoleUser {
+}

api/src/main/java/com/jakduk/api/common/util/ApiUtils.java

@@ -13,6 +13,8 @@
 import org.springframework.security.web.util.UrlUtils;
 import org.springframework.stereotype.Component;
 import org.springframework.util.ObjectUtils;
+import org.springframework.web.util.UriComponents;
+import org.springframework.web.util.UriComponentsBuilder;
 
 import javax.annotation.Resource;
 import javax.servlet.http.Cookie;
@@ -112,18 +114,22 @@ public String generateGalleryUrl(CoreConst.IMAGE_SIZE_TYPE sizeType, String id)
         if (StringUtils.isBlank(id))
             return null;
 
-        String pictureUrl = null;
+        String urlPathGallery = null;
 
         switch (sizeType) {
             case LARGE:
-                pictureUrl = String.format("%s/%s/%s", apiProperties.getApiServerUrl(), apiProperties.getUrlPath().getGalleryImage(), id);
+                urlPathGallery = apiProperties.getUrlPath().getGalleryImage();
                 break;
             case SMALL:
-                pictureUrl = String.format("%s/%s/%s", apiProperties.getApiServerUrl(), apiProperties.getUrlPath().getGalleryThumbnail(), id);
+                urlPathGallery = apiProperties.getUrlPath().getGalleryThumbnail();
                 break;
         }
 
-        return pictureUrl;
+        UriComponents uriComponents = UriComponentsBuilder.fromHttpUrl(apiProperties.getApiServerUrl())
+                .path("/{urlPathGallery}/{id}")
+                .buildAndExpand(urlPathGallery, id);
+
+        return uriComponents.toUriString();
     }
 
     /**

api/src/main/java/com/jakduk/api/common/util/AuthUtils.java

@@ -19,6 +19,8 @@
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Component;
 import org.springframework.web.client.RestTemplate;
+import org.springframework.web.util.UriComponents;
+import org.springframework.web.util.UriComponentsBuilder;
 
 import javax.annotation.Resource;
 import java.util.ArrayList;
@@ -249,18 +251,22 @@ public String generateUserPictureUrl(CoreConst.IMAGE_SIZE_TYPE sizeType, String
         if (StringUtils.isBlank(id))
             return null;
 
-        String pictureUrl = null;
+        String urlPathUserPicture = null;
 
         switch (sizeType) {
             case LARGE:
-                pictureUrl = String.format("%s/%s/%s", apiProperties.getApiServerUrl(), apiProperties.getUrlPath().getUserPictureLarge(), id);
+                urlPathUserPicture = apiProperties.getUrlPath().getUserPictureLarge();
                 break;
             case SMALL:
-                pictureUrl = String.format("%s/%s/%s", apiProperties.getApiServerUrl(), apiProperties.getUrlPath().getUserPictureSmall(), id);
+                urlPathUserPicture = apiProperties.getUrlPath().getUserPictureSmall();
                 break;
         }
 
-        return pictureUrl;
+        UriComponents uriComponents = UriComponentsBuilder.fromHttpUrl(apiProperties.getApiServerUrl())
+                .path("/{urlPathGallery}/{id}")
+                .buildAndExpand(urlPathUserPicture, id);
+
+        return uriComponents.toUriString();
     }
 
     /**

api/src/main/java/com/jakduk/api/configuration/ApiSecurityConfig.java

@@ -9,6 +9,7 @@
 import org.springframework.http.HttpMethod;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.builders.WebSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@@ -26,6 +27,7 @@
 
 @Configuration
 @EnableWebSecurity
+@EnableGlobalMethodSecurity(securedEnabled = true)
 public class ApiSecurityConfig extends WebSecurityConfigurerAdapter {
 
     @Resource
@@ -96,19 +98,16 @@ protected void configure(HttpSecurity http) throws Exception {
                     ).hasAnyRole("USER_01", "USER_02", "USER_03")
                     .antMatchers(
                             HttpMethod.POST,
-                            "/api/board/free",                  // 자유게시판 글쓰기
                             "/api/board/free/comment",          // 자유게시판 댓글 달기
                             "/api/gallery"                      // 사진 올리기
                     ).hasAnyRole("USER_01", "USER_02", "USER_03")
                     .regexMatchers(
                             HttpMethod.PUT,
-                            "/api/board/free/(\\d+)",           // 자유게시판 글고치기
                             "/api/user/profile/me",             // 내 프로필 정보 편집
                             "/api/user/password"                // 이메일 기반 회원의 비밀번호 변경
                     ).hasAnyRole("USER_01", "USER_02", "USER_03")
                     .regexMatchers(
                             HttpMethod.DELETE,
-                            "/api/board/free/(\\d+)",           // 자유게시판 글지우기
                             "/api/user"                         // 회원 탈퇴
                     ).hasAnyRole("USER_01", "USER_02", "USER_03")
 

api/src/main/java/com/jakduk/api/restcontroller/BoardRestController.java

@@ -1,6 +1,7 @@
 package com.jakduk.api.restcontroller;
 
 import com.jakduk.api.common.ApiConst;
+import com.jakduk.api.common.annotation.SecuredRoleUser;
 import com.jakduk.api.common.util.ApiUtils;
 import com.jakduk.api.common.util.AuthUtils;
 import com.jakduk.api.restcontroller.vo.EmptyJsonResponse;
@@ -109,6 +110,7 @@ public FreeCategoriesResponse getFreeCategories() {
     }
 
     @ApiOperation("자유게시판 글쓰기")
+    @SecuredRoleUser
     @PostMapping("")
     public FreePostWriteResponse addFreePost(
             @ApiParam(value = "글 폼", required = true) @Valid @RequestBody FreePostForm form,
@@ -138,6 +140,7 @@ public FreePostWriteResponse addFreePost(
     }
 
     @ApiOperation("자유게시판 글 고치기")
+    @SecuredRoleUser
     @PutMapping("/{seq}")
     public FreePostWriteResponse editFreePost(
             @ApiParam(value = "글 seq", required = true) @PathVariable Integer seq,
@@ -173,6 +176,7 @@ public FreePostWriteResponse editFreePost(
     }
 
     @ApiOperation(value = "자유게시판 글 지움")
+    @SecuredRoleUser
     @DeleteMapping("/{seq}")
     public FreePostDeleteResponse deleteFree(
             @ApiParam(value = "글 seq", required = true) @PathVariable Integer seq) {
@@ -196,6 +200,7 @@ public FreePostDetailCommentsResponse getFreePostDetailComments(
     }
 
     @ApiOperation(value = "자유게시판 글의 댓글 달기")
+    @SecuredRoleUser
     @PostMapping("/comment")
     public BoardFreeComment addFreeComment(
             @ApiParam(value = "댓글 폼", required = true) @Valid @RequestBody BoardCommentForm form,
@@ -224,6 +229,7 @@ public BoardFreeComment addFreeComment(
     }
 
     @ApiOperation(value = "자유게시판 글의 댓글 고치기")
+    @SecuredRoleUser
     @PutMapping(value ="/comment/{id}")
     public BoardFreeComment editFreeComment(
             @ApiParam(value = "댓글 ID", required = true) @PathVariable String id,
@@ -263,6 +269,7 @@ public BoardFreeComment editFreeComment(
     }
 
     @ApiOperation("자유게시판 글의 댓글 지우기")
+    @SecuredRoleUser
     @DeleteMapping("/comment/{id}")
     public EmptyJsonResponse deleteFreeComment(
             @ApiParam(value = "댓글 ID", required = true) @PathVariable String id) {
@@ -278,6 +285,7 @@ public EmptyJsonResponse deleteFreeComment(
     }
 
     @ApiOperation(value = "자유게시판 글 감정 표현")
+    @SecuredRoleUser
     @RequestMapping(value = "/{seq}/{feeling}", method = RequestMethod.POST)
     public UserFeelingResponse addFreeFeeling(
             @ApiParam(value = "글 seq", required = true) @PathVariable Integer seq,
@@ -319,6 +327,7 @@ public FreePostFeelingsResponse getFreeFeelings (
     }
 
     @ApiOperation(value = "자유게시판 댓글 감정 표현")
+    @SecuredRoleUser
     @RequestMapping(value = "/comment/{commentId}/{feeling}", method = RequestMethod.POST)
     public UserFeelingResponse addFreeCommentFeeling(
             @ApiParam(value = "댓글 ID", required = true) @PathVariable String commentId,

api/src/main/java/com/jakduk/api/restcontroller/RestExceptionHandler.java

@@ -12,6 +12,7 @@
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.http.converter.HttpMessageNotReadableException;
+import org.springframework.security.access.AccessDeniedException;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.validation.BindingResult;
 import org.springframework.validation.FieldError;
@@ -172,6 +173,28 @@ public ResponseEntity<RestErrorResponse> authenticationException(AuthenticationE
         return new ResponseEntity<>(restErrorResponse, HttpStatus.valueOf(serviceError.getHttpStatus()));
     }
 
+    /**
+     * 접근 거부. 로그인 필요
+     */
+    @ExceptionHandler(AccessDeniedException.class)
+    public ResponseEntity<RestErrorResponse> accessDeniedException(AccessDeniedException ex) {
+
+        ServiceError serviceError = ServiceError.NEED_TO_LOGIN;
+
+        RestErrorResponse restErrorResponse = new RestErrorResponse(
+                serviceError.getCode(), ex.getLocalizedMessage(), serviceError.getHttpStatus()
+        );
+
+        try {
+            log.warn(ObjectMapperUtils.writeValueAsString(restErrorResponse));
+        } catch (JsonProcessingException ignore) {
+            log.warn(ex.getLocalizedMessage());
+        }
+
+        return new ResponseEntity<>(restErrorResponse, HttpStatus.valueOf(serviceError.getHttpStatus()));
+    }
+
+
     @ExceptionHandler(ServiceException.class)
     @ResponseBody
     public ResponseEntity<RestErrorResponse> serviceException(ServiceException ex) {

api/src/main/java/com/jakduk/api/restcontroller/UserRestController.java

@@ -253,6 +253,7 @@ public EmptyJsonResponse deleteUser(
 
         userService.deleteUser(authUserProfile.getId());
 
+        // 참고 @{link http://websystique.com/spring-security/spring-security-4-logout-example/}
         new SecurityContextLogoutHandler().logout(request, response, SecurityContextHolder.getContext().getAuthentication());
 
         return EmptyJsonResponse.newInstance();

api/src/test/java/com/jakduk/api/common/CommonTest.java

@@ -1,7 +1,6 @@
 package com.jakduk.api.common;
 
 import com.jakduk.api.ApiApplicationTests;
-import com.jakduk.core.service.CommonService;
 import org.junit.Assert;
 import org.junit.Test;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -11,9 +10,6 @@
 
 public class CommonTest extends ApiApplicationTests {
 
-	@Autowired
-	CommonService commonService;
-
 	@Autowired
 	private Environment environment;
 
@@ -33,7 +29,6 @@ public void environmentTest() {
 
 		Assert.assertFalse(passwordEncoder.matches("1112", password));
 		Assert.assertTrue(passwordEncoder.matches("1111", password));
-
 	}
-	
+
 }

api/src/test/java/com/jakduk/api/common/SitemapTest.java

@@ -8,6 +8,8 @@
 import org.junit.runner.RunWith;
 import org.mockito.runners.MockitoJUnitRunner;
 import org.springframework.util.ObjectUtils;
+import org.springframework.web.util.UriComponents;
+import org.springframework.web.util.UriComponentsBuilder;
 
 import java.net.MalformedURLException;
 import java.util.Date;
@@ -35,4 +37,13 @@ public void generateSitemap() {
         }
     }
 
+    @Test
+    public void URL생성() {
+        UriComponents uriComponents = UriComponentsBuilder.fromHttpUrl("https://localhost:8080")
+                .path("/{path1}/{path2}")
+                .buildAndExpand("path1", "path2");
+
+        Assert.assertTrue(uriComponents.toUriString().equals("https://localhost:8080/path1/path2"));
+    }
+
 }

batch/build.gradle

@@ -1,14 +1,9 @@
 description = 'batch'
 
-configurations {
-	all*.exclude group:'javax.persistence'
-}
-
 dependencies {
 	compile project(':core')
 
-	compile('org.springframework.boot:spring-boot-starter-batch') {
-		exclude group:'org.apache.tomcat', module:'tomcat-jdbc'
-//		exclude group:'org.springframework', module:'spring-jdbc'
-	}
+	compile('org.springframework.boot:spring-boot-starter-batch')
+
+	compile 'org.mariadb.jdbc:mariadb-java-client:1.5.9'
 }

batch/src/main/resources/application-default.properties

@@ -1,3 +1,8 @@
 spring.profiles.include=core-default
 
-logging.level.root=DEBUG
+logging.level.root=DEBUG
+
+spring.datasource.url=jdbc:mariadb://192.168.35.149:3306/JAKDUK_BATCH_DEV
+spring.datasource.username=root
+spring.datasource.password=jakduk584
+spring.batch.initializer.enabled=false

batch/src/main/resources/application-production.properties

@@ -1,3 +1,8 @@
 spring.profiles.include=core-production
 
-logging.level.root=DEBUG
+logging.level.root=DEBUG
+
+spring.datasource.url=jdbc:mariadb://192.168.35.149:3306/JAKDUK_BATCH_PRD
+spring.datasource.username=root
+spring.datasource.password=jakduk584
+spring.batch.initializer.enabled=false

batch/src/main/resources/application-staging.properties

@@ -1,3 +1,8 @@
 spring.profiles.include=core-staging
 
-logging.level.root=DEBUG
+logging.level.root=DEBUG
+
+spring.datasource.url=jdbc:mariadb://192.168.35.149:3306/JAKDUK_BATCH_DEV
+spring.datasource.username=root
+spring.datasource.password=jakduk584
+spring.batch.initializer.enabled=false