Merge remote-tracking branch 'origin/integration' into develop

SWM-Flash · Sep 11, 2024 · 14768e5 · 14768e5
2 parents 947cc5c + e0295e1
commit 14768e5
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 2 deletions.
diff --git a/src/main/java/com/first/flash/account/member/domain/Role.java b/src/main/java/com/first/flash/account/member/domain/Role.java
@@ -7,7 +7,7 @@
 @ToString
 public enum Role {
 
-    ROLE_ADMIN("ROLE_ADMIN"), ROLE_USER("ROLE_USER");
+    ROLE_ADMIN("ROLE_ADMIN"), ROLE_USER("ROLE_USER"), ROLE_WEB("ROLE_WEB");
 
     private String role;
 }
diff --git a/src/main/java/com/first/flash/global/config/SecurityConfig.java b/src/main/java/com/first/flash/global/config/SecurityConfig.java
@@ -8,6 +8,7 @@
 import lombok.RequiredArgsConstructor;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpMethod;
 import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@@ -47,7 +48,9 @@ public SecurityFilterChain filterChain(final HttpSecurity http) throws Exception
                    .authorizeHttpRequests(authorize -> authorize
                        .requestMatchers(AUTH_WHITELIST).permitAll()
                        .requestMatchers("/admin/**").hasRole("ADMIN")
-                       .anyRequest().authenticated()
+                       .requestMatchers(HttpMethod.GET, "/**").hasRole("WEB")
+                       .requestMatchers("/**").hasAnyRole("ADMIN", "USER")
+                       .anyRequest().denyAll()
                    )
                    .addFilterBefore(new JwtAuthFilter(tokenManager, userDetailsService),
                        UsernamePasswordAuthenticationFilter.class)