메모장
@AuthenticationPrincipal 이용한 게시판 접근 제한 본문
Controller
@GetMapping("/{boardSeq}")
@ApiOperation("게시판 조회")
public CommonResult getBoard(@PathVariable Long boardSeq,
@AuthenticationPrincipal CustomUserDetails customUserDetails) {
return responseService.getSingleResult(boardService
.getBoard(boardSeq, customUserDetails.getUserSeq()));
}
Service
@Transactional(readOnly = true)
public getBoard(Long boardSeq, Long userSeq) {
if (!hasBoardAuthorization(userSeq, boardSeq)) {
throw new CustomAuthorizationException();
}
}
// 로그인한 유저의 게시판인지 확인
@Transactional(readOnly = true)
public boolean hasBoardAuthorization(Long loginUserSeq, Long boardSeq) {
Board board = boardRepository.findById(boardSeq)
.orElseThrow(NoSuchElementException::new);
return Object.equals(loginUserSeq, board.getUserSeq());
}'Java' 카테고리의 다른 글
| Swagger (0) | 2023.01.13 |
|---|---|
| 게시판 파일 수정 (0) | 2023.01.11 |
| CustomUserDetails, CustomUserDetailsService (0) | 2023.01.10 |
| Optional (0) | 2023.01.09 |
| BigDecimal (0) | 2023.01.05 |