feature/securityError

.github/workflows/wbc-actions.yaml

@@ -0,0 +1,81 @@
+name: App with Github Actions, wbc
+
+on:
+  # workflow_dispatch
+  push:
+    branches:
+      - dev
+
+jobs:
+  ci-cd:
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Set up JDK 17
+      uses: actions/setup-java@v4
+      with:
+        java-version: '17'
+        distribution: 'temurin'
+
+    - name: Make application.properties
+      run: |
+        cd ./src/main/resources
+        touch ./application.properties
+        echo "${{ secrets.PROPERTIES }}" > ./application.properties
+      shell: bash
+
+    - name: Grant execute permission for Gradle Wrapper
+      run: chmod +x ./gradlew
+
+    - name: Build with Gradle
+      run: ./gradlew clean build -x test
+      # env:
+        # GRADLE_OPTS: "-Dorg.gradle.daemon=false"
+
+    - name: Upload build artifact
+      uses: actions/upload-artifact@v4
+      with:
+        name: app
+        path: build/libs
+
+    - name: Configure AWS credentials
+      uses: aws-actions/configure-aws-credentials@v4
+      with:
+        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+        aws-region: ${{ secrets.AWS_REGION }}
+
+    - name: Login to Amazon ECR
+      id: login-ecr
+      uses: aws-actions/amazon-ecr-login@v1
+
+    - name: Build, tag, and push image to Amazon ECR
+      id: build-image
+      env:
+        ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
+        ECR_REPOSITORY: ${{ secrets.AWS_ECR_REPOSITORY }}
+        IMAGE_TAG: ${{ github.sha }}
+      run: |
+        docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
+        docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
+
+    - name: Update application image version for ArgoCD
+      uses: actions/checkout@v4
+      with:
+        repository: ${{ secrets.G_USER }}/${{ secrets.G_REPOSITORY }}
+        ref: main
+        token: ${{ secrets.G_TOKEN }}
+
+    - name: Set up Image
+      run: |
+        sed -i "s%image: ${{ secrets.AWS_ECR_ID }}.dkr.ecr.${{ secrets.AWS_ECR_REGION }}.amazonaws.com/${{ secrets.AWS_ECR_REPOSITORY }}:[a-zA-Z0-9]*%image: ${{ secrets.AWS_ECR_ID }}.dkr.ecr.${{ secrets.AWS_ECR_REGION }}.amazonaws.com/${{ secrets.AWS_ECR_REPOSITORY }}:${{ github.sha }}%" ./manifest/wbc-app-manifest.yaml
+
+    - name: Commit and push changes
+      run: |
+        git config --local user.email "${{ secrets.G_USER_EMAIL }}"
+        git config --local user.name "${{ secrets.G_USER_NAME }}"
+        git add .
+        git commit -m "Update application image version for ArgoCD"
+        git push

Dockerfile

@@ -0,0 +1,4 @@
+FROM openjdk:17
+ARG JAR_FILE=build/libs/*.jar
+COPY ${JAR_FILE} app.jar
+ENTRYPOINT ["java", "-jar", "/app.jar"]

build.gradle

@@ -54,10 +54,6 @@ dependencies {
     implementation platform('software.amazon.awssdk:bom:2.27.21')
     implementation 'io.awspring.cloud:spring-cloud-aws-starter-s3:3.0.2'
     implementation 'software.amazon.awssdk:s3'
-
-
-
-
 }
 
 tasks.named('test') {

setting.md

@@ -1,4 +1,4 @@
-## db
+git ## db
 
 - 로컬에 db 계정 먼저 해주세용
   - user: wbc

src/main/java/ce3/wbc/WbcApplication.java

@@ -2,7 +2,9 @@
 
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.data.jpa.repository.config.EnableJpaAuditing;
 
+@EnableJpaAuditing
 @SpringBootApplication
 public class WbcApplication {
 

src/main/java/ce3/wbc/config/S3Config.java

@@ -25,7 +25,7 @@ public class S3Config {
     @Bean
     public S3Client s3client() {
 
-    	// S3 사용 인증 객체
+        // S3 사용 인증 객체
         //AWSCredentials  credentials = new BasicAWSCredentials(awsAccessKey, awsSecretKey);
 
         // 리전 정보 입력 -> S3 사용 객체 생성

src/main/java/ce3/wbc/config/SecurityConfig.java

@@ -1,12 +1,98 @@
 package ce3.wbc.config;
 
+import ce3.wbc.security.WbcAuthenticationFailureHandler;
+import ce3.wbc.security.WbcAuthenticationSuccessHandler;
+import ce3.wbc.security.WbcUserDetailsService;
+import lombok.RequiredArgsConstructor;
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpMethod;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.authentication.AuthenticationProvider;
+import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
+import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
 import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.web.SecurityFilterChain;
 
-@EnableMethodSecurity(prePostEnabled = true,securedEnabled = true)
+@EnableMethodSecurity(prePostEnabled = true, securedEnabled = true)
 @EnableWebSecurity
 @Configuration
+@RequiredArgsConstructor
 public class SecurityConfig {
 
+    private final WbcAuthenticationSuccessHandler wbcAuthenticationSuccessHandler;
+    private final WbcAuthenticationFailureHandler wbcAuthenticationFailureHandler;
+    private final WbcUserDetailsService wbcUserDetailsService;
+
+    @Bean
+    public SecurityFilterChain securityFilterChain(HttpSecurity security) throws Exception {
+        security.csrf(csrf -> csrf.disable())
+                .cors(cors -> cors.disable());
+        //인가
+        security.authorizeHttpRequests((authorize ->
+                authorize
+                        .requestMatchers(HttpMethod.GET,"/restaurants/{restId}").permitAll()
+                        .requestMatchers(HttpMethod.GET,"/api/restaurants/{restId}").permitAll()
+                        .requestMatchers(HttpMethod.POST, "/users/sign-up").permitAll()
+                        .requestMatchers(HttpMethod.POST, "/replies/**").authenticated()
+                        .requestMatchers(HttpMethod.PUT, "/replies/**").authenticated()
+                        .requestMatchers(HttpMethod.DELETE, "/replies/**").authenticated()
+
+                        .requestMatchers("/favicon.ico").permitAll()
+                        .requestMatchers("/error", "/error/**").permitAll()
+                        .anyRequest().permitAll()
+
+        ));
+        //로그인 폼사용
+        security.formLogin(form -> form
+                .loginPage("/users/login")
+                .loginProcessingUrl("/users/login") //프론트엔드에서 action="/users/login"으로 설정할것
+                .successHandler(wbcAuthenticationSuccessHandler) // 로그인 처리
+                .failureUrl("/login?error=true")
+                .failureHandler(wbcAuthenticationFailureHandler)
+
+        );
+
+        //Spring Security기본설정 : POST /logout
+        security.logout(logout -> logout.logoutSuccessUrl("/chefs")) //Spring Security기본설정 : POST /logout
+                .logout(logout -> logout.logoutUrl("/users/logout") //FE GET/logout,추가
+                        .logoutSuccessUrl("/chefs").invalidateHttpSession(true)
+                        .deleteCookies("JSESSIONID"));
+
+        // 세션
+        security.sessionManagement(httpSecuritySessionManagementConfigurer
+                -> httpSecuritySessionManagementConfigurer
+                .invalidSessionUrl("/login")
+                .sessionFixation().migrateSession()
+                .maximumSessions(2)
+                .expiredUrl("/login"));
+
+        return security.build();
+    }
+
+    @Bean
+    public AuthenticationProvider authenticationProvider() {
+        DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider();
+        authProvider.setUserDetailsService(wbcUserDetailsService); //WbcUserDetailsService
+        authProvider.setPasswordEncoder(passwordEncoder()); //비밀번호 암호화 설정
+        return authProvider;
+    }
+
+    //비밀번호 암호화 규칙
+    @Bean
+    public AuthenticationManager authenticationManager(AuthenticationConfiguration authenticationConfiguration) throws Exception {
+        return authenticationConfiguration.getAuthenticationManager();
+    }
+
+
+
+    @Bean
+    public PasswordEncoder passwordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
+
 }

src/main/java/ce3/wbc/controller/ChefController.java

@@ -1,18 +1,49 @@
 package ce3.wbc.controller;
 
+import ce3.wbc.controller.rto.request.ChefCreate;
+import ce3.wbc.controller.rto.response.ChefRes;
+import ce3.wbc.dto.ChefDto;
 import ce3.wbc.service.ChefService;
+import jakarta.validation.Valid;
 import lombok.RequiredArgsConstructor;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.MediaType;
 import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.ui.Model;
+import org.springframework.web.bind.annotation.*;
+import org.springframework.web.multipart.MultipartFile;
+
+import java.util.List;
+import java.util.Map;
 
 @Controller
-@RequestMapping("wbs/chefs")
+@RequestMapping("/chefs")
 @RequiredArgsConstructor
 public class ChefController {
 
     private final ChefService chefService;
 
+    @GetMapping
+    public String getAllChefs(Model model) {
+        List<ChefRes> chefs = chefService.getAllChefs();
+        model.addAttribute("chefs", chefs);
+        return "main";
+    }
 
+    @GetMapping("/groupedByCategory")
+    public String getChefsGroupedByCategory(Model model) {
+        Map<String, List<ChefRes>> groupedChefs = chefService.getChefsGroupedByCategory();
+        model.addAttribute("groupedChefs", groupedChefs);
+        return "groupedByCategory";
+    }
 
+    @ResponseStatus(HttpStatus.CREATED)
+    @ResponseBody
+    @PostMapping(value = "/create", consumes = {MediaType.APPLICATION_JSON_VALUE, MediaType.MULTIPART_FORM_DATA_VALUE})
+    public ChefRes createChef (@RequestPart(value = "chefCreate") @Valid ChefCreate chefCreate,
+                               @RequestPart(value = "file", required = false) MultipartFile file) {
 
-}
+        ChefDto chefDto = chefService.saveChef(ChefCreate.toChefDto(chefCreate), file);
+        return ChefRes.toResponse(chefDto);
+    }
+}

src/main/java/ce3/wbc/controller/CommentController.java

@@ -1,15 +1,92 @@
 package ce3.wbc.controller;
 
+import java.util.List;
+import java.util.stream.Collectors;
+
+import ce3.wbc.security.WbcUserDetails;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.security.core.annotation.AuthenticationPrincipal;
+import org.springframework.stereotype.Controller;
+import org.springframework.validation.BindingResult;
+import org.springframework.web.bind.annotation.*;
+import ce3.wbc.controller.rto.request.CommentReq;
+import ce3.wbc.controller.rto.request.CommentUpdateReq;
+import ce3.wbc.controller.rto.response.CommentRes;
+import ce3.wbc.dto.CommentDto;
+import ce3.wbc.dto.UserDto;
 import ce3.wbc.service.CommentService;
+import ce3.wbc.service.RestaurantService;
+import ce3.wbc.service.UserService;
+import jakarta.validation.Valid;
 import lombok.RequiredArgsConstructor;
-import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.annotation.RequestMapping;
+
 
 @Controller
-@RequestMapping("wbs/replies")
+@RequestMapping("replies")
 @RequiredArgsConstructor
 public class CommentController {
 
     private final CommentService commentService;
+    private final RestaurantService restaurantService;
+    private final UserService userService;
+
+    /************************************************** 댓글 등록 **************************************************/
+    @PostMapping 
+    public ResponseEntity<Void> registerComment(@RequestBody @Valid CommentReq commentReq,
+                                                BindingResult bindingResult,
+                                                @AuthenticationPrincipal WbcUserDetails wbcUser) {
+		// 댓글과 별점
+	    String content = commentReq.getCommContent();
+	    String star = commentReq.getCommStar();
+
+	    UserDto userDto = UserDto.toDto(wbcUser.getUser());
+
+	    // 식당
+        Integer restId = commentReq.getRestId();
+
+        // 댓글 생성
+        CommentDto commentDto = CommentDto.of(content, star, restId, userDto);
+
+    	// DB에 저장
+    	commentService.addComment(commentReq, userDto);
+        return new ResponseEntity<>(HttpStatus.OK);
+    }
+
+
+    /******************************************* 댓글 조회: restaurant id *******************************************/
+    @GetMapping 
+    public ResponseEntity<List<CommentRes>> getComments(@RequestParam("restaurant") Integer restId) {        
+
+        List<CommentDto> comments = commentService.getComments(restId);
+
+        List<CommentRes> response = comments.stream()
+                .map(CommentRes::toResponse)
+                .collect(Collectors.toList());
+
+        return ResponseEntity.ok(response); // 200 
+    }
+
+    /********************************************* 댓글 수정: comment id *********************************************/
+    @PutMapping("/{commId}") 
+    public ResponseEntity<CommentRes> updateComment(@PathVariable("commId") Integer commId,
+                                                               @RequestBody @Valid CommentUpdateReq commentUpdateReq, BindingResult bindingResult) {
+    	// 요청 유효성 검사
+    	if (bindingResult.hasErrors()) {   
+	        return ResponseEntity.status(HttpStatus.BAD_REQUEST).build(); // 400                                 
+	    }
+
+        CommentDto commentDto = commentService.updateComment(commId, commentUpdateReq.getCommContent(), commentUpdateReq.getCommStar());
+        CommentRes response = CommentRes.toResponse(commentDto);
+
+        return ResponseEntity.ok(response); // 200 
+    }
+
+    /********************************************* 댓글 삭제: comment id *********************************************/
+    @DeleteMapping("/{commId}")
+    public ResponseEntity<Void> deleteComment(@PathVariable("commId") Integer commId) {
 
+            commentService.deleteComment(commId);
+            return ResponseEntity.noContent().build();
+    }
 }