From 1c04daa5d3203d468b7dcf6a6243917c12369ce4 Mon Sep 17 00:00:00 2001 From: koomchang Date: Sat, 23 Nov 2024 18:41:05 +0900 Subject: [PATCH] =?UTF-8?q?feat:=20=EC=BD=94=EC=8A=A4=20=EC=82=AC=EC=9A=A9?= =?UTF-8?q?=EC=9E=90=20=ED=99=95=EC=9D=B8=20=EA=B6=8C=ED=95=9C=EC=97=90?= =?UTF-8?q?=EC=84=9C=20admin=EC=9D=80=20=EB=AA=A8=EB=91=90=20=ED=86=B5?= =?UTF-8?q?=EA=B3=BC=ED=95=A0=20=EC=88=98=20=EC=9E=88=EB=8F=84=EB=A1=9D=20?= =?UTF-8?q?=EC=84=A4=EC=A0=95=20#163?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- backend/src/admin/admin.module.ts | 2 ++ backend/src/admin/guard/AdminGuard.ts | 13 ++++++++----- backend/src/course/course.module.ts | 18 ++++++++++++++++-- .../src/course/guards/CoursePermissionGuard.ts | 12 ++++++++++-- 4 files changed, 36 insertions(+), 9 deletions(-) diff --git a/backend/src/admin/admin.module.ts b/backend/src/admin/admin.module.ts index 19205da6..d32983a4 100644 --- a/backend/src/admin/admin.module.ts +++ b/backend/src/admin/admin.module.ts @@ -22,5 +22,7 @@ import { AuthModule } from '@src/auth/auth.module'; }, ]), ], + providers: [AdminGuard], + exports: [AdminGuard], }) export class AdminModule {} diff --git a/backend/src/admin/guard/AdminGuard.ts b/backend/src/admin/guard/AdminGuard.ts index f10d2180..290b465f 100644 --- a/backend/src/admin/guard/AdminGuard.ts +++ b/backend/src/admin/guard/AdminGuard.ts @@ -11,14 +11,17 @@ export class AdminGuard extends JwtAuthGuard { if (!isAuthenticated) { return false; } - - const request = context.switchToHttp().getRequest(); - const user = request.user; - - if (!user || user.role !== UserRole.ADMIN) { + if (!this.isAdmin(context)) { throw new AuthorizationException('관리자 권한이 없습니다.'); } return true; } + + isAdmin(context: ExecutionContext): boolean { + const request = context.switchToHttp().getRequest(); + const user = request.user; + + return user?.role === UserRole.ADMIN; + } } diff --git a/backend/src/course/course.module.ts b/backend/src/course/course.module.ts index 28b018c9..62bbdf25 100644 --- a/backend/src/course/course.module.ts +++ b/backend/src/course/course.module.ts @@ -6,10 +6,24 @@ import { CourseRepository } from './course.repository'; import { PlaceModule } from '../place/place.module'; import { TypeOrmModule } from '@nestjs/typeorm'; import { CoursePlace } from '@src/course/entity/course-place.entity'; +import { AdminGuard } from '@src/admin/guard/AdminGuard'; +import { CoursePermissionGuard } from '@src/course/guards/CoursePermissionGuard'; +import { AdminModule } from '@src/admin/admin.module'; @Module({ - imports: [UserModule, PlaceModule, TypeOrmModule.forFeature([CoursePlace])], + imports: [ + UserModule, + PlaceModule, + AdminModule, + TypeOrmModule.forFeature([CoursePlace]), + ], controllers: [CourseController], - providers: [CourseService, CourseRepository], + providers: [ + CourseService, + CourseRepository, + CoursePermissionGuard, + AdminGuard, + ], + exports: [CoursePermissionGuard], }) export class CourseModule {} diff --git a/backend/src/course/guards/CoursePermissionGuard.ts b/backend/src/course/guards/CoursePermissionGuard.ts index 266e8b9c..fcf9dc63 100644 --- a/backend/src/course/guards/CoursePermissionGuard.ts +++ b/backend/src/course/guards/CoursePermissionGuard.ts @@ -1,16 +1,24 @@ import { CanActivate, ExecutionContext, Injectable } from '@nestjs/common'; import { CourseService } from '../course.service'; import { CoursePermissionException } from '../exception/CoursePermissionException'; +import { AdminGuard } from '@src/admin/guard/AdminGuard'; @Injectable() export class CoursePermissionGuard implements CanActivate { - constructor(private readonly courseService: CourseService) {} + constructor( + private readonly adminGuard: AdminGuard, + private readonly courseService: CourseService, + ) {} async canActivate(context: ExecutionContext): Promise { + const isAdmin = this.adminGuard.isAdmin(context); + if (isAdmin) { + return true; + } + const request = context.switchToHttp().getRequest(); const courseId = Number(request.params.id); const userId = Number(request.user.userId); - const courseOwnerId = await this.courseService.getCourseOwnerId(courseId); if (courseOwnerId !== userId) { throw new CoursePermissionException(courseId);