From 7ec0da87041007913d9578f2b82f2d74c9830044 Mon Sep 17 00:00:00 2001 From: koomchang Date: Wed, 20 Nov 2024 21:12:08 +0900 Subject: [PATCH] =?UTF-8?q?feat:=20=EC=9C=A0=EC=A0=80=20=EB=B3=B8=EC=9D=B8?= =?UTF-8?q?=EC=9D=B4=20=EC=95=84=EB=8B=88=EB=A9=B4=20=EC=9C=A0=EC=A0=80=20?= =?UTF-8?q?=EC=A0=95=EB=B3=B4=EB=A5=BC=20=EA=B0=80=EC=A0=B8=EC=98=AC=20?= =?UTF-8?q?=EC=88=98=20=EC=97=86=EB=8F=84=EB=A1=9D=20=EA=B6=8C=ED=95=9C=20?= =?UTF-8?q?=EB=B6=80=EC=97=AC=20#158?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../exception/CoursePermissionException.ts | 2 +- .../user/exception/UserPermissionException.ts | 11 ++++++++++ .../src/user/guards/UserPermissionGuard.ts | 20 +++++++++++++++++++ backend/src/user/user.controller.ts | 5 ++++- 4 files changed, 36 insertions(+), 2 deletions(-) create mode 100644 backend/src/user/exception/UserPermissionException.ts create mode 100644 backend/src/user/guards/UserPermissionGuard.ts diff --git a/backend/src/course/exception/CoursePermissionException.ts b/backend/src/course/exception/CoursePermissionException.ts index e19a1b2b..d848939a 100644 --- a/backend/src/course/exception/CoursePermissionException.ts +++ b/backend/src/course/exception/CoursePermissionException.ts @@ -1,4 +1,4 @@ -import { BaseException } from '../../common/exception/BaseException'; +import { BaseException } from '@src/common/exception/BaseException'; import { HttpStatus } from '@nestjs/common'; export class CoursePermissionException extends BaseException { diff --git a/backend/src/user/exception/UserPermissionException.ts b/backend/src/user/exception/UserPermissionException.ts new file mode 100644 index 00000000..145df4fd --- /dev/null +++ b/backend/src/user/exception/UserPermissionException.ts @@ -0,0 +1,11 @@ +import { BaseException } from '@src/common/exception/BaseException'; + +export class UserPermissionException extends BaseException { + constructor(id: number) { + super({ + code: 2001, + message: `id:${id} 유저에 대한 권한이 없습니다.`, + status: 403, + }); + } +} diff --git a/backend/src/user/guards/UserPermissionGuard.ts b/backend/src/user/guards/UserPermissionGuard.ts new file mode 100644 index 00000000..5ceb97ba --- /dev/null +++ b/backend/src/user/guards/UserPermissionGuard.ts @@ -0,0 +1,20 @@ +import { CanActivate, ExecutionContext, Injectable } from '@nestjs/common'; +import { UserService } from '@src/user/user.service'; +import { UserPermissionException } from '@src/user/exception/UserPermissionException'; + +@Injectable() +export class UserPermissionGuard implements CanActivate { + constructor(private readonly userService: UserService) {} + + async canActivate(context: ExecutionContext): Promise { + const request = context.switchToHttp().getRequest(); + const userId = Number(request.params.id); + const requesterId = Number(request.user.userId); + + const user = await this.userService.getUserInfo(userId); + if (user.id !== requesterId) { + throw new UserPermissionException(userId); + } + return true; + } +} diff --git a/backend/src/user/user.controller.ts b/backend/src/user/user.controller.ts index 01c9638e..2db73c62 100644 --- a/backend/src/user/user.controller.ts +++ b/backend/src/user/user.controller.ts @@ -1,11 +1,14 @@ -import { Controller, Get, Param } from '@nestjs/common'; +import { Controller, Get, Param, UseGuards } from '@nestjs/common'; import { UserService } from './user.service'; +import { JwtAuthGuard } from '@src/auth/JwtAuthGuard'; +import { UserPermissionGuard } from '@src/user/guards/UserPermissionGuard'; @Controller('users') export class UserController { constructor(private readonly userService: UserService) {} @Get('/:id') + @UseGuards(JwtAuthGuard, UserPermissionGuard) async getUserInfo(@Param('id') id: number) { return await this.userService.getUserInfo(id); }