Skip to content

Commit 18f9d0d

Browse files
CSE-ShacoCSE-Shaco
committed
feat(recruit): User Role 변경에 따른 권한 수정
1 parent 67e9860 commit 18f9d0d

File tree

2 files changed

+5
-5
lines changed

2 files changed

+5
-5
lines changed

src/main/java/inha/gdgoc/domain/core/recruit/controller/CoreRecruitController.java

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -52,7 +52,7 @@ public ResponseEntity<ApiResponse<CreateResponse, Void>> create(
5252
description = "전체 목록 또는 이름 검색 결과를 반환합니다.",
5353
security = { @SecurityRequirement(name = "BearerAuth") }
5454
)
55-
@PreAuthorize("hasRole('ADMIN')")
55+
@PreAuthorize("hasAnyRole('LEAD', 'ORGANIZER', 'ADMIN')")
5656
@GetMapping("/applicants")
5757
public ResponseEntity<ApiResponse<java.util.List<CoreRecruitApplicantSummaryResponse>, PageMeta>> getApplicants(
5858
@Parameter(description = "검색어(이름 부분 일치). 없으면 전체 조회", example = "홍길동")
@@ -89,7 +89,7 @@ public ResponseEntity<ApiResponse<java.util.List<CoreRecruitApplicantSummaryResp
8989
summary = "코어 리쿠르트 지원자 상세 조회",
9090
security = { @SecurityRequirement(name = "BearerAuth") }
9191
)
92-
@PreAuthorize("hasRole('ADMIN')")
92+
@PreAuthorize("hasAnyRole('LEAD', 'ORGANIZER', 'ADMIN')")
9393
@GetMapping("/applicants/{id}")
9494
public ResponseEntity<ApiResponse<CoreRecruitApplicantDetailResponse, Void>> getApplicant(
9595
@PathVariable Long id

src/main/java/inha/gdgoc/domain/recruit/controller/RecruitMemberController.java

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -85,7 +85,7 @@ public ResponseEntity<ApiResponse<CheckPhoneNumberResponse, Void>> duplicatedPho
8585
}
8686

8787
@Operation(summary = "특정 멤버 가입 신청서 조회", security = {@SecurityRequirement(name = "BearerAuth")})
88-
@PreAuthorize("hasRole('ADMIN')")
88+
@PreAuthorize("hasAnyRole('LEAD','ORGANIZER','ADMIN') or T(inha.gdgoc.domain.user.enums.TeamType).HR == principal.team")
8989
@GetMapping("/recruit/members/{memberId}")
9090
public ResponseEntity<ApiResponse<SpecifiedMemberResponse, Void>> getSpecifiedMember(
9191
@PathVariable Long memberId
@@ -100,7 +100,7 @@ public ResponseEntity<ApiResponse<SpecifiedMemberResponse, Void>> getSpecifiedMe
100100
description = "설정하려는 상태(NOT 현재 상태)를 body에 보내주세요. true=입금 완료, false=입금 미완료",
101101
security = { @SecurityRequirement(name = "BearerAuth") }
102102
)
103-
@PreAuthorize("hasRole('ADMIN')")
103+
@PreAuthorize("hasAnyRole('LEAD','ORGANIZER','ADMIN') or T(inha.gdgoc.domain.user.enums.TeamType).HR == principal.team")
104104
@PatchMapping("/recruit/members/{memberId}/payment")
105105
public ResponseEntity<ApiResponse<Void, Void>> updatePayment(
106106
@PathVariable Long memberId,
@@ -122,7 +122,7 @@ public ResponseEntity<ApiResponse<Void, Void>> updatePayment(
122122
description = "전체 목록 또는 이름 검색 결과를 반환합니다. 검색어(question)를 주면 이름 포함 검색, 없으면 전체 조회. sort랑 dir은 example 값 그대로 코딩하는 것 추천...",
123123
security = { @SecurityRequirement(name = "BearerAuth") }
124124
)
125-
@PreAuthorize("hasRole('ADMIN')")
125+
@PreAuthorize("hasAnyRole('LEAD','ORGANIZER','ADMIN') or T(inha.gdgoc.domain.user.enums.TeamType).HR == principal.team")
126126
@GetMapping("/recruit/members")
127127
public ResponseEntity<ApiResponse<List<RecruitMemberSummaryResponse>, PageMeta>> getMembers(
128128
@Parameter(description = "검색어(이름 부분 일치). 없으면 전체 조회", example = "소연")

0 commit comments

Comments
 (0)