TIL | 칸반보드 프로젝트 <Trollo> Guard 코드 리뷰

bubblegum·2024년 3월 25일
0

Today I learn(TIL)

목록 보기
36/84
post-thumbnail

board member guard

import {
  CanActivate,
  ExecutionContext,
  ForbiddenException,
  Injectable,
  UnauthorizedException,
} from '@nestjs/common';
import { Reflector } from '@nestjs/core';
import { InjectRepository } from '@nestjs/typeorm';
import { JwtAuthGuard } from 'src/auth/guards/jwt-auth.guard';
import { Member } from 'src/member/entities/member.entity';
import { Repository } from 'typeorm';

@Injectable()
export class BoardMemberGuard extends JwtAuthGuard implements CanActivate {
  constructor(
    @InjectRepository(Member)
    private readonly memberRepository: Repository<Member>,
    private readonly reflector: Reflector,
  ) {
    super();
  }

  async canActivate(context: ExecutionContext): Promise<boolean> {
    const authenticated = await super.canActivate(context);
    if (!authenticated) {
      throw new UnauthorizedException('인증 정보가 잘못되었습니다.');
    }

    const req = context.switchToHttp().getRequest();
    const userId = req.user.id;
    const boardId = req.params.boardId; // Convert boardId to number

    console.log('board-member-guard: userId, boardId', userId, boardId);

    const member = await this.memberRepository.findOne({
      where: { userId, boardId },
    });

    console.log('member: ', member);

    if (!member) {
      throw new ForbiddenException('해당 보드의 멤버가 아닙니다.');
    }

    return true;
  }
}

member grade guard

import {
  CanActivate,
  ExecutionContext,
  ForbiddenException,
  Injectable,
  UnauthorizedException,
} from '@nestjs/common';
import { Reflector } from '@nestjs/core';
import { InjectRepository } from '@nestjs/typeorm';
import { Repository } from 'typeorm';
import { MemberGrade } from 'src/member/type/grade.type';
import { Member } from 'src/member/entities/member.entity';
import { JwtAuthGuard } from 'src/auth/guards/jwt-auth.guard';
import { GRADES_KEY } from '../decorators/grade.decorator';

@Injectable()
export class GradesGuard extends JwtAuthGuard implements CanActivate {
  @InjectRepository(Member)
  private readonly memberRepository: Repository<Member>;

  constructor(private reflector: Reflector) {
    super();
  }

  async canActivate(context: ExecutionContext): Promise<boolean> {
    const authenticated = await super.canActivate(context);

    if (!authenticated) {
      throw new UnauthorizedException('인증 정보가 잘못되었습니다.');
    }

    const requiredGrades = this.reflector.getAllAndOverride<MemberGrade[]>(
      GRADES_KEY,
      [context.getHandler(), context.getClass()],
    );

    if (!requiredGrades) {
      return true;
    }

    const req = context.switchToHttp().getRequest();
    const userId = req.user.id;
    const user = await this.memberRepository.findOneBy({ userId: userId });
    const hasPermission = requiredGrades.some((grade) => grade === user.grade);

    if (!hasPermission) {
      throw new ForbiddenException('권한이 없습니다.');
    }

    return hasPermission;
  }
}
profile
bubblegum
황세민
이전 포스트

TIL | 칸반보드 팀프로잭트 <Trollo> 코드 리뷰 (shift Cards)

다음 포스트

TIL | 최종 팀 프로젝트 브레인스토밍

0개의 댓글

관련 채용 정보