aop로 권한 적용되게 추가

src/main/java/com/no1/wms/account/AccountController.java

@@ -22,6 +22,7 @@ public class AccountController {
 
     @Autowired
     AccountService accountService;
+
     @Autowired
     AuthorityService authorityService;
 
@@ -75,6 +76,7 @@ public class AccountController {
         return mav;
     }
 
+
     @PostMapping("/update_process")
     @ResponseBody
     public String updateProcess(@RequestBody Map<String, Object> data, Gson gson){
@@ -99,6 +101,15 @@ public class AccountController {
         return gson.toJson("s");
     }
 
+    @PostMapping("/delete_process")
+    @ResponseBody
+    public String deleteProcess(AccountDto dto, Gson gson){
+        accountService.delete(dto);
+
+        return gson.toJson("s");
+    }
+
+
     @PostMapping("/show_modal")
     public ModelAndView showModal(ModelAndView mav, @RequestParam(defaultValue = "") String search,
                                   @RequestParam(defaultValue = "0") int start, @RequestParam String name){

src/main/java/com/no1/wms/account/AccountMapper.java

@@ -28,5 +28,7 @@ public interface AccountMapper {
 
     int resetPassword(AccountDto dto);
 
+    int delete(AccountDto dto);
 
+    AccountDto selectByLogin(AccountDto dto);
 }

src/main/java/com/no1/wms/account/AccountService.java

@@ -61,6 +61,12 @@ public class AccountService {
         return mapper.resetPassword(dto);
     }
 
+    int delete(AccountDto dto){
+        return mapper.delete(dto);
+    }
 
+    public AccountDto selectByLogin(AccountDto dto){
+           return mapper.selectByLogin(dto);
+    }
 
 }

src/main/java/com/no1/wms/base/AuthAspect.java

@@ -0,0 +1,133 @@
+package com.no1.wms.base;
+
+import com.no1.wms.account.AccountDto;
+import com.no1.wms.account.AccountService;
+import com.no1.wms.authority.AuthorityDto;
+import com.no1.wms.authority.AuthorityService;
+import lombok.Getter;
+import org.aspectj.lang.JoinPoint;
+import org.aspectj.lang.ProceedingJoinPoint;
+import org.aspectj.lang.annotation.Around;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.annotation.Before;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+import org.springframework.web.context.request.ServletWebRequest;
+import org.springframework.web.servlet.ModelAndView;
+import org.springframework.web.servlet.ModelAndViewDefiningException;
+import org.springframework.web.servlet.view.RedirectView;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import java.util.HashMap;
+import java.util.Objects;
+
+@Aspect
+@Component
+public class AuthAspect {
+
+
+
+    @Around("execution(* com.no1.wms.*.*Controller.*(..))")
+    public Object before(ProceedingJoinPoint joinPoint) throws Throwable {
+        ServletRequestAttributes sa = (ServletRequestAttributes)RequestContextHolder.currentRequestAttributes();
+        HttpServletRequest request = sa.getRequest();
+        HttpServletResponse response = sa.getResponse();
+        HttpSession session = request.getSession();
+        HashMap<String, AuthData> auth = (HashMap<String, AuthData>) session.getAttribute("authSession");
+        if(auth == null){
+            auth = test(request);
+        }
+        String targetController = joinPoint.getTarget().toString().toLowerCase();
+        String[] list = targetController.split("\\.");
+
+        String packageName = list[3];
+        if(packageName.equals("login")) {
+            return joinPoint.proceed();
+        }
+
+
+
+        if(session.getAttribute("userData") == null){
+            response.sendRedirect("/login");
+            return joinPoint.proceed();
+        }
+
+
+
+        AuthData authData = auth.get(packageName);
+        if(packageName.equals("base")){
+            return joinPoint.proceed();
+        }else if( authData != null ){
+            String methodName = joinPoint.getSignature().getName().toLowerCase();
+            if((methodName.startsWith("list") || methodName.startsWith("read")) && !authData.read){
+                throw new Exception();
+            }else if(methodName.startsWith("create") && !authData.create){
+                throw new Exception();
+            }else if(methodName.startsWith("update") && !authData.update){
+                throw new Exception();
+            }else if(methodName.startsWith("delete") && !authData.delete){
+                throw new Exception();
+            }
+
+        }else{
+            throw new Exception();
+        }
+
+        return joinPoint.proceed();
+    }
+    @Autowired
+    AccountService accountService;
+    @Autowired
+    AuthorityService authorityService;
+
+    private HashMap<String, AuthData> test(HttpServletRequest request){
+        AccountDto data = new AccountDto();
+        AuthorityDto authDto = new AuthorityDto();
+        data.setPassword("11232");
+        data.setEmployeeNumber("11232");
+        HttpSession session = request.getSession();
+
+        AccountDto dto = accountService.selectByLogin(data);
+        if(dto.getPassword().equals(data.getPassword())){
+            authDto.setId(dto.getPersonalAuthorityId());
+            authDto = authorityService.selectById(authDto);
+            session.setAttribute("userData", dto);
+            HashMap<String, AuthData> auth = new HashMap<>();
+            auth.put("account", getAuthArrayFromInt(authDto.getAccount()));
+            auth.put("authority", getAuthArrayFromInt(authDto.getAuthority()));
+            auth.put("category",getAuthArrayFromInt(authDto.getProductCategory()));
+            auth.put("product",getAuthArrayFromInt(authDto.getProduct()));
+            auth.put("price",getAuthArrayFromInt(authDto.getPrices())); //prices
+            auth.put("vendor",getAuthArrayFromInt(authDto.getVendor()));
+            auth.put("warehouse",getAuthArrayFromInt(authDto.getWarehouse()));
+            auth.put("stock",getAuthArrayFromInt(authDto.getStock()));
+            auth.put("in",getAuthArrayFromInt(authDto.getProductIn())); //prodcut_in
+            auth.put("out",getAuthArrayFromInt(authDto.getProductOut())); //product_out
+            auth.put("board",getAuthArrayFromInt(authDto.getBoard()));
+            session.setAttribute("authSession", auth);
+            return auth;
+        }
+        return null;
+    }
+    private AuthData getAuthArrayFromInt(int value){
+        AuthData data = new AuthData();
+        if( (value & 1) > 0){
+            data.setDelete(true);
+        }
+        if( (value & 2) > 0){
+            data.setUpdate(true);
+        }
+        if( (value & 4) > 0){
+            data.setCreate(true);
+        }
+        if( (value & 8) > 0){
+            data.setRead(true);
+        }
+
+        return data;
+    }
+}

src/main/java/com/no1/wms/base/AuthData.java

@@ -0,0 +1,12 @@
+package com.no1.wms.base;
+
+import lombok.Data;
+
+@Data
+public class AuthData {
+
+    boolean read = false;
+    boolean create = false;
+    boolean update = false;
+    boolean delete = false;
+}

src/main/java/com/no1/wms/base/BaseController.java

@@ -1,12 +1,30 @@
 package com.no1.wms.base;
 
+import com.no1.wms.account.AccountDto;
+import com.no1.wms.account.AccountService;
+import com.no1.wms.authority.AuthorityDto;
+import com.no1.wms.authority.AuthorityService;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.servlet.ModelAndView;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
+import java.util.HashMap;
 
 @Controller
 public class BaseController {
+
     @GetMapping("/")
-    public String base(){
-        return "base/hello";
+    public ModelAndView base(HttpServletRequest request, ModelAndView mav){
+
+        mav.addObject("userData", request.getSession().getAttribute("userData"));
+
+        mav.setViewName("base/hello");
+
+        return mav;
     }
+
+
 }

src/main/java/com/no1/wms/base/WebConfig.java

@@ -4,12 +4,14 @@ package com.no1.wms.base;
 import org.mybatis.spring.annotation.MapperScan;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.EnableAspectJAutoProxy;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 import org.springframework.web.servlet.view.tiles3.TilesConfigurer;
 import org.springframework.web.servlet.view.tiles3.TilesView;
 import org.springframework.web.servlet.view.tiles3.TilesViewResolver;
 
 @Configuration
+@EnableAspectJAutoProxy
 public class WebConfig implements WebMvcConfigurer {
 
     @Bean

src/main/java/com/no1/wms/login/LoginController.java

@@ -1,15 +1,86 @@
 package com.no1.wms.login;
 
+import com.google.gson.Gson;
+import com.no1.wms.account.AccountDto;
+import com.no1.wms.account.AccountService;
+import com.no1.wms.authority.AuthorityDto;
+import com.no1.wms.authority.AuthorityService;
+import com.no1.wms.base.AuthData;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpRequest;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.ResponseBody;
 import org.springframework.web.servlet.ModelAndView;
 
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
+import java.util.HashMap;
+
 @Controller
 public class LoginController {
+
+    @Autowired
+    AccountService accountService;
+
+    @Autowired
+    AuthorityService authorityService;
+
     @GetMapping("/login")
-    public ModelAndView login(ModelAndView mav){
-        mav.setViewName("login");
-        return mav;
+    public String loginPage(){
+        return "login";
+    }
+
+
+
+
+    @PostMapping("/login/check_password")
+    @ResponseBody
+    public String login(AccountDto data, AuthorityDto authDto, Gson gson,  HttpServletRequest request){
+        HttpSession session = request.getSession();
+
+        AccountDto dto = accountService.selectByLogin(data);
+        if(dto.getPassword().equals(data.getPassword())){
+            authDto.setId(dto.getPersonalAuthorityId());
+            authDto = authorityService.selectById(authDto);
+            session.setAttribute("userData", dto);
+            HashMap<String, AuthData> auth = new HashMap<>();
+            auth.put("account", getAuthArrayFromInt(authDto.getAccount()));
+            auth.put("authority", getAuthArrayFromInt(authDto.getAuthority()));
+            auth.put("category",getAuthArrayFromInt(authDto.getProductCategory()));
+            auth.put("product",getAuthArrayFromInt(authDto.getProduct()));
+            auth.put("price",getAuthArrayFromInt(authDto.getPrices())); //prices
+            auth.put("vendor",getAuthArrayFromInt(authDto.getVendor()));
+            auth.put("warehouse",getAuthArrayFromInt(authDto.getWarehouse()));
+            auth.put("stock",getAuthArrayFromInt(authDto.getStock()));
+            auth.put("in",getAuthArrayFromInt(authDto.getProductIn())); //prodcut_in
+            auth.put("out",getAuthArrayFromInt(authDto.getProductOut())); //product_out
+            auth.put("board",getAuthArrayFromInt(authDto.getBoard()));
+            session.setAttribute("authSession", auth);
+            return gson.toJson("s");
+        }
+
+        return gson.toJson("f");
+    }
+
+    private AuthData getAuthArrayFromInt(int value){
+        AuthData data = new AuthData();
+        if( (value & 1) > 0){
+            data.setDelete(true);
+        }
+        if( (value & 2) > 0){
+            data.setUpdate(true);
+        }
+        if( (value & 4) > 0){
+            data.setCreate(true);
+        }
+        if( (value & 8) > 0){
+            data.setRead(true);
+        }
+
+        return data;
     }
 
 }