b91d260015
## 概要 [Task1630: API実装](https://paruru.nds-tyo.co.jp:8443/tfs/ReciproCollection/fa4924a4-d079-4fab-9fb5-a9a11eb205f0/_workitems/edit/1630) - アップロード先取得APIの実行権限をチェックするためにアクセストークンに権限情報とロール情報を追加する - ログイン時に発行しているトークンにパラメータを追加 - role - ユーザーのrole情報(typist/author) - scope - 管理者権限があるか (admin/空文字) - トークン発行前にDBからユーザーの情報を取得する処理を追加 - ユーザーを取得するときにユーザーが属しているアカウントの情報も取得するようにentitiyを修正 - `findUserByExternalId`で実行されるSQL ``` SELECT `User`.`id` AS `User_id`, `User`.`external_id` AS `User_external_id`, `User`.`account_id` AS `User_account_id`, `User`.`role` AS `User_role`, `User`.`author_id` AS `User_author_id`, `User`.`accepted_terms_version` AS `User_accepted_terms_version`, `User`.`email_verified` AS `User_email_verified`, `User`.`deleted_at` AS `User_deleted_at`, `User`.`created_by` AS `User_created_by`, `User`.`created_at` AS `User_created_at`, `User`.`updated_by` AS `User_updated_by`, `User`.`updated_at` AS `User_updated_at`, `User__User_account`.`id` AS `User__User_account_id`, `User__User_account`.`parent_account_id` AS `User__User_account_parent_account_id`, `User__User_account`.`tier` AS `User__User_account_tier`, `User__User_account`.`country` AS `User__User_account_country`, `User__User_account`.`delegation_permission` AS `User__User_account_delegation_permission`, `User__User_account`.`locked` AS `User__User_account_locked`, `User__User_account`.`company_name` AS `User__User_account_company_name`, `User__User_account`.`verified` AS `User__User_account_verified`, `User__User_account`.`primary_admin_user_id` AS `User__User_account_primary_admin_user_id`, `User__User_account`.`secondary_admin_user_id` AS `User__User_account_secondary_admin_user_id`, `User__User_account`.`deleted_at` AS `User__User_account_deleted_at`, `User__User_account`.`created_by` AS `User__User_account_created_by`, `User__User_account`.`created_at` AS `User__User_account_created_at`, `User__User_account`.`updated_by` AS `User__User_account_updated_by`, `User__User_account`.`updated_at` AS `User__User_account_updated_at` FROM `users` `User` LEFT JOIN `accounts` `User__User_account` ON `User__User_account`.`id` = `User`.`account_id` WHERE ((`User`.`external_id` = ?)) AND (`User`.`id` IN (?)) -- PARAMETERS: ["B2CのID","2"] ``` ## レビューポイント - 管理者権限の有無とロールは別の概念であるため、別のパラメータとして用意したが問題なさそうか - 他の案としてscopeの中に`typist , admin`のようにして、一つのパラメータで権限チェックする? - DBから取得するデータとしてユーザーが属しているアカウント情報のすべてのカラムを取得するようにしているが、必要なカラムのみにしたほうが良いか? ## UIの変更 - Before/Afterのスクショなど - スクショ置き場 ## 動作確認状況 - 実行SQLを確認、JWTの内容を確認 ## 補足 - 相談、参考資料などがあれば
Getting Started with Create React App
This project was bootstrapped with Create React App, using the Redux and Redux Toolkit TS template.
Available Scripts
In the project directory, you can run:
npm start
Runs the app in the development mode.
Open http://localhost:3001 to view it in the browser.
The page will reload if you make edits.
You will also see any lint errors in the console.
npm test
Launches the test runner in the interactive watch mode.
See the section about running tests for more information.
npm run build
Builds the app for production to the build folder.
It correctly bundles React in production mode and optimizes the build for the best performance.
The build is minified and the filenames include the hashes.
Your app is ready to be deployed!
See the section about deployment for more information.
npm run eject
Note: this is a one-way operation. Once you eject, you can’t go back!
If you aren’t satisfied with the build tool and configuration choices, you can eject at any time. This command will remove the single build dependency from your project.
Instead, it will copy all the configuration files and the transitive dependencies (webpack, Babel, ESLint, etc) right into your project so you have full control over them. All of the commands except eject will still work, but they will point to the copied scripts so you can tweak them. At this point you’re on your own.
You don’t have to ever use eject. The curated feature set is suitable for small and middle deployments, and you shouldn’t feel obligated to use this feature. However we understand that this tool wouldn’t be useful if you couldn’t customize it when you are ready for it.
Learn More
You can learn more in the Create React App documentation.
To learn React, check out the React documentation.