🐜 fix: 권한 검증 로직에서 접두사 누락으로 ROLE 비교가 안되는 문제 해결

d6nggyun · web-flow · commit af5104fee7bd · 2025-11-24T23:32:44.000+09:00
diff --git a/src/main/java/inu/codin/codinticketingapi/security/util/SecurityUtil.java b/src/main/java/inu/codin/codinticketingapi/security/util/SecurityUtil.java
@@ -3,7 +3,6 @@
 import inu.codin.codinticketingapi.security.exception.SecurityErrorCode;
 import inu.codin.codinticketingapi.security.exception.SecurityException;
 import inu.codin.codinticketingapi.security.jwt.TokenUserDetails;
-import io.jsonwebtoken.JwtException;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
 
@@ -90,7 +89,9 @@ public static boolean isAuthenticated() {
     public static boolean hasRole(String role) {
         try {
             String currentRole = getCurrentUserRole();
-            return role.equals(currentRole);
+            String withPrefix = role.startsWith("ROLE_") ? role : "ROLE_" + role;
+
+            return role.equals(currentRole) || withPrefix.equals(currentRole);
         } catch (SecurityException e) {
             return false;
         }
