From aba3f20924d6093445d86c1a15d099a26e2cba90 Mon Sep 17 00:00:00 2001
From: ekgns33 <ekgns00421@gmail.com>
Date: Wed, 18 Jun 2025 01:17:10 +0900
Subject: [PATCH 1/3] :sparkles: feat : add user_role constraint to prod

---
 src/main/java/org/runimo/runimo/config/SecurityConfig.java | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/main/java/org/runimo/runimo/config/SecurityConfig.java b/src/main/java/org/runimo/runimo/config/SecurityConfig.java
index 3c28387..ac598f3 100644
--- a/src/main/java/org/runimo/runimo/config/SecurityConfig.java
+++ b/src/main/java/org/runimo/runimo/config/SecurityConfig.java
@@ -29,6 +29,7 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
             )
             .authorizeHttpRequests(authorize -> authorize
                 .requestMatchers("/api/v1/auth/**").permitAll()
+                .requestMatchers("/api/v1/users/**").hasAnyRole("USER", "ADMIN")
                 .requestMatchers("/checker/**").permitAll()
                 .requestMatchers(("/error")).permitAll()
                 .anyRequest().authenticated()

From f8ee820d2e29d1b27003669cc0cb2c985ebd6eac Mon Sep 17 00:00:00 2001
From: ekgns33 <ekgns00421@gmail.com>
Date: Wed, 18 Jun 2025 01:22:24 +0900
Subject: [PATCH 2/3] :hammer: chore : add excluding endpoints of actuator

---
 src/main/resources/application.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
index d570837..fa6c959 100644
--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
@@ -97,6 +97,7 @@ management:
     web:
       exposure:
         include: health,info,prometheus
+        exclude: env,heapdump,threaddump
   prometheus:
     metrics:
       export:

From 4f7833319744576af6a9c7199ed63fb24ec5c80c Mon Sep 17 00:00:00 2001
From: ekgns33 <ekgns00421@gmail.com>
Date: Wed, 18 Jun 2025 01:23:05 +0900
Subject: [PATCH 3/3] :sparkles: feat : allow actuator-endpoint for `prod`

---
 src/main/java/org/runimo/runimo/config/SecurityConfig.java | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/main/java/org/runimo/runimo/config/SecurityConfig.java b/src/main/java/org/runimo/runimo/config/SecurityConfig.java
index ac598f3..fc85d17 100644
--- a/src/main/java/org/runimo/runimo/config/SecurityConfig.java
+++ b/src/main/java/org/runimo/runimo/config/SecurityConfig.java
@@ -31,6 +31,7 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
                 .requestMatchers("/api/v1/auth/**").permitAll()
                 .requestMatchers("/api/v1/users/**").hasAnyRole("USER", "ADMIN")
                 .requestMatchers("/checker/**").permitAll()
+                .requestMatchers("/actuator/**").permitAll()
                 .requestMatchers(("/error")).permitAll()
                 .anyRequest().authenticated()
             )