feat: 인증 정보가 필요한 기능들 Required로 수정 및 인가 기능 구현 (#112)

8-Sprinters · Feb 14, 2024 · c00f120 · c00f120
1 parent 9cf43b4
commit c00f120
Show file tree

Hide file tree

Showing 10 changed files with 74 additions and 31 deletions.
diff --git a/src/main/java/com/listywave/list/application/domain/Comment.java b/src/main/java/com/listywave/list/application/domain/Comment.java
@@ -38,6 +38,10 @@ public static Comment create(ListEntity list, User user, String content) {
         return new Comment(list, user, new Content(content), false);
     }
 
+    public boolean canDeleteBy(User user) {
+        return this.user.equals(user);
+    }
+
     public void softDelete() {
         this.isDeleted = true;
     }

diff --git a/src/main/java/com/listywave/list/application/domain/ListEntity.java b/src/main/java/com/listywave/list/application/domain/ListEntity.java
@@ -196,6 +196,10 @@ public void sortItems() {
         this.getItems().sort(Comparator.comparing(Item::getRanking));
     }
 
+    public boolean canDeleteBy(User user) {
+        return this.user.equals(user);
+    }
+
     public String getCategoryName() {
         return category.name();
     }

diff --git a/src/main/java/com/listywave/list/application/domain/Reply.java b/src/main/java/com/listywave/list/application/domain/Reply.java
@@ -30,6 +30,10 @@ public class Reply extends BaseEntity {
     @Embedded
     private Content content;
 
+    public boolean canDeleteBy(User user) {
+        return this.user.equals(user);
+    }
+
     public Long getCommentId() {
         return comment.getId();
     }

diff --git a/src/main/java/com/listywave/list/application/service/CommentService.java b/src/main/java/com/listywave/list/application/service/CommentService.java
@@ -1,9 +1,11 @@
 package com.listywave.list.application.service;
 
+import static com.listywave.common.exception.ErrorCode.INVALID_ACCESS;
 import static java.util.function.Function.identity;
 import static java.util.stream.Collectors.toMap;
 
 import com.listywave.auth.application.domain.JwtManager;
+import com.listywave.common.exception.CustomException;
 import com.listywave.list.application.domain.Comment;
 import com.listywave.list.application.domain.ListEntity;
 import com.listywave.list.application.domain.Reply;
@@ -32,10 +34,9 @@ public class CommentService {
     private final ReplyRepository replyRepository;
     private final CommentRepository commentRepository;
 
-    public CommentCreateResponse create(Long listId, String content) {
-        // TODO: 프론트 단에서 댓글 생성 테스트 끝나면 원래대로 복구
-//        Long userId = jwtManager.read(accessToken);
-        User user = userRepository.getById(1L);
+    public CommentCreateResponse create(Long listId, String content, String accessToken) {
+        Long userId = jwtManager.read(accessToken);
+        User user = userRepository.getById(userId);
         ListEntity list = listRepository.getById(listId);
 
         Comment comment = Comment.create(list, user, content);
@@ -70,13 +71,16 @@ public CommentFindResponse getComments(Long listId, int size, Long cursorId) {
         return CommentFindResponse.from(totalCount, newCursorId, hasNext, result);
     }
 
-    public void delete(Long listId, Long commentId) {
-        // TODO: 프론트 단에서 댓글 생성 테스트 끝나면 원래대로 복구
-//        Long userId = jwtManager.read(accessToken);
-//        userRepository.getById(userId);
+    public void delete(Long listId, Long commentId, String accessToken) {
         listRepository.getById(listId);
-
+        Long userId = jwtManager.read(accessToken);
+        User user = userRepository.getById(userId);
         Comment comment = commentRepository.getById(commentId);
+
+        if (!comment.canDeleteBy(user)) {
+            throw new CustomException(INVALID_ACCESS, "댓글은 작성자만 지울 수 있습니다.");
+        }
+
         if (replyRepository.existsByComment(comment)) {
             comment.softDelete();
             return;

diff --git a/src/main/java/com/listywave/list/application/service/ListService.java b/src/main/java/com/listywave/list/application/service/ListService.java
@@ -1,5 +1,6 @@
 package com.listywave.list.application.service;
 
+import static com.listywave.common.exception.ErrorCode.INVALID_ACCESS;
 import static com.listywave.list.application.domain.SortType.COLLECTED;
 import static com.listywave.list.application.domain.SortType.OLD;
 
@@ -164,16 +165,20 @@ private String getImageUrlTopRankItem(List<Item> items) {
                 .orElse("");
     }
 
-    public void deleteList(Long listId) {
-        imageService.deleteAllOfListImages(listId);
-
+    public void deleteList(Long listId, String accessToken) {
         ListEntity list = listRepository.getById(listId);
+        Long loginUserId = jwtManager.read(accessToken);
+        User loginUser = userRepository.getById(loginUserId);
+
+        if (!list.canDeleteBy(loginUser)) {
+            throw new CustomException(INVALID_ACCESS, "리스트는 작성자만 삭제 가능합니다.");
+        }
 
+        imageService.deleteAllOfListImages(listId);
         collaboratorRepository.deleteAllByList(list);
         List<Comment> comments = commentRepository.findAllByList(list);
         replyRepository.deleteAllByCommentIn(comments);
         commentRepository.deleteAllInBatch(comments);
-
         listRepository.deleteById(listId);
     }
 

diff --git a/src/main/java/com/listywave/list/application/service/ReplyService.java b/src/main/java/com/listywave/list/application/service/ReplyService.java
@@ -1,6 +1,8 @@
 package com.listywave.list.application.service;
 
 import com.listywave.auth.application.domain.JwtManager;
+import com.listywave.common.exception.CustomException;
+import com.listywave.common.exception.ErrorCode;
 import com.listywave.list.application.domain.Comment;
 import com.listywave.list.application.domain.Reply;
 import com.listywave.list.application.dto.ReplyDeleteCommand;
@@ -26,10 +28,10 @@ public class ReplyService {
     private final ReplyRepository replyRepository;
     private final CommentRepository commentRepository;
 
-    public ReplyCreateResponse createReply(Long listId, Long commentId, String content) {
+    public ReplyCreateResponse createReply(Long listId, Long commentId, String content, String accessToken) {
         listRepository.getById(listId);
-//        Long writerId = jwtManager.read(accessToken); 개발 안정화까지 임의 주석 처리
-        User user = userRepository.getById(3L);
+        Long userId = jwtManager.read(accessToken);
+        User user = userRepository.getById(userId);
         Comment comment = commentRepository.getById(commentId);
 
         Reply reply = new Reply(comment, user, new Content(content));
@@ -38,14 +40,18 @@ public ReplyCreateResponse createReply(Long listId, Long commentId, String conte
         return ReplyCreateResponse.of(saved, comment, user);
     }
 
-    public void delete(ReplyDeleteCommand command) {
-//        Long writerId = jwtManager.read(command.accessToken()); 개발 안정화까지 임의 주석 처리
-//        userRepository.getById(writerId);
+    public void delete(ReplyDeleteCommand command, String accessToken) {
         listRepository.getById(command.listId());
+        Long userId = jwtManager.read(accessToken);
+        User user = userRepository.getById(userId);
         Comment comment = commentRepository.getById(command.commentId());
+        Reply reply = replyRepository.getById(command.replyId());
 
+        if (!reply.canDeleteBy(user)) {
+            throw new CustomException(ErrorCode.INVALID_ACCESS, "답글은 작성자만 삭제할 수 있습니다.");
+        }
+
         replyRepository.deleteById(command.replyId());
-
         if (!replyRepository.existsByComment(comment) && comment.isDeleted()) {
             commentRepository.delete(comment);
         }

diff --git a/src/main/java/com/listywave/list/presentation/controller/CommentController.java b/src/main/java/com/listywave/list/presentation/controller/CommentController.java
@@ -1,5 +1,6 @@
 package com.listywave.list.presentation.controller;
 
+import static org.springframework.http.HttpHeaders.AUTHORIZATION;
 import static org.springframework.http.HttpStatus.CREATED;
 
 import com.listywave.list.application.dto.response.CommentCreateResponse;
@@ -13,6 +14,7 @@
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestHeader;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
@@ -27,10 +29,10 @@ public class CommentController {
     @PostMapping
     ResponseEntity<CommentCreateResponse> create(
             @PathVariable(value = "listId") Long listId,
-//            @RequestHeader(value = "Authorization", defaultValue = "") String accessToken,
+            @RequestHeader(value = AUTHORIZATION, defaultValue = "") String accessToken,
             @RequestBody CommentCreateRequest commentCreateRequest
     ) {
-        CommentCreateResponse response = commentService.create(listId, commentCreateRequest.content());
+        CommentCreateResponse response = commentService.create(listId, commentCreateRequest.content(), accessToken);
         return ResponseEntity.status(CREATED).body(response);
     }
 
@@ -47,10 +49,10 @@ ResponseEntity<CommentFindResponse> getAllCommentsByList(
     @DeleteMapping("/{commentId}")
     ResponseEntity<Void> delete(
             @PathVariable(value = "listId") Long listId,
-//            @RequestHeader(value = "Authorization", defaultValue = "") String accessToken,
+            @RequestHeader(value = AUTHORIZATION, defaultValue = "") String accessToken,
             @PathVariable(value = "commentId") Long commentId
     ) {
-        commentService.delete(listId, commentId);
+        commentService.delete(listId, commentId, accessToken);
         return ResponseEntity.noContent().build();
     }
 }
diff --git a/src/main/java/com/listywave/list/presentation/controller/ListController.java b/src/main/java/com/listywave/list/presentation/controller/ListController.java
@@ -1,5 +1,7 @@
 package com.listywave.list.presentation.controller;
 
+import static org.springframework.http.HttpHeaders.AUTHORIZATION;
+
 import com.listywave.list.application.domain.CategoryType;
 import com.listywave.list.application.domain.SortType;
 import com.listywave.list.application.dto.ListCreateCommand;
@@ -59,8 +61,11 @@ ResponseEntity<List<ListTrandingResponse>> getTrandingList() {
     }
 
     @DeleteMapping("/{listId}")
-    ResponseEntity<Void> deleteList(@PathVariable(value = "listId") Long listId) {
-        listService.deleteList(listId);
+    ResponseEntity<Void> deleteList(
+            @PathVariable(value = "listId") Long listId,
+            @RequestHeader(value = AUTHORIZATION, defaultValue = "") String accessToken
+    ) {
+        listService.deleteList(listId, accessToken);
         return ResponseEntity.noContent().build();
     }
 

diff --git a/src/main/java/com/listywave/list/presentation/controller/ReplyController.java b/src/main/java/com/listywave/list/presentation/controller/ReplyController.java
@@ -1,5 +1,6 @@
 package com.listywave.list.presentation.controller;
 
+import static org.springframework.http.HttpHeaders.AUTHORIZATION;
 import static org.springframework.http.HttpStatus.CREATED;
 
 import com.listywave.list.application.dto.ReplyDeleteCommand;
@@ -12,6 +13,7 @@
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestHeader;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
@@ -26,22 +28,22 @@ public class ReplyController {
     ResponseEntity<ReplyCreateResponse> create(
             @PathVariable(value = "listId") Long listId,
             @PathVariable(value = "commentId") Long commentId,
-//            @RequestHeader(value = "Authorization", defaultValue = "") String accessToken,
+            @RequestHeader(value = AUTHORIZATION, defaultValue = "") String accessToken,
             @RequestBody ReplyCreateRequest request
     ) {
-        ReplyCreateResponse response = replyService.createReply(listId, commentId, request.content());
+        ReplyCreateResponse response = replyService.createReply(listId, commentId, request.content(), accessToken);
         return ResponseEntity.status(CREATED).body(response);
     }
 
     @DeleteMapping("/{replyId}")
     ResponseEntity<Void> deleteReply(
             @PathVariable(value = "listId") Long listId,
             @PathVariable(value = "commentId") Long commentId,
-            @PathVariable(value = "replyId") Long replyId
-//            @RequestHeader(value = "Authorization", defaultValue = "") String accessToken
+            @PathVariable(value = "replyId") Long replyId,
+            @RequestHeader(value = AUTHORIZATION, defaultValue = "") String accessToken
     ) {
         ReplyDeleteCommand replyDeleteCommand = new ReplyDeleteCommand(listId, commentId, replyId);
-        replyService.delete(replyDeleteCommand);
+        replyService.delete(replyDeleteCommand, accessToken);
         return ResponseEntity.noContent().build();
     }
 }
diff --git a/src/main/java/com/listywave/list/repository/reply/ReplyRepository.java b/src/main/java/com/listywave/list/repository/reply/ReplyRepository.java
@@ -1,12 +1,19 @@
 package com.listywave.list.repository.reply;
 
+import static com.listywave.common.exception.ErrorCode.RESOURCE_NOT_FOUND;
+
+import com.listywave.common.exception.CustomException;
 import com.listywave.list.application.domain.Comment;
 import com.listywave.list.application.domain.Reply;
 import java.util.List;
 import org.springframework.data.jpa.repository.JpaRepository;
 
 public interface ReplyRepository extends JpaRepository<Reply, Long>, CustomReplyRepository {
 
+    default Reply getById(Long id) {
+        return findById(id).orElseThrow(() -> new CustomException(RESOURCE_NOT_FOUND, "존재하지 않는 답글입니다."));
+    }
+
     boolean existsByComment(Comment comment);
 
     List<Reply> getAllByComment(Comment comment);