fix : 정산 완료 요청을 본인의 정산 요청에 대해서만 수행가능하도록 코드 수정

KUIT-Space · Aug 19, 2024 · 5fad8ec · 5fad8ec
1 parent b4a2863
commit 5fad8ec
Show file tree

Hide file tree

Showing 3 changed files with 65 additions and 4 deletions.
diff --git a/src/main/java/space/space_spring/controller/PayController.java b/src/main/java/space/space_spring/controller/PayController.java
@@ -12,15 +12,18 @@
 import space.space_spring.dto.pay.request.PostPayCompleteRequest;
 import space.space_spring.dto.pay.request.PostPayCreateRequest;
 import space.space_spring.dto.pay.response.*;
+import space.space_spring.entity.PayRequestTarget;
+import space.space_spring.entity.User;
 import space.space_spring.exception.CustomException;
 import space.space_spring.response.BaseResponse;
 import space.space_spring.service.PayService;
+import space.space_spring.util.pay.PayUtils;
+import space.space_spring.util.user.UserUtils;
 import space.space_spring.util.userSpace.UserSpaceUtils;
 
 import java.util.List;
 
-import static space.space_spring.response.status.BaseExceptionResponseStatus.INVALID_PAY_AMOUNT;
-import static space.space_spring.response.status.BaseExceptionResponseStatus.INVALID_PAY_CREATE;
+import static space.space_spring.response.status.BaseExceptionResponseStatus.*;
 import static space.space_spring.util.bindingResult.BindingResultUtils.getErrorMessage;
 
 @RestController
@@ -30,6 +33,8 @@ public class PayController {
 
     private final PayService payService;
     private final UserSpaceUtils userSpaceUtils;
+    private final UserUtils userUtils;
+    private final PayUtils payUtils;
 
     /**
      * 정산 홈 view
@@ -194,8 +199,24 @@ public BaseResponse<PostPayCompleteResponse> setPayComplete(@JwtLoginAuth Long u
         // TODO 1. 유저가 스페이스에 속하는 지 검증
         validateIsUserInSpace(userId, spaceId);
 
-        // TODO 2. 정산 타겟 유저의 정산 완료 처리
+        // TODO 2. 유저와 정산 타겟 유저가 일치하는지 검증
+        checkPayRequestTargetUser(userId, postPayCompleteRequest.getPayRequestTargetId());
+
+        // TODO 3. 정산 타겟 유저의 정산 완료 처리
         return new BaseResponse<>(payService.setPayRequestTargetToComplete(postPayCompleteRequest.getPayRequestTargetId()));
     }
 
+    private void checkPayRequestTargetUser(Long userId, Long payRequestTargetId) {
+
+        User userByUserId = userUtils.findUserByUserId(userId);
+        PayRequestTarget payRequestTargetById = payUtils.findPayRequestTargetById(payRequestTargetId);
+
+        Long realUserId = userByUserId.getUserId();
+        Long targetUserId = payRequestTargetById.getTargetUserId();
+
+        if (!realUserId.equals(targetUserId)) {
+            throw new CustomException(INVALID_PAY_REQUEST_TARGET_ID);
+        }
+    }
+
 }
diff --git a/src/main/java/space/space_spring/response/status/BaseExceptionResponseStatus.java b/src/main/java/space/space_spring/response/status/BaseExceptionResponseStatus.java
@@ -113,7 +113,10 @@ public enum BaseExceptionResponseStatus implements ResponseStatus {
      * 12000 : Pay 오류
      */
     INVALID_PAY_CREATE(12000, HttpStatus.BAD_REQUEST, "정산 생성 요청에서 잘못된 값이 존재합니다."),
-    INVALID_PAY_AMOUNT(12001, HttpStatus.BAD_REQUEST, "정산 요청 금액들의 합과 정산 요청 총 금액이 일치하지 않습니다.");
+    INVALID_PAY_AMOUNT(12001, HttpStatus.BAD_REQUEST, "정산 요청 금액들의 합과 정산 요청 총 금액이 일치하지 않습니다."),
+    PAY_REQUEST_NOT_FOUND(12002, HttpStatus.NOT_FOUND, "존재하지 않는 정산입니다."),
+    PAY_REQUEST_TARGET_NOT_FOUND(12003, HttpStatus.NOT_FOUND, "존재하지 않는 정산요청타겟 입니다"),
+    INVALID_PAY_REQUEST_TARGET_ID(12004, HttpStatus.BAD_REQUEST, "정산 요청 타겟 id의 타겟 유저가 본인과 일치하지 않습니다. 본인의 정산에 대해서만 완료처리를 할 수 있습니다.");
 
     private final int code;
     private final HttpStatus status;

diff --git a/src/main/java/space/space_spring/util/pay/PayUtils.java b/src/main/java/space/space_spring/util/pay/PayUtils.java
@@ -0,0 +1,37 @@
+package space.space_spring.util.pay;
+
+import lombok.RequiredArgsConstructor;
+import org.springframework.stereotype.Component;
+import org.springframework.transaction.annotation.Transactional;
+import space.space_spring.dao.PayDao;
+import space.space_spring.entity.PayRequest;
+import space.space_spring.entity.PayRequestTarget;
+import space.space_spring.exception.CustomException;
+
+import static space.space_spring.response.status.BaseExceptionResponseStatus.PAY_REQUEST_NOT_FOUND;
+import static space.space_spring.response.status.BaseExceptionResponseStatus.PAY_REQUEST_TARGET_NOT_FOUND;
+
+@Component
+@RequiredArgsConstructor
+public class PayUtils {
+
+    private final PayDao payDao;
+
+    @Transactional
+    public PayRequest findPayRequestById(Long id) {
+        PayRequest payRequestById = payDao.findPayRequestById(id);
+        if (payRequestById == null) {
+            throw new CustomException(PAY_REQUEST_NOT_FOUND);
+        }
+        return payRequestById;
+    }
+
+    @Transactional
+    public PayRequestTarget findPayRequestTargetById(Long id) {
+        PayRequestTarget payRequestTargetById = payDao.findPayRequestTargetById(id);
+        if (payRequestTargetById == null) {
+            throw new CustomException(PAY_REQUEST_TARGET_NOT_FOUND);
+        }
+        return payRequestTargetById;
+    }
+}