diff --git a/src/main/java/space/space_spring/config/UserSpaceValidationInterceptorURL.java b/src/main/java/space/space_spring/config/UserSpaceValidationInterceptorURL.java index 18156f8c..3ef064a7 100644 --- a/src/main/java/space/space_spring/config/UserSpaceValidationInterceptorURL.java +++ b/src/main/java/space/space_spring/config/UserSpaceValidationInterceptorURL.java @@ -6,6 +6,7 @@ public enum UserSpaceValidationInterceptorURL { //SPACE("/space/**"), TEST("/space/{spaceId}/test/**"), + VOICEROOM("/space/{spaceId}/voiceRoom/**") ; private final String urlPattern; diff --git a/src/main/java/space/space_spring/controller/VoiceRoomController.java b/src/main/java/space/space_spring/controller/VoiceRoomController.java index 281930bd..fc555a74 100644 --- a/src/main/java/space/space_spring/controller/VoiceRoomController.java +++ b/src/main/java/space/space_spring/controller/VoiceRoomController.java @@ -7,13 +7,12 @@ import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.*; import space.space_spring.argumentResolver.jwtLogin.JwtLoginAuth; +import space.space_spring.argumentResolver.userSpace.UserSpaceAuth; import space.space_spring.dao.UserSpaceDao; import space.space_spring.dao.VoiceRoomRepository; import space.space_spring.dto.VoiceRoom.*; -import space.space_spring.entity.Space; -import space.space_spring.entity.User; -import space.space_spring.entity.UserSpace; -import space.space_spring.exception.VoiceRoomException; + +import space.space_spring.exception.CustomException; import space.space_spring.response.BaseResponse; import space.space_spring.service.LiveKitService; import space.space_spring.service.VoiceRoomService; @@ -47,15 +46,15 @@ public BaseResponse createRoom( @PathVariable("spaceId") @NotNull long spaceId, @JwtLoginAuth Long userId, @Validated @RequestBody PostVoiceRoomDto.Request voiceRoomRequest, + @UserSpaceAuth String userSpaceAuth, BindingResult bindingResult){ if(bindingResult.hasErrors()){ - throw new VoiceRoomException(INVALID_VOICEROOM_REQUEST,getErrorMessage(bindingResult)); + throw new CustomException(INVALID_VOICEROOM_REQUEST,getErrorMessage(bindingResult)); } - //해당 유저가 voice이 있는 space에 포함되어 있는지(권한이 있는지) 확인 - validateIsUserInSpace(spaceId,userId); //해당 유저가 현재 space에 대해 관리자 권한을 갖고 있는지 확인 - validateManagerPermission(spaceId,userId); + validateManagerPermission(userSpaceAuth); + //Todo response 내용을 무엇을 주면 좋을지 ( POST response 전체 기능 통일 하는 것일 좋아보임 ) PostVoiceRoomDto.Response res = new PostVoiceRoomDto.Response(voiceRoomService.createVoiceRoom(spaceId,voiceRoomRequest)); return new BaseResponse<>(res); @@ -72,8 +71,6 @@ public BaseResponse getRoomList( boolean showParticipantValue = (showParticipant != null) ? showParticipant : false; - //해당 유저가, voiceRoom이 있는 space에 포함되어 있는지(권한이 있는지) 확인 - validateIsUserInSpace(spaceId,userId); GetVoiceRoomList.Request voiceRoomList=new GetVoiceRoomList.Request(limit, showParticipant); @@ -89,8 +86,7 @@ public BaseResponse getToken( @PathVariable("voiceRoomId") @NotNull Long roomId, HttpServletResponse response ){ - //해당 유저가, voiceRoom이 있는 space에 포함되어 있는지(권한이 있는지) 확인 - validateIsUserInSpace(spaceId,userId); + //해당 voiceRoomId가 존재하는지 확인 validateVoiceRoom(roomId); //해당 voiceRoom이 해당 space에 속한것이 맞는지 확인 @@ -109,8 +105,7 @@ public BaseResponse getParticipants( @JwtLoginAuth Long userId, @PathVariable("voiceRoomId") @NotNull Long roomId ){ - //해당 유저가 voice이 있는 space에 포함되어 있는지(권한이 있는지) 확인 - validateIsUserInSpace(spaceId,userId); + //해당 voiceRoomId가 존재하는지 확인 validateVoiceRoom(roomId); //해당 voiceRoom이 해당 space에 속한것이 맞는지 확인 @@ -125,16 +120,15 @@ public BaseResponse updateVoiceRoom( @PathVariable("spaceId") @NotNull long spaceId, @JwtLoginAuth Long userId, @Validated @RequestBody PatchVoiceRoom patchVoiceRoom, + @UserSpaceAuth String userSpaceAuth, BindingResult bindingResult ){ if(bindingResult.hasErrors()){ - throw new VoiceRoomException(INVALID_VOICEROOM_REQUEST,getErrorMessage(bindingResult)); + throw new CustomException(INVALID_VOICEROOM_REQUEST,getErrorMessage(bindingResult)); } - //해당 유저가 voice이 있는 space에 포함되어 있는지(권한이 있는지) 확인 - validateIsUserInSpace(spaceId,userId); //해당 유저가 현재 space에 대해 관리자 권한을 갖고 있는지 확인 - validateManagerPermission(spaceId,userId); + validateManagerPermission(userSpaceAuth); //해당 voiceRoom이 해당 space에 속한것이 맞는지 확인 for(PatchVoiceRoom.UpdateRoom updateRoom : patchVoiceRoom.getUpdateRoomList()) { validateVoiceRoomInSpace(spaceId, updateRoom.getRoomId()); @@ -149,12 +143,12 @@ public BaseResponse updateVoiceRoom( public BaseResponse deleteVoiceRoom( @PathVariable("spaceId") @NotNull long spaceId, @JwtLoginAuth Long userId, - @PathVariable("voiceRoomId") @NotNull Long voiceRoomId + @PathVariable("voiceRoomId") @NotNull Long voiceRoomId, + @UserSpaceAuth String userSpaceAuth ){ - //해당 유저가 voice이 있는 space에 포함되어 있는지(권한이 있는지) 확인 - validateIsUserInSpace(spaceId,userId); + //해당 유저가 현재 space에 대해 관리자 권한을 갖고 있는지 확인 - validateManagerPermission(spaceId,userId); + validateManagerPermission(userSpaceAuth); //해당 voiceRoom이 해당 space에 속한것이 맞는지 확인 validateVoiceRoomInSpace(spaceId, voiceRoomId); @@ -169,43 +163,29 @@ public BaseResponse postRoomStatus(){ return new BaseResponse(null); } - private void validateIsUserInSpace( Long spaceId,Long userId) { - // 유저가 스페이스에 속할 경우 exception이 터지지 않을 것임 - // 그렇지 않을 경우, USER_IS_NOT_IN_SPACE 예외가 터질 것임 -> 추후 exception handling 과정 필요 - - //현재는 스페이스 접근 권한을 일괄적으로 예외 처리 - //분리 가능성 및 효용성 검토 필요 - userSpaceUtils.isUserInSpace(userId, spaceId); - } private boolean validateVoiceRoom(long voiceRoomId){ //Todo 해당 보이스룸이 존재하는지 확인 if(!voiceRoomRepository.existsByVoiceRoomId(voiceRoomId)){ - throw new VoiceRoomException(VOICEROOM_NOT_EXIST); + throw new CustomException(VOICEROOM_NOT_EXIST); } return true; } private boolean validateVoiceRoomNameExist(String voiceRoomName){ if(!voiceRoomRepository.existsByName(voiceRoomName)){ - throw new VoiceRoomException(VOICEROOM_NAME_ALREADY_EXIST); + throw new CustomException(VOICEROOM_NAME_ALREADY_EXIST); } return true; } private boolean validateVoiceRoomInSpace(long spaceId,long voiceRoomId){ if(! (voiceRoomRepository.findById(voiceRoomId).getSpace().getSpaceId().equals(spaceId))){ - throw new VoiceRoomException(VOICEROOM_NOT_IN_SPACE); + throw new CustomException(VOICEROOM_NOT_IN_SPACE); } return true; } - private boolean validateManagerPermission(long spaceId,long userId){ + private boolean validateManagerPermission(String userSpaceAuth){ //해당 유저가 현재 space에 대해 관리자 권한을 갖고 있는지 확인 - //TODO 권한 확인 과정을 일괄적으로 처리 할 수 있는 코드가 필요해 보임 - User user = userUtils.findUserByUserId(userId); - Space space = spaceUtils.findSpaceBySpaceId(spaceId); - //이미 userSpace 존재 여부를 검사해서 null 검사는 생략함 - - if(!userSpaceDao.findUserSpaceByUserAndSpace(user,space).get().getUserSpaceAuth().toString().equals(MANAGER.getAuth())){ - System.out.print("Author :" +userSpaceDao.findUserSpaceByUserAndSpace(user,space).get().getUserSpaceAuth().toString()); - throw new VoiceRoomException(VOICEROOM_DO_NOT_HAVE_PERMISSION); + if(!userSpaceAuth.equals(MANAGER.getAuth())){ + throw new CustomException(VOICEROOM_DO_NOT_HAVE_PERMISSION); } return true; } diff --git a/src/main/java/space/space_spring/exception/VoiceRoomException.java b/src/main/java/space/space_spring/exception/VoiceRoomException.java deleted file mode 100644 index c2972b23..00000000 --- a/src/main/java/space/space_spring/exception/VoiceRoomException.java +++ /dev/null @@ -1,20 +0,0 @@ -package space.space_spring.exception; - -import lombok.Getter; -import space.space_spring.response.status.ResponseStatus; - -@Getter -public class VoiceRoomException extends RuntimeException{ - private final ResponseStatus exceptionStatus; - - public VoiceRoomException(ResponseStatus exceptionStatus) { - super(exceptionStatus.getMessage()); - this.exceptionStatus = exceptionStatus; - } - - public VoiceRoomException(ResponseStatus exceptionStatus, String message) { - super(message); - this.exceptionStatus = exceptionStatus; - } - -} diff --git a/src/main/java/space/space_spring/interceptor/UserSpaceValidationInterceptor.java b/src/main/java/space/space_spring/interceptor/UserSpaceValidationInterceptor.java index febda0d0..4b8398a0 100644 --- a/src/main/java/space/space_spring/interceptor/UserSpaceValidationInterceptor.java +++ b/src/main/java/space/space_spring/interceptor/UserSpaceValidationInterceptor.java @@ -63,7 +63,7 @@ private Long getUserSpace(long spaceId,long userId){ } Optional userSpace = userSpaceDao.findUserSpaceByUserAndSpace(userByUserId, spaceBySpaceId); Optional.ofNullable(userSpace - .orElseThrow(() -> new UserSpaceException(USER_IS_NOT_IN_SPACE))); + .orElseThrow(() -> new CustomException(USER_IS_NOT_IN_SPACE))); return userSpace.get().getUserSpaceId(); } diff --git a/src/main/java/space/space_spring/jwt/JwtLoginProvider.java b/src/main/java/space/space_spring/jwt/JwtLoginProvider.java index 7a434287..7427b8c4 100644 --- a/src/main/java/space/space_spring/jwt/JwtLoginProvider.java +++ b/src/main/java/space/space_spring/jwt/JwtLoginProvider.java @@ -5,6 +5,7 @@ import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Component; import space.space_spring.entity.User; +import space.space_spring.exception.CustomException; import space.space_spring.exception.jwt.bad_request.JwtUnsupportedTokenException; import space.space_spring.exception.jwt.unauthorized.JwtInvalidTokenException; import space.space_spring.exception.jwt.unauthorized.JwtMalformedTokenException; @@ -56,10 +57,13 @@ public boolean isExpiredToken(String accessToken) { throw new JwtMalformedTokenException(MALFORMED_TOKEN); } catch (IllegalArgumentException e) { throw new JwtInvalidTokenException(INVALID_TOKEN); - } catch (JwtException e) { + } catch (SignatureException e){ + throw new CustomException(WRONG_SIGNATURE_JWT); + }catch (JwtException e) { log.error("[JwtTokenProvider.validateAccessToken]", e); throw e; } + } public Long getUserIdFromToken(String accessToken) { diff --git a/src/main/java/space/space_spring/response/status/BaseExceptionResponseStatus.java b/src/main/java/space/space_spring/response/status/BaseExceptionResponseStatus.java index a0da73fa..e8c8f992 100644 --- a/src/main/java/space/space_spring/response/status/BaseExceptionResponseStatus.java +++ b/src/main/java/space/space_spring/response/status/BaseExceptionResponseStatus.java @@ -37,6 +37,7 @@ public enum BaseExceptionResponseStatus implements ResponseStatus { EXPIRED_TOKEN(4005, HttpStatus.UNAUTHORIZED, "만료된 토큰입니다."), TOKEN_MISMATCH(4006, HttpStatus.UNAUTHORIZED, "로그인 정보가 토큰 정보와 일치하지 않습니다."), CANNOT_FIND_USER_ID(4007, HttpStatus.UNAUTHORIZED,"토큰의 userId정보를 찾을 수 없습니다."), + WRONG_SIGNATURE_JWT(4008,HttpStatus.UNAUTHORIZED,"JWT 서명이 잘못 되었습니다."), /** * 5000: User 오류