Skip to content

Commit

Permalink
feat: 관리자 권한 확인 API 구현 (#259)
Browse files Browse the repository at this point in the history 
* feat: 관리자 권한 확인 API 구현

* backend-pull-request workflow 파일 수정

* feat: HTTP Method를 POST에서 GET으로 변경
  • Loading branch information
@3Juhwan
3Juhwan authored Aug 8, 2024
1 parent fae2b74 commit 940b2db
Show file tree
Hide file tree
Showing 4 changed files with 141 additions and 82 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/backend-pull-request.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ on:

jobs:
build:
runs-on: [ self-hosted, backend-dev ]
runs-on: [ ubuntu-latest ]

defaults:
run:
Expand Down
31 changes: 31 additions & 0 deletions server/src/docs/asciidoc/event.adoc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -163,3 +163,34 @@ operation::deleteAllMemberActionByName[snippets="path-parameters,http-request,ht
}
]
----

=== 행사 어드민 권한 확인

operation::authenticateEvent[snippets="http-request,http-response,request-cookies"]
==== [.red]#Exceptions#

[source,json,options="nowrap"]
----
[
{
"code": "EVENT_NOT_FOUND",
"message": "존재하지 않는 행사입니다."
},
{
"code": "TOKEN_NOT_FOUND",
"message": "토큰이 존재하지 않습니다."
},
{
"code": "TOKEN_EXPIRED",
"message": "만료된 토큰입니다."
},
{
"code": "TOKEN_INVALID",
"message": "유효하지 않은 토큰입니다."
},
{
"code": "FORBIDDEN",
"message": "접근할 수 없는 행사입니다."
}
]
----
5 changes: 5 additions & 0 deletions server/src/main/java/server/haengdong/presentation/EventController.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -90,6 +90,11 @@ public ResponseEntity<Void> loginEvent(
.build();
}

@GetMapping("/api/events/{eventId}/auth")
public ResponseEntity<Void> authenticate(@PathVariable("eventId") String token) {
return ResponseEntity.ok().build();
}

private ResponseCookie createResponseCookie(String token) {
return ResponseCookie.from(authService.getTokenName(), token)
.httpOnly(cookieProperties.httpOnly())
Expand Down
185 changes: 104 additions & 81 deletions server/src/test/java/server/haengdong/docs/EventControllerDocsTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -71,27 +71,27 @@ void saveEvent() throws Exception {
given(authService.getTokenName()).willReturn("eventToken");

mockMvc.perform(post("/api/events")
.contentType(MediaType.APPLICATION_JSON)
.content(requestBody))
.contentType(MediaType.APPLICATION_JSON)
.content(requestBody))
.andDo(print())
.andExpect(status().isOk())
.andExpect(cookie().value("eventToken", "jwtToken"))
.andExpect(jsonPath("$.eventId").value("쿠키 토큰"))
.andDo(
document("createEvent",
preprocessRequest(prettyPrint()),
preprocessResponse(prettyPrint()),
requestFields(
fieldWithPath("eventName").type(JsonFieldType.STRING).description("행사 이름"),
fieldWithPath("password").type(JsonFieldType.STRING).description("행사 비밀 번호")
),
responseFields(
fieldWithPath("eventId").type(JsonFieldType.STRING)
.description("행사 ID")
),
responseCookies(
cookieWithName("eventToken").description("행사 관리자용 토큰")
)
preprocessRequest(prettyPrint()),
preprocessResponse(prettyPrint()),
requestFields(
fieldWithPath("eventName").type(JsonFieldType.STRING).description("행사 이름"),
fieldWithPath("password").type(JsonFieldType.STRING).description("행사 비밀 번호")
),
responseFields(
fieldWithPath("eventId").type(JsonFieldType.STRING)
.description("행사 ID")
),
responseCookies(
cookieWithName("eventToken").description("행사 관리자용 토큰")
)
)
);
}
Expand All @@ -109,14 +109,14 @@ void findEventTest() throws Exception {
.andExpect(jsonPath("$.eventName").value("행동대장 회식"))
.andDo(
document("getEvent",
preprocessRequest(prettyPrint()),
preprocessResponse(prettyPrint()),
pathParameters(
parameterWithName("eventId").description("행사 ID")
),
responseFields(
fieldWithPath("eventName").type(JsonFieldType.STRING).description("행사 이름")
)
preprocessRequest(prettyPrint()),
preprocessResponse(prettyPrint()),
pathParameters(
parameterWithName("eventId").description("행사 ID")
),
responseFields(
fieldWithPath("eventName").type(JsonFieldType.STRING).description("행사 이름")
)
)
);
}
Expand All @@ -135,15 +135,15 @@ void findAllMembersTest() throws Exception {
.andExpect(jsonPath("$.memberNames[1]").value("쿠키"))
.andDo(
document("findAllEventMember",
preprocessRequest(prettyPrint()),
preprocessResponse(prettyPrint()),
pathParameters(
parameterWithName("eventId").description("행사 ID")
),
responseFields(
fieldWithPath("memberNames").type(JsonFieldType.ARRAY)
.description("행사 참여자 목록")
)
preprocessRequest(prettyPrint()),
preprocessResponse(prettyPrint()),
pathParameters(
parameterWithName("eventId").description("행사 ID")
),
responseFields(
fieldWithPath("memberNames").type(JsonFieldType.ARRAY)
.description("행사 참여자 목록")
)
)
);
}
Expand All @@ -156,25 +156,25 @@ void updateMember() throws Exception {
String requestBody = objectMapper.writeValueAsString(memberUpdateRequest);

mockMvc.perform(put("/api/events/{eventId}/members/{memberName}", token, "변경 전 이름")
.cookie(EVENT_COOKIE)
.contentType(MediaType.APPLICATION_JSON)
.content(requestBody))
.cookie(EVENT_COOKIE)
.contentType(MediaType.APPLICATION_JSON)
.content(requestBody))
.andDo(print())
.andExpect(status().isOk())
.andDo(
document("updateEventMemberName",
preprocessRequest(prettyPrint()),
preprocessResponse(prettyPrint()),
pathParameters(
parameterWithName("eventId").description("행사 ID"),
parameterWithName("memberName").description("참여자 이름")
),
requestCookies(
cookieWithName("eventToken").description("행사 관리자 토큰")
),
requestFields(
fieldWithPath("name").type(JsonFieldType.STRING).description("수정할 참여자 이름")
)
preprocessRequest(prettyPrint()),
preprocessResponse(prettyPrint()),
pathParameters(
parameterWithName("eventId").description("행사 ID"),
parameterWithName("memberName").description("참여자 이름")
),
requestCookies(
cookieWithName("eventToken").description("행사 관리자 토큰")
),
requestFields(
fieldWithPath("name").type(JsonFieldType.STRING).description("수정할 참여자 이름")
)
)
);
}
Expand All @@ -189,25 +189,25 @@ void loginEvent() throws Exception {
given(authService.getTokenName()).willReturn("eventToken");

mockMvc.perform(post("/api/events/{eventId}/login", token)
.contentType(MediaType.APPLICATION_JSON)
.content(requestBody))
.contentType(MediaType.APPLICATION_JSON)
.content(requestBody))
.andDo(print())
.andExpect(cookie().value("eventToken", "jwtToken"))
.andExpect(status().isOk())
.andDo(
document("eventLogin",
preprocessRequest(prettyPrint()),
preprocessResponse(prettyPrint()),
pathParameters(
parameterWithName("eventId").description("행사 ID")
),
requestFields(
fieldWithPath("password").type(JsonFieldType.STRING)
.description("행사 비밀 번호")
),
responseCookies(
cookieWithName("eventToken").description("행사 관리자용 토큰")
)
preprocessRequest(prettyPrint()),
preprocessResponse(prettyPrint()),
pathParameters(
parameterWithName("eventId").description("행사 ID")
),
requestFields(
fieldWithPath("password").type(JsonFieldType.STRING)
.description("행사 비밀 번호")
),
responseCookies(
cookieWithName("eventToken").description("행사 관리자용 토큰")
)
)
);
}
Expand All @@ -225,7 +225,7 @@ void findActions() throws Exception {
given(eventService.findActions(token)).willReturn(actionAppResponses);

mockMvc.perform(get("/api/events/{eventId}/actions", token)
.accept(MediaType.APPLICATION_JSON))
.accept(MediaType.APPLICATION_JSON))
.andDo(print())
.andExpect(status().isOk())
.andExpect(jsonPath("$.steps[0].type").value(equalTo("IN")))
Expand Down Expand Up @@ -255,25 +255,48 @@ void findActions() throws Exception {

.andDo(
document("findActions",
preprocessRequest(prettyPrint()),
preprocessResponse(prettyPrint()),
pathParameters(
parameterWithName("eventId").description("행사 ID")
),
responseFields(
fieldWithPath("steps[].type").type(JsonFieldType.STRING)
.description("액션 유형 [BILL, IN, OUT]"),
fieldWithPath("steps[].members").type(JsonFieldType.ARRAY)
.description("해당 step에 참여한 참여자 목록"),
fieldWithPath("steps[].actions[].actionId").type(JsonFieldType.NUMBER)
.description("액션 ID"),
fieldWithPath("steps[].actions[].name").type(JsonFieldType.STRING)
.description("참여자 액션일 경우 참여자 이름, 지출 액션일 경우 지출 내역 이름"),
fieldWithPath("steps[].actions[].price").type(JsonFieldType.NUMBER).optional()
.description("참여자 액션일 경우 null, 지출 액션일 경우 지출 금액"),
fieldWithPath("steps[].actions[].sequence").type(JsonFieldType.NUMBER)
.description("액션 순서")
)
preprocessRequest(prettyPrint()),
preprocessResponse(prettyPrint()),
pathParameters(
parameterWithName("eventId").description("행사 ID")
),
responseFields(
fieldWithPath("steps[].type").type(JsonFieldType.STRING)
.description("액션 유형 [BILL, IN, OUT]"),
fieldWithPath("steps[].members").type(JsonFieldType.ARRAY)
.description("해당 step에 참여한 참여자 목록"),
fieldWithPath("steps[].actions[].actionId").type(JsonFieldType.NUMBER)
.description("액션 ID"),
fieldWithPath("steps[].actions[].name").type(JsonFieldType.STRING)
.description("참여자 액션일 경우 참여자 이름, 지출 액션일 경우 지출 내역 이름"),
fieldWithPath("steps[].actions[].price").type(JsonFieldType.NUMBER).optional()
.description("참여자 액션일 경우 null, 지출 액션일 경우 지출 금액"),
fieldWithPath("steps[].actions[].sequence").type(JsonFieldType.NUMBER)
.description("액션 순서")
)
)
);
}

@DisplayName("행사 어드민 권한을 확인한다.")
@Test
void authenticateTest() throws Exception {
String token = "TOKEN";
mockMvc.perform(get("/api/events/{eventId}/auth", token)
.cookie(EVENT_COOKIE))
.andDo(print())
.andExpect(status().isOk())

.andDo(
document("authenticateEvent",
preprocessRequest(prettyPrint()),
preprocessResponse(prettyPrint()),
pathParameters(
parameterWithName("eventId").description("행사 ID")
),
requestCookies(
cookieWithName("eventToken").description("행사 관리자 토큰").optional()
)
)
);
}
Expand Down

0 comments on commit 940b2db

Please sign in to comment.