From e85f0b4f9696a26fc0e18a3d61673719093d53e5 Mon Sep 17 00:00:00 2001 From: Seok93 Date: Thu, 17 Oct 2024 14:54:50 +0900 Subject: [PATCH] =?UTF-8?q?Fix:=20#224=20=ED=94=84=EB=A1=9C=EC=A0=9D?= =?UTF-8?q?=ED=8A=B8=20=EA=B4=80=EB=A0=A8=20=EC=A0=95=EB=B3=B4=20=EC=A1=B0?= =?UTF-8?q?=ED=9A=8C=EC=84=B1=20=EB=A1=9C=EC=A7=81=EC=9D=80=20=ED=8C=80?= =?UTF-8?q?=EC=97=90=20=EC=86=8D=ED=95=98=EB=8A=94=EA=B0=80=EB=A1=9C=20?= =?UTF-8?q?=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/mocks/services/statusServiceHandler.ts | 12 ++++++-- src/mocks/services/taskServiceHandler.ts | 32 ++++++++++++++++------ 2 files changed, 32 insertions(+), 12 deletions(-) diff --git a/src/mocks/services/statusServiceHandler.ts b/src/mocks/services/statusServiceHandler.ts index 55a9bdb7..9bfc6966 100644 --- a/src/mocks/services/statusServiceHandler.ts +++ b/src/mocks/services/statusServiceHandler.ts @@ -4,8 +4,10 @@ import { createProjectStatus, deleteProjectStatus, findAllProjectStatus, + findProject, findProjectStatus, findProjectUser, + findTeamUser, reorderStatusByProject, updateProjectStatus, } from '@mocks/mockAPI'; @@ -29,9 +31,13 @@ const statusServiceHandler = [ const userId = convertTokenToUserId(accessToken); if (!userId) return new HttpResponse(null, { status: 401 }); - // 유저의 프로젝트 접근 권한 확인 - const projectUser = findProjectUser(projectId, userId); - if (!projectUser) return new HttpResponse(null, { status: 403 }); + // 프로젝트 정보 취득 + const project = findProject(projectId); + if (!project) return new HttpResponse(null, { status: 404 }); + + // 유저의 팀 접근 권한 확인 + const teamUser = findTeamUser(projectId, userId); + if (!teamUser) return new HttpResponse(null, { status: 403 }); // 프로젝트의 모든 상태 정보 조회 const statuses = findAllProjectStatus(projectId).sort((a, b) => a.sortOrder - b.sortOrder); diff --git a/src/mocks/services/taskServiceHandler.ts b/src/mocks/services/taskServiceHandler.ts index f2505156..57d7ca6b 100644 --- a/src/mocks/services/taskServiceHandler.ts +++ b/src/mocks/services/taskServiceHandler.ts @@ -16,10 +16,12 @@ import { findAllTask, findAllTaskFile, findAssignee, + findProject, findProjectStatus, findProjectUser, findRole, findTask, + findTeamUser, findUser, reorderTaskByStatus, saveTaskFileInMemory, @@ -49,9 +51,13 @@ const taskServiceHandler = [ const userId = convertTokenToUserId(accessToken); if (!userId) return new HttpResponse(null, { status: 401 }); - // 유저의 프로젝트 접근 권한 확인 - const projectUser = findProjectUser(projectId, userId); - if (!projectUser) return new HttpResponse(null, { status: 403 }); + // 프로젝트 정보 취득 + const project = findProject(projectId); + if (!project) return new HttpResponse(null, { status: 404 }); + + // 유저의 팀 접근 권한 확인 + const teamUser = findTeamUser(projectId, userId); + if (!teamUser) return new HttpResponse(null, { status: 403 }); // 프로젝트 상태 정보 취득 const statuses = findAllProjectStatus(projectId); @@ -262,9 +268,13 @@ const taskServiceHandler = [ const userId = convertTokenToUserId(accessToken); if (!userId) return new HttpResponse(null, { status: 401 }); - // 유저의 프로젝트 접근 권한 확인 - const projectUser = findProjectUser(projectId, userId); - if (!projectUser) return new HttpResponse(null, { status: 403 }); + // 프로젝트 정보 취득 + const project = findProject(projectId); + if (!project) return new HttpResponse(null, { status: 404 }); + + // 유저의 팀 접근 권한 확인 + const teamUser = findTeamUser(projectId, userId); + if (!teamUser) return new HttpResponse(null, { status: 403 }); // 일정 수행자 (유저/일정 ID) 정보 취득 const taskUsers = findAllAssignee(taskId); @@ -302,9 +312,13 @@ const taskServiceHandler = [ const userId = convertTokenToUserId(accessToken); if (!userId) return new HttpResponse(null, { status: 401 }); - // 유저의 프로젝트 접근 권한 확인 - const projectUser = findProjectUser(projectId, userId); - if (!projectUser) return new HttpResponse(null, { status: 403 }); + // 프로젝트 정보 취득 + const project = findProject(projectId); + if (!project) return new HttpResponse(null, { status: 404 }); + + // 유저의 팀 접근 권한 확인 + const teamUser = findTeamUser(projectId, userId); + if (!teamUser) return new HttpResponse(null, { status: 403 }); // 모든 일정 파일 정보 조회 const files = findAllTaskFile(taskId);