♻️ [버킷리스트] JWT, 변수 타입 일치 등 리팩토링, [쪽지] 송신인만 삭제가능

src/main/java/com/example/moyeothon/Controller/BucketController.java

@@ -1,6 +1,5 @@
 package com.example.moyeothon.Controller;
 
-
 import com.example.moyeothon.DTO.BucketDto.RequestDto;
 import com.example.moyeothon.DTO.BucketDto.ResponseDto;
 import com.example.moyeothon.Service.BucketService;
@@ -23,48 +22,46 @@
 public class BucketController {
     private final BucketService bucketService;
 
+    // 버킷리스트 추가
     @Operation(summary = "bucketList 추가")
-    @PostMapping("/bucket/create/{userId}")
-    public ResponseEntity<ResponseDto> addBucket(@Validated @PathVariable Long userId ,
-                                                 @RequestBody RequestDto requestDto){
-
-        ResponseDto responseDto = bucketService.addBucket(requestDto, userId);
-        return ResponseEntity.ok(responseDto);
+    @PostMapping("/bucket/create/{uid}")
+    public ResponseEntity<ResponseDto> addBucket(@Validated @RequestBody RequestDto requestDto, @PathVariable String uid, @AuthenticationPrincipal UserDetails userDetails){
+        return ResponseEntity.ok(bucketService.addBucket(requestDto, uid, userDetails));
     }
 
+    // id로 버킷리스트 조회
     @Operation(summary = "bucketList 상세보기")
-    @GetMapping("/bucket/{bucketId}/{userId}")
-    public ResponseEntity<ResponseDto> getBucket(@Validated  @PathVariable Long bucketId, @PathVariable(required = false) Long userId){
-        return ResponseEntity.ok(bucketService.getBucket(bucketId,userId));
+    @GetMapping("/bucket/{uid}/{bucketId}")
+    public ResponseEntity<ResponseDto> getBucket(@Validated  @PathVariable Long bucketId, @PathVariable(required = false) String uid, @AuthenticationPrincipal UserDetails userDetails){
+        return ResponseEntity.ok(bucketService.getBucket(bucketId, uid, userDetails));
     }
 
+    // 버킷리스트 삭제
     @Operation(summary = "bucketList 삭제하기")
-    @DeleteMapping("/bucket/{userId}/{bucketId}")
-    public ResponseEntity<String> deleteBucket(@PathVariable Long userId, @PathVariable Long bucketId) {
-        bucketService.deleteBucket(bucketId, userId);
-        return ResponseEntity.ok("삭제가 성공했습니다.");
+    @DeleteMapping("/bucket/{uid}/{bucketId}")
+    public ResponseEntity<ResponseDto> deleteBucket(@PathVariable Long bucketId, @PathVariable String uid, @AuthenticationPrincipal UserDetails userDetails) {
+        return ResponseEntity.ok(bucketService.deleteBucket(bucketId, uid, userDetails));
     }
 
-
+    // 버킷리스트 수정
     @Operation(summary = "bucketList 수정하기")
-    @PutMapping("/bucket/{userId}/{bucketId}")
-    public ResponseEntity<ResponseDto> updateBucket(@Validated @PathVariable Long userId,
-                                                    @PathVariable Long bucketId,
-                                                    @RequestBody RequestDto requestDto){
-        return ResponseEntity.ok(bucketService.updateBucket(bucketId, userId, requestDto));
+    @PutMapping("/bucket/{uid}/{bucketId}")
+    public ResponseEntity<ResponseDto> updateBucket(@Validated @PathVariable Long bucketId, @PathVariable String uid, @RequestBody RequestDto requestDto, @AuthenticationPrincipal UserDetails userDetails){
+        return ResponseEntity.ok(bucketService.updateBucket(bucketId, uid, requestDto, userDetails));
     }
 
+    // 해당 유저 버킷리스트 전체 조회
     @Operation(summary = "유저의 bucketList 전체 조회")
-    @GetMapping("/user/bucket/{userId}")
-    public ResponseEntity<List<ResponseDto>> getAllUserBucket(@Validated @PathVariable Long userId){
-        return ResponseEntity.ok(bucketService.getUserAllBucket(userId));
-
+    @GetMapping("/user/bucket/{uid}")
+    public ResponseEntity<List<ResponseDto>> getAllUserBucket(@Validated @PathVariable String uid, @AuthenticationPrincipal UserDetails userDetails){
+        return ResponseEntity.ok(bucketService.getUserAllBucket(uid, userDetails));
     }
 
+    // 버킷리스트 전체 조회
     @Operation(summary = "모든 bucketList 보기")
-    @GetMapping("/bucket/all/{userId}")
-    public ResponseEntity<List<ResponseDto>> getAllBucket(@Validated @PathVariable Long userId){
-        return ResponseEntity.ok(bucketService.getAllBucket(userId));
+    @GetMapping("/bucket/all/{uid}")
+    public ResponseEntity<List<ResponseDto>> getAllBucket(@Validated @PathVariable String uid, @AuthenticationPrincipal UserDetails userDetails){
+        return ResponseEntity.ok(bucketService.getAllBucket(uid, userDetails));
     }
 
     // 제목, 내용 키워드별로 버킷리스트 검색하기

src/main/java/com/example/moyeothon/Repository/BucketRepository.java

@@ -9,6 +9,6 @@
 
 @Repository
 public interface BucketRepository extends JpaRepository <BucketlistEntity, Long> {
-    List<BucketlistEntity> findByUserId(Long userId);
+    List<BucketlistEntity> findByUser_Uid(String uid);
     List<BucketlistEntity> findByTitleContainingIgnoreCaseOrContentContainingIgnoreCase(String title, String content);
 }

src/main/java/com/example/moyeothon/Service/BucketService.java

@@ -25,76 +25,79 @@ public class BucketService {
     private final UserRepository userRepository;
     private final BucketRepository bucketRepository;
 
-    public ResponseDto addBucket(RequestDto requestDto, Long userId){
-        UserEntity user = userRepository.findById(userId)
-                .orElseThrow(() -> new IllegalArgumentException("유저 ID가 맞지 않습니다."));
-
+    // 버킷리스트 추가
+    public ResponseDto addBucket(RequestDto requestDto, String uid, UserDetails userDetails){
+        if (!userDetails.getUsername().equals(uid)) {
+            throw new RuntimeException("인증되지 않은 유저입니다.");
+        }
+        UserEntity user = userRepository.findByUid(uid);
         BucketlistEntity bucket = bucketRepository.save(new BucketlistEntity(requestDto, user));
         return new ResponseDto(bucket);
     }
 
-    public ResponseDto getBucket(Long id, Long userId){
-        BucketlistEntity bucketList = bucketRepository.findById(id)
-                .orElseThrow(()->new IllegalArgumentException("bucketId에 맞는 버킷리스트를 찾을 수 없습니다."));
-
-        if (!bucketList.isPublic() && !bucketList.getUser().getId().equals(userId)) {
+    // id로 버킷리스트 조회
+    public ResponseDto getBucket(Long id, String uid, UserDetails userDetails){
+        if (!userDetails.getUsername().equals(uid)) {
+            throw new RuntimeException("인증되지 않은 유저입니다.");
+        }
+        BucketlistEntity bucketList = bucketRepository.findById(id).orElseThrow();
+        if (!bucketList.isPublic() && !bucketList.getUser().getUid().equals(uid)) {
             throw new RuntimeException("해당 버킷리스트에 접근 권한이 없습니다.");
         }
         return new ResponseDto(bucketList);
     }
 
-    public void  deleteBucket(Long id, Long userId){
-        // 버킷리스트 조회
-        BucketlistEntity bucketList = bucketRepository.findById(id)
-                .orElseThrow(() -> new IllegalArgumentException("bucket Id에 맞는 버킷리스트를 찾을 수 없습니다."));
-
-        // 사용자 권한 확인 후 삭제 또는 예외 발생
-        if (bucketList.getUser().getId().equals(userId)) {
-            bucketRepository.deleteById(id);
-        } else {
+    // 버킷리스트 삭제
+    public ResponseDto deleteBucket(Long id, String uid, UserDetails userDetails){
+        if (!userDetails.getUsername().equals(uid)) {
+            throw new RuntimeException("인증되지 않은 유저입니다.");
+        }
+        BucketlistEntity bucketList = bucketRepository.findById(id).orElseThrow();
+        if (!bucketList.getUser().getUid().equals(uid)) {
             throw new AccessDeniedException("권한이 없는 유저입니다.");
         }
+        bucketRepository.deleteById(id);
+        return new ResponseDto(bucketList);
     }
 
-    public ResponseDto updateBucket(Long id, Long userId, RequestDto requestDto){
-        BucketlistEntity bucketList = bucketRepository.findById(id)
-                .orElseThrow(() -> new IllegalArgumentException("bucket Id에 맞는 버킷리스트를 찾을 수 없습니다."));
-
-        if(bucketList.getUser().getId().equals(userId)){
-            bucketList.update(requestDto);
-        }else{
+    // 버킷리스트 수정
+    public ResponseDto updateBucket(Long id, String uid, RequestDto requestDto, UserDetails userDetails){
+        if (!userDetails.getUsername().equals(uid)) {
+            throw new RuntimeException("인증되지 않은 유저입니다.");
+        }
+        BucketlistEntity bucketList = bucketRepository.findById(id).orElseThrow();
+        if(!bucketList.getUser().getUid().equals(uid)){
             throw new AccessDeniedException("권환이 없는 유저입니다.");
-
         }
+        bucketList.update(requestDto);
         return new ResponseDto(bucketList);
     }
 
-    public List<ResponseDto> getUserAllBucket(Long userId){
-        UserEntity user = userRepository.findById(userId)
-                .orElseThrow(()-> new IllegalArgumentException("userId가 맞지 않습니다."));
-
-        List<BucketlistEntity> bucketlistEntityList = bucketRepository.findByUserId(userId);
+    // 해당 유저 버킷리스트 전체 조회
+    public List<ResponseDto> getUserAllBucket(String uid, UserDetails userDetails){
+        if (!userDetails.getUsername().equals(uid)) {
+            throw new RuntimeException("인증되지 않은 유저입니다.");
+        }
+        List<BucketlistEntity> bucketlistEntityList = bucketRepository.findByUser_Uid(uid);
         List<ResponseDto> responseDtoList = new ArrayList<>();
         for(BucketlistEntity bucket : bucketlistEntityList){
-
             responseDtoList.add(new ResponseDto(bucket));
-
         }
         return responseDtoList;
-
     }
 
-    public List<ResponseDto> getAllBucket(Long userId) {
+    // 버킷리스트 전체 조회
+    public List<ResponseDto> getAllBucket(String uid, UserDetails userDetails) {
+        if (!userDetails.getUsername().equals(uid)) {
+            throw new RuntimeException("인증되지 않은 유저입니다.");
+        }
         List<BucketlistEntity> bucketlistEntityList = bucketRepository.findAll();
         List<ResponseDto> responseDtoList = new ArrayList<>();
-
         for (BucketlistEntity bucket : bucketlistEntityList) {
-            // 버킷리스트가 공개 상태이거나, 비공개 상태일 때 userId와 작성자 ID가 같을 때만 추가
-            if (bucket.isPublic() || (userId != null && bucket.getUser().getId().equals(userId))) {
+            if (bucket.isPublic() || (bucket.getUser().getUid().equals(uid))) {
                 responseDtoList.add(new ResponseDto(bucket));
             }
         }
-
         return responseDtoList;
     }
 

src/main/java/com/example/moyeothon/Service/MessageService.java

@@ -59,6 +59,9 @@ public MessageDTO readMessage(Long messageId, String uid, UserDetails userDetail
             throw new RuntimeException("인증되지 않은 유저입니다.");
         }
         MessageEntity messageEntity = messageRepository.findById(messageId).orElseThrow();
+        if (!messageEntity.getSender().getUid().equals(uid)) {
+            throw new RuntimeException("해당 유저의 쪽지가 아닙니다.");
+        }
         messageEntity.setStatus(MessageStatus.읽음);
         messageRepository.save(messageEntity);
         logger.info("쪽지 상태 변경 성공!");
@@ -71,6 +74,9 @@ public MessageDTO deleteMessage(Long messageId, String uid, UserDetails userDeta
             throw new RuntimeException("인증되지 않은 유저입니다.");
         }
         MessageEntity messageEntity = messageRepository.findById(messageId).orElseThrow();
+        if (!messageEntity.getSender().getUid().equals(uid)) {
+            throw new RuntimeException("해당 유저의 쪽지가 아닙니다.");
+        }
         messageEntity.setStatus(MessageStatus.삭제됨);
         messageRepository.save(messageEntity);
         logger.info("쪽지 삭제 성공!");